Comments (14)
@tcz001 want to pick this up?
from terraform-provider-databricks.
@nfx we need Service principal in scim because it's without the Admin permission by default, while Azure RBAC contributor role will be added as Admin by default and it has 2000 role assignments limitation, that's why we need this resource to be implemented
from terraform-provider-databricks.
@nfx one quick question, should we name the resource as databricks_service_principal
to follow your recent change on databricks_user
and deprecated databricks_scim_user
?
from terraform-provider-databricks.
@tcz001 , databricks_service_principal
is naming convention to go ahead with, correct. SCIM is just the name of the industry standard interface to manage identities, it shouldn't leak into resource names. Most of people would even ask first - "what is SCIM?..".
To be clear, this is what we'd expect in PR:
- resource code itself, which has 90% coverage by unit tests - see examples for
databricks_user
. you can check coverage by runningmake coverage
. - acceptance tests
- documentation (+change to
databricks_permissions
resource doc in this particular case)
from terraform-provider-databricks.
issue is old and it doesn't seem it needs any attention. closing it for now
from terraform-provider-databricks.
Hi @nfx I hope we can reopen this issue, scim_service_principal is not implemented on this provider
from terraform-provider-databricks.
why do we need to create SP through scim api? won't it simply work if SP is granted contributor role on workspace resource in Azure through either Portal UI or terraform role assignment resource?
from terraform-provider-databricks.
I have a project starting in few weeks which will need Active Directory and SCIM integration features in Terraform. I wonder whether it is possible to completely automate in Terraform the workspace creation and the AD configuration with SCIM enabled.
from terraform-provider-databricks.
@dfanesiDB , just in case, Active Directory should trigger SCIM provisioning as enterprise app, Terraform should be used only for defining groups & their permissions. And yes, it is possible to automate complete workspace, see the very first link in readme :)
from terraform-provider-databricks.
@tcz001 want to pick this up?
yes, we will try to send a PR on this
from terraform-provider-databricks.
from terraform-provider-databricks.
Changes from #386 merged in #432 and will be part of 0.3.0 release.
from terraform-provider-databricks.
As this ticket is closed, is the original requirement (below) now possible with terraform?
I would like the scim service principal resource to be implemented, with acceptance tests and documented in the website docs. https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/scim/scim-sp
Are there any docs on this? I couldn't see anything here:
There's also a question on this topic stackoverflow.
from terraform-provider-databricks.
@snowch https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/service_principal
from terraform-provider-databricks.
Related Issues (20)
- [FEATURE] Support for Feature Spec Creation for Online Table Serving
- [ISSUE] Importing databricks_metastore_assignment into terraform changes default_catalog_name
- [ISSUE] Issue with `databricks_mws_workspaces` resource when using oauth m2m and fetching workspace token HOT 5
- Limitations - Specific Case for Serverless- DBSQL Serverless has been imported as a PRO instance HOT 2
- [FEATURE] Support GitHub App authentication for `databricks_git_credential` in Terraform
- [ISSUE] Issue with `databricks_schema` resource - can not be managed after import
- [ISSUE] Issue with databricks provider
- [FEATURE] Default, provider-level tags
- [ISSUE] Issue with `databricks_grants` resource
- [ISSUE] `databricks_model_serving` updates traffic_config routes every time. HOT 1
- [FEATURE] Add data source support for databricks_mlflow_models
- [FEATURE] Create a databricks_group_members resource that can resolve configuration drift
- [DOC] Schedule in `databricks_job` is ambiguous
- [ISSUE] Issue with `databricks_permissions` resource in 1.49.0 HOT 3
- [ISSUE] Azure databricks Issue with `databricks_workspace_binding` , databricks workspace is not binded to the catalog HOT 2
- [DOC] No example for how to get databricks_ip_access_list
- [ISSUE] Issue with `databricks_storage_credential` resource isolation_mode not reflecting in databricks UI HOT 1
- [ISSUE] Issue with databricks_metastores Data Source HOT 1
- [ISSUE] Issue with renaming `databricks_catalog` resource.
- [ISSUE] Issue with `databricks_sql_table > cluster_keys` resource.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-databricks.