Add output for managed resources within the databricks workspace provider in Azurerm provider registry of Terraform

[BRLithia]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Description

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/databricks_workspace

This provider does not expose the managed storage account resouce ID which is required to create private endpoints when the storage is configured with default_storage_firewall_enabled == true to disable public access.

Update the possible outputs to include the managed storage resource ID.

New or Affected Resource(s)/Data Source(s)

azurerm_databricks_workspace

Potential Terraform Configuration

output databricks_data {
    value = { for index, workspace in azurerm_databricks_workspace.dbw :
        workspace.name => {
            id = workspace.id
            workspace_url = workspace.workspace_url
            workspace_id = workspace.workspace_id
            storage_account_identity_id = workspace.storage_account_identity
            managed_storage_id = workspace.managed_storage_id
        }
    }
}

resource "azurerm_private_endpoint" "pe_dbw_storage_blob" {
    for_each            = module.databricks_workspace.databricks_data
    name                = "pe-${each.key}_storage_blob"
    location            = azurerm_resource_group.rg.location
    resource_group_name = azurerm_resource_group.rg.name
    subnet_id           = module.network.pe_subnet_id

    private_service_connection {
      name                           = "pe-${each.key}_storage_blob"  
      private_connection_resource_id = each.value.managed_storage_id  <----- This is the need
      subresource_names              = ["blob"] 
      is_manual_connection           = false
    }

    depends_on = [
      azurerm_private_endpoint.pe_dbw_front_end
    ]
    lifecycle {
      ignore_changes = [
        tags,
      ]
    }
  }

References

No response

[BosBer]

We require the same output.

azurerm_storage_account.id for the managed-storage_account. The identity is already available in the storage_account_identity

This is required to prevent internet traffic.