Comments (4)
no, it's not related to #2543 - warehouses have their own permissions
from terraform-provider-databricks.
I am encountering an simliar issue, where terraform apply
shows changes every time it is run, even though no actual code/config modifications are being made.
Code:
variable "data_products" {
description = "List of all data products with their respective attributes."
type = list(object({
id = string
repo_url = string
group_name_prefix = string
}))
}
resource "databricks_permissions" "data_products_general_shared_autoscaling" {
for_each = {
for product in var.data_products : product.id => product
}
cluster_id = databricks_cluster.general_shared_autoscaling.id
access_control {
group_name = "${each.value.group_name_prefix}_MANAGE"
permission_level = "CAN_RESTART"
}
access_control {
group_name = "${each.value.group_name_prefix}_EDIT"
permission_level = "CAN_RESTART"
}
access_control {
group_name = "${each.value.group_name_prefix}_RUN"
permission_level = "CAN_RESTART"
}
access_control {
group_name = "${each.value.group_name_prefix}_MANAGE"
permission_level = "CAN_ATTACH_TO"
}
access_control {
group_name = "${each.value.group_name_prefix}_EDIT"
permission_level = "CAN_ATTACH_TO"
}
access_control {
group_name = "${each.value.group_name_prefix}_RUN"
permission_level = "CAN_ATTACH_TO"
}
}
Terminal
Plan: 0 to add, 5 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
from terraform-provider-databricks.
I'm also seeing this state drift occur. I am working on migrating basic-auth
--> oauth-m2m
. All existing resources are owned by the root admin user, and I'm trying to now manage via a Service Principal.
from terraform-provider-databricks.
hey @nkvuong, do you have any insight into fixing this? I tried going back a few versions but still was having this issue. The trouble is that I have existing resources that I can't easily destroy/recreate so I can't go back that far. I'm currently I'm just using a lifecycle
to ignore the diffs. Not ideal, but 🤷
resource "databricks_permissions" "endpoint_usage" {
sql_endpoint_id = databricks_sql_endpoint.endpoint.id
access_control {
group_name = var.company_group_name
permission_level = "CAN_USE"
}
lifecycle {
# https://github.com/databricks/terraform-provider-databricks/issues/3730
ignore_changes = [
access_control
]
}
}
Also, any chance underlying issue is related to #2543? I'm using databricks_permissions
to manage a sql_warehouse
, not a cluster
, but I assuming they're somewhat related.
from terraform-provider-databricks.
Related Issues (20)
- [Exporter] Exclude serving endpoints for foundational models provided by Databricks HOT 1
- [ISSUE] Issue with `databricks_external_location` resource - cannot create `read_only` external locations
- [ISSUE] Identity not found error when switching to Managed Identity as authentication type
- [ISSUE] Issue with `databricks_storage_credential` resource with MSI. 500 Internal Server Error HOT 1
- [FEATURE] databricks_quality_monitor sql dashboard run as permissions
- [ISSUE] Issue with `databricks_mws_workspaces` resource with SA and oauth2 HOT 7
- [DOC] In databricks_schema data resource there is a misspelling in the example.
- [ISSUE] Issue with `databricks_metastore_assignment` resource
- [ISSUE] Issue with `databricks_pipeline` resource after migrating it to Go SDK
- [ISSUE] Provider wants to redeploy `databricks_entitlements` when importing it
- [ISSUE] Issues with `Quality Monitor` resource
- [FEATURE] Add support for table constraints
- [ISSUE] Empty lines or tabs inside SQL query of view definition will trigger redeployment of `databricks_sql_table` resource
- [ISSUE] Tables with struct subcolumns which have dot in their name are redeployed on `databricks_sql_table` resource
- [ISSUE] Changes to databricks_job.notebook_task.base_parameters block escape drift detection
- [ISSUE] Identity not found with `databricks_storage_credential` HOT 1
- [ISSUE] databricks_workspace_binding produces inconsistent final plan error when changing catalog name HOT 1
- [FEATURE] Add dedicated `databricks_git_folder` resource and deprecate `databricks_repo`
- [ISSUE] Issue with `databricks_job` resource `timeout_seconds` argument
- [ISSUE] Provider wants to redeploy `databricks_permissions` when importing it HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-databricks.