[ISSUE] Issue with `databricks_permissions.token_usage` resource

[temi-rvo]

Configuration

This was added to an existing code that creates a Service Principal

main.tf

resource "databricks_permissions" "token_usage" {
   provider     = databricks.workspace
   authorization    = "tokens"
   access_control {
     service_principal_name = databricks_service_principal.sp.application_id
     permission_level       = "CAN_USE"
   }
}

resource "databricks_obo_token" "this" {
   provider     = databricks.workspace
   depends_on       = [databricks_permissions.token_usage]
   application_id   = databricks_service_principal.sp.application_id
   comment          = "Pxxxxxxx"
}

creates a new secret key to store the token

resource "aws_secretsmanager_secret" "hm-sp-token" {
  name = "hm-s"
} 

resource "aws_secretsmanager_secret_version" "hm-sp-token" {
  secret_id     = aws_secretsmanager_secret.hm-sp-token.id
  secret_string = databricks_obo_token.this.token_value
  depends_on       = [databricks_obo_token.this]
}

Provider.tf

terraform {

  required_version = ">= 1.4"

  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "> 3.50"
    }
    databricks = {
      source  = "databricks/databricks"
      version = "~> 1.0"
    }
  }
}

provider "aws" {
  region = "us-east-1"
}

data "aws_secretsmanager_secret" "hm_sp_client_secret" {
 name = "hm-kddkdkdk"
}

data "aws_secretsmanager_secret_version" "hm_sp_client_secret_version" {
 secret_id = data.aws_secretsmanager_secret.hm_sp_client_secret.id
}

data "aws_secretsmanager_secret" "hm_sp_client_id" {
 name = "hm-kkkkkk"
}

data "aws_secretsmanager_secret_version" "hm_sp_client_id_version" {
 secret_id = data.aws_secretsmanager_secret.hm_sp_client_id.id
}

provider "databricks" {
  alias = "workspace"
  host  = "https://xxxxxxxyyyy.cloud.databricks.com"
  client_id     = data.aws_secretsmanager_secret_version.hm_sp_client_id_version.secret_string
  client_secret = data.aws_secretsmanager_secret_version.hm_sp_client_secret_version.secret_string
}

Expected Behavior

A token is to be created and store in AWS Secrete Manager

Actual Behavior

Provider fails to create Token during apply

Steps to Reproduce

version = "~> 1.0" and also tested with "1.43.0" precisely

Is it a regression?

Debug Output

databricks_permissions.token_usage: Creating...

Error: Provider produced inconsistent result after apply

When applying changes to databricks_permissions.token_usage, provider "provider[\"registry.terraform.io/databricks/databricks\"].workspace" produced an unexpected new value: Root resource was present, but now absent.

This is a bug in the provider, which should be reported in the provider's own issue tracker.

Important Factoids

No

Would you like to implement a fix?

[nkvuong]

using databricks_permissions for token usage has some important caveats, could you check if this is related to your issue.