-
Notifications
You must be signed in to change notification settings - Fork 382
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ISSUE] databricks_permissions
shows permanent drift if the owner is not the same as the TF identifier
#3730
Comments
I am encountering an simliar issue, where Code:variable "data_products" {
description = "List of all data products with their respective attributes."
type = list(object({
id = string
repo_url = string
group_name_prefix = string
}))
}
resource "databricks_permissions" "data_products_general_shared_autoscaling" {
for_each = {
for product in var.data_products : product.id => product
}
cluster_id = databricks_cluster.general_shared_autoscaling.id
access_control {
group_name = "${each.value.group_name_prefix}_MANAGE"
permission_level = "CAN_RESTART"
}
access_control {
group_name = "${each.value.group_name_prefix}_EDIT"
permission_level = "CAN_RESTART"
}
access_control {
group_name = "${each.value.group_name_prefix}_RUN"
permission_level = "CAN_RESTART"
}
access_control {
group_name = "${each.value.group_name_prefix}_MANAGE"
permission_level = "CAN_ATTACH_TO"
}
access_control {
group_name = "${each.value.group_name_prefix}_EDIT"
permission_level = "CAN_ATTACH_TO"
}
access_control {
group_name = "${each.value.group_name_prefix}_RUN"
permission_level = "CAN_ATTACH_TO"
}
} Terminal
|
I'm also seeing this state drift occur. I am working on migrating |
hey @nkvuong, do you have any insight into fixing this? I tried going back a few versions but still was having this issue. The trouble is that I have existing resources that I can't easily destroy/recreate so I can't go back that far. I'm currently I'm just using a resource "databricks_permissions" "endpoint_usage" {
sql_endpoint_id = databricks_sql_endpoint.endpoint.id
access_control {
group_name = var.company_group_name
permission_level = "CAN_USE"
}
lifecycle {
# https://github.com/databricks/terraform-provider-databricks/issues/3730
ignore_changes = [
access_control
]
}
} Also, any chance underlying issue is related to #2543? I'm using |
no, it's not related to #2543 - warehouses have their own permissions |
…not specified (#3829) ## Changes - SQL warehouses supports specifying `IS_OWNER` permission and therefore requires the same workaround as jobs & pipelines. - Resolves #3730 ## Tests <!-- How is this tested? Please see the checklist below and also describe any other relevant tests --> - [x] `make test` run locally - [x] relevant change in `docs/` folder - [x] covered with integration tests in `internal/acceptance` - [x] relevant acceptance tests are passing - [x] using Go SDK
…not specified (databricks#3829) ## Changes - SQL warehouses supports specifying `IS_OWNER` permission and therefore requires the same workaround as jobs & pipelines. - Resolves databricks#3730 ## Tests <!-- How is this tested? Please see the checklist below and also describe any other relevant tests --> - [x] `make test` run locally - [x] relevant change in `docs/` folder - [x] covered with integration tests in `internal/acceptance` - [x] relevant acceptance tests are passing - [x] using Go SDK
Configuration
Expected Behavior
tf plan should be clean
Actual Behavior
tf plan shows planned changes
Terraform and provider versions
1.48.2
Important Factoids
Running terraform apply does not clear the diff
The text was updated successfully, but these errors were encountered: