search

databricks / terraform-provider-databricks

Databricks Terraform Provider
https://registry.terraform.io/providers/databricks/databricks/latest
Other
454 stars 392 forks source link

[ISSUE] Issue with `databricks_service_principal` resource #1595

Closed panselaukik closed 2 years ago

panselaukik commented 2 years ago

Configuration

terraform {
  required_version = ">=v0.14.7"
}

Expected Behavior

resource "databricks_service_principal" "service_principal_manager" {
  display_name          = "abcd"
  allow_cluster_create  = true
  databricks_sql_access = true
}

This should create a Service Principal with both the entitlements

Actual Behavior

Creates a service principal with no entitlements attached

Steps to Reproduce

Create a service principal using the resource, then check the databricks console if any entitlements are added, or use the API to get the service principals:

import requests

def get_sp(cloud_instance: str, token: str) -> list:
    endpoint = f"https://{cloud_instance}/api/2.0/preview/scim/v2/ServicePrincipals"
    headers = {
        "Authorization": f"Bearer {token}"
    }
    res = requests.get(url=endpoint, headers=headers)
    return res.json().get("Resources")

Terraform and provider versions

terraform {
  required_providers {
    databricks = {
      source  = "databricks/databricks"
      version = "1.2.0"
    }
  }
}

provider "databricks" {
  alias      = "mws"
  host       = "https://accounts.cloud.databricks.com"
  account_id = var.account-id
  username   = var.databricks-username
  password   = var.databricks-password
}
nkvuong commented 2 years ago

@panselaukik the account SCIM API don't support setting entitlements (as those are only applicable to workspaces)

We have just added databricks_entitlements resource to address that gap

panselaukik commented 2 years ago

@nkvuong the databricks_entitlements resource fixed the issue, Thankyou so much