resource "databricks_grant" "external_location_admin" {
provider = databricks.workspace
external_location = databricks_external_location.catalog_location.id
principal = var.admin_group_display_name
privileges = ["ALL_PRIVILEGES"]
}
resource "databricks_grant" "external_location_user" {
provider = databricks.workspace
external_location = databricks_external_location.catalog_location.id
principal = var.regular_group_display_name
privileges = ["READ_FILES"]
# add depends_on to try to avoid the Error: cannot create grant: permissions for external_location-sandbox-dev-location are &{[{sandbox_workspace_users [READ_FILES] [Principal]}]}, but have to be {[{sandbox_workspace_admins [ALL_PRIVILEGES] []}]}
# but this does not work...
depends_on = [databricks_grant.external_location_admin]
}
Expected Behavior
add the two databricks_grant normally.
Actual Behavior
│ Error: cannot create grant: permissions for external_location-sandbox-dev-location are &{[{sandbox_workspace_admins [ALL_PRIVILEGES] [Principal]}]}, but have to be {[{sandbox_workspace_users [READ_FILES] []}]}
│
│ with databricks_grant.external_location_user,
│ on main.tf line 199, in resource "databricks_grant" "external_location_user":
│ 199: resource "databricks_grant" "external_location_user" {
│
Steps to Reproduce
simply applying the tf above with calling it in parallel using Terragrunt.
(these errors look like to be solved by rerunning terragrunt apply multiple times.)
Configuration
Expected Behavior
add the two databricks_grant normally.
Actual Behavior
Steps to Reproduce
simply applying the tf above with calling it in parallel using Terragrunt. (these errors look like to be solved by rerunning
terragrunt applymultiple times.)grantsbut it failed as well... https://github.com/databricks/terraform-provider-databricks/issues/4162Terraform and provider versions
Is it a regression?
Debug Output
Important Factoids
Would you like to implement a fix?