Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ISSUE] Cannot update permissions for workspace: Cannot remove admins's CAN_MANAGE permission #2134

Closed
mrpowerus opened this issue Mar 20, 2023 · 0 comments · Fixed by #2158
Closed

[ISSUE] Cannot update permissions for workspace: Cannot remove admins's CAN_MANAGE permission #2134

mrpowerus opened this issue Mar 20, 2023 · 0 comments · Fixed by #2158
Labels
bug Something isn't working

Comments

@mrpowerus
Copy link

mrpowerus commented Mar 20, 2023
edited
Loading

Hi team,

An issue occurs when modifying the permissions on the root level of the workspace.

Configuration

resource "databricks_permissions" "root_workspace_permissions" {
  directory_id = "0" # Root folder of the databricks workspace
  access_control {
    group_name       = "AAD_SDP_Data_Engineers"
    permission_level = "CAN_READ"
  }

  access_control {
    group_name       = "AAD_SDP_Data_Operators"
    permission_level = "CAN_READ"
  }
}

Expected Behavior

When running terraform apply, the permissions should set.

Actual Behavior

terraform plan runs successfully. However, terraform apply gives the following error

│ Error: cannot update permissions: Cannot remove admins's CAN_MANAGE permission on 0
│ 
│   with databricks_permissions.root_workspace_permissions,
│   on workspace.tf line 35, in resource "databricks_permissions" "root_workspace_permissions":
│   35: resource "databricks_permissions" "root_workspace_permissions" {
│ 
╵

Steps to Reproduce

  1. Run terraform init
  2. Run terraform plan (which will run successfully
  3. Run terraform apply

Terraform and provider versions

Terraform v1.3.5
on windows_amd64
+ provider registry.terraform.io/databricks/databricks v1.13.0
+ provider registry.terraform.io/hashicorp/azuread v2.33.0
+ provider registry.terraform.io/hashicorp/azurerm v3.43.0
@mrpowerus mrpowerus changed the title [ISSUE] Issue with databricks_XXX resource [ISSUE] Issue with databricks_permissions on root level of workspace Mar 20, 2023
@mrpowerus mrpowerus changed the title [ISSUE] Issue with databricks_permissions on root level of workspace [ISSUE] Issue with the admin group for databricks_permissions on root level of workspace Mar 20, 2023
@mrpowerus mrpowerus changed the title [ISSUE] Issue with the admin group for databricks_permissions on root level of workspace [ISSUE] Cannot update permissions for workspace: Cannot remove admins's CAN_MANAGE permission Mar 20, 2023
@nkvuong nkvuong added the bug Something isn't working label Mar 24, 2023
@nkvuong nkvuong mentioned this issue Mar 24, 2023
Merged
5 tasks
@nfx nfx closed this as completed in #2158 Mar 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix edge cases for databricks_permissions resource databricks/terraform-provider-databricks
2 participants
@mrpowerus @nkvuong