Creates a service principal: a non-human identity for automation, jobs, integrations, and pipelines.
CREATE SERVICE PRINCIPAL [IF NOT EXISTS] <name> [COMMENT '<description>']## Overview CREATE SERVICE PRINCIPAL registers a non-human principal in the RBAC catalog. Service principals are granted roles like users, but they are intended for headless automation: pipelines, schedulers, external integrations. ## Behavior - Without IF NOT EXISTS, creating a service principal that already exists raises an error. - The service principal starts with no role assignments. Use GRANT ROLE to give it the privileges it needs. - There is no ALTER SERVICE PRINCIPAL command. Attribute changes (such as comments) are not supported through SQL after creation; the catalog entry is immutable except for role membership. - Authentication credentials for the service principal are managed outside this command, typically by the Control Plane's secret store. ## Access Control Requires the `ManageUsers` privilege. ## Compatibility DeltaForge extension.
| Name | Type | Description |
|---|---|---|
name | Specifies the service principal name. | |
comment | Optional human-readable description. | |
if_not_exists | When true, succeed silently if a service principal with this name already exists. |
CREATE SERVICE PRINCIPAL etl_runner COMMENT 'Nightly ETL pipeline runner';CREATE SERVICE PRINCIPAL IF NOT EXISTS etl_runner;