[FEATURE] Allow `user_name` as an argument for `databricks_group_member` resource

[VPAI-Bixal]

Use-cases

Currently the databricks_group_member resource only allows for the addition of users by using their member_id. As the member_id is a random INT created by Databricks this can be difficult to retrieve. One can use a databricks_user datablock, but in cases where Databricks uses Okta for provisioning and de-provisioning there can be cases where this data lookup fails.

Attempted Solutions

We attempted to use the databricks_group data block to retrieve a list of what member_id belonged to what user_name but this data block does not show user_name so does not help resolve our problem.

Proposal

If user_name could be used then a local block can be used, with a try() function, that would allow for group membership additions based on email with a null variable used if the user does not exist.

[alexott]

What about using databricks_user data source?

[VPAI-Bixal]

What about using databricks_user data source?

@alexott I should give some extra context as that is what we are currently doing. We use the a databricks_user data block and then dot reference the member_id from its output.

The trouble is that we provision our users via Okta based on another system. When we had SCIM via Okta de-provision our users we would run into Terraform errors if Okta blipped and briefly removed our user. Because of this we had to disable de-provisioning via Okta, which is not ideal.

So if we could use the user_name with the Terraform try() function we think we could work around the cases where Okta was de-provisioning users by failing to a null resource if the user doesn't exist when adding to groups.