Is there a way to determine if an already existing Azure Databricks Secret Scope is backed by Key Vault or Databricks via a python notebook? dbutils.secrets.listScopes() does not output this. Assume that I have Manage permissions on the scope.
(Unfortunately, Google didn't help)
You can do it either via Secrets REST API - if you use List Secret Scopes API, then backend_type field shows the backend - Datbricks or KeyVault. From notebook you can do it with following code:
import requests
ctx = dbutils.notebook.entry_point.getDbutils().notebook().getContext()
host_name = ctx.tags().get("browserHostName").get()
host_token = "your_PAT_token"
cluster_id = ctx.tags().get("clusterId").get()
response = requests.get(
f'https://{host_name}/api/2.0/secrets/scopes/list',
headers={'Authorization': f'Bearer {host_token}'}
).json()
scopes = dict([(s['name'], s.get('backend_type', 'DATABRICKS'))
for s in response['scopes']])
backend = scopes['scope-name']
Or you can do the same via databricks-cli, using the databricks secrets list-scopes command (see docs)