tomarv2 · tomarv2 · Jan 29, 2022 · Jan 29, 2022
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -3,20 +3,17 @@ repos:
     rev: v1.48.0
     hooks:
       - id: terraform_fmt
-#      - id: terraform_validate
       - id: terraform_tflint
         args:
           - '--args=--only=terraform_deprecated_interpolation'
           - '--args=--only=terraform_deprecated_index'
-#          - '--args=--only=terraform_unused_declarations'
+          - '--args=--only=terraform_unused_declarations'
           - '--args=--only=terraform_comment_syntax'
           - '--args=--only=terraform_documented_outputs'
           - '--args=--only=terraform_documented_variables'
           - '--args=--only=terraform_typed_variables'
           - '--args=--only=terraform_module_pinned_source'
           - '--args=--only=terraform_naming_convention'
-          - '--args=--only=terraform_required_providers'
-#          - '--args=--only=terraform_standard_module_structure'
           - '--args=--only=terraform_workspace_remote'
 
   - repo: https://github.com/pre-commit/pre-commit-hooks
@@ -28,9 +25,8 @@ repos:
       - id: check-yaml
 
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: '1.0.864' # change to tag or sha
+    rev: '2.0.531'
     hooks:
     - id: checkov
       verbose: true
-      args:
-      - -d . --framework terraform -o output_format json
+      args: [-d, '.', --framework, 'terraform']
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,12 @@
+# CHANGELOG
+
+## [v0.0.9](https://github.com/tomarv2/terraform-databricks-aws-workspace/releases/tag/v0.0.9) - 2022-01-28 19:25:12
+
+*No description*
+
+### Bug Fixes
+
+- general:
+  - fixing broken link in readme ([70da157](https://github.com/tomarv2/terraform-databricks-aws-workspace/commit/70da15703f048f4b880be1d415eb22db2047d7ee)) ([#4](https://github.com/tomarv2/terraform-databricks-aws-workspace/pull/4))
+
+\* *This CHANGELOG was automatically generated by [auto-generate-changelog](https://github.com/BobAnkh/auto-generate-changelog)*
diff --git a/README.md b/README.md
@@ -25,7 +25,7 @@
 >
 > :point_right: Databricks account password: `databricks_account_password`
 >
-> :point_right: Databricks account id, `databricks_account_id` can be found on the top right corner of the page, once you're logged in.
+> :point_right: Databricks account id, `databricks_account_id` can be found on the bottom left corner of the page, once you're logged in.
 >
 > :point_right: Part 2: Terraform module for [Databricks Workspace management](https://github.com/tomarv2/terraform-databricks-workspace-management)
 
@@ -36,7 +36,7 @@
 ## Versions
 
 - Module tested for Terraform 1.0.1.
-- `databrickslabs/databricks` provider version [0.3.5](https://registry.terraform.io/providers/databrickslabs/databricks/latest)
+- `databrickslabs/databricks` provider version [0.4.7](https://registry.terraform.io/providers/databrickslabs/databricks/latest)
 - AWS provider version [3.47](https://registry.terraform.io/providers/hashicorp/aws/latest).
 - `main` branch: Provider versions not pinned to keep up with Terraform releases.
 - `tags` releases: Tags are pinned with versions (use <a href="https://github.com/tomarv2/terraform-databricks-aws-workspace/tags" alt="GitHub tag">

diff --git a/examples/sample/main.tf b/examples/sample/main.tf
@@ -4,9 +4,9 @@ module "databricks_workspace" {
   # NOTE: One of the below is required:
   # - 'profile_for_iam' - for IAM creation (if none is provided 'default' is used)
   # - 'existing_role_name'
-  profile_for_iam             = "iam-admin"
-  existing_role_name          = "arn:aws:iam::123456789012:role/demo-role"
-  aws_region                  = "us-east-2"
+  profile_for_iam = "iam-admin"
+  #existing_role_name          = "arn:aws:iam::123456789012:role/demo-role"
+  aws_region                  = "us-east-1"
   databricks_account_username = "example@example.com"
   databricks_account_password = "sample123!"
   databricks_account_id       = "1234567-1234-1234-1234-1234567"

diff --git a/examples/sample/outputs.tf b/examples/sample/outputs.tf
@@ -57,12 +57,7 @@ output "databricks_deployment_name" {
 /*
 output "pat_token" {
   description = "databricks pat"
-  value       = module.databricks_workspace.pat_token
-}
-
-
-output "pat_token_duration" {
-  description = "databricks pat"
-  value       = module.databricks_workspace.pat_token_duration
+  value       = module.databricks_workspace.databricks_token
+  sensitive   = true
 }
 */
diff --git a/main.tf b/main.tf
@@ -1,6 +1,7 @@
 module "vpc" {
   source = "git::git@github.com:tomarv2/terraform-aws-vpc.git?ref=v0.0.4"
 
+  aws_region             = var.aws_region
   enable_dns_hostnames   = true
   enable_nat_gateway     = true
   single_nat_gateway     = true
@@ -25,12 +26,11 @@ module "vpc" {
 }
 
 module "iam_role" {
-  source = "git::git@github.com:tomarv2/terraform-aws-iam-role.git//modules/iam_role_external?ref=v0.0.4"
+  source = "git::git@github.com:tomarv2/terraform-aws-iam-role.git//modules/iam_role_external?ref=v0.0.7"
 
   count = var.existing_role_name == null ? 1 : 0
 
   assume_role_policy = data.databricks_aws_assume_role_policy.this.json
-  external_id        = var.databricks_account_id
   # -----------------------------------------
   # Do not change the teamid, prjid once set.
   teamid = var.teamid
@@ -60,9 +60,8 @@ module "iam_policies" {
 }
 
 module "s3" {
-  source = "git::git@github.com:tomarv2/terraform-aws-s3.git?ref=v0.0.3"
+  source = "git::git@github.com:tomarv2/terraform-aws-s3.git?ref=v0.0.6"
 
-  aws_region = var.aws_region
   # -----------------------------------------
   # Do not change the teamid, prjid once set.
   teamid = var.teamid

diff --git a/mws.tf b/mws.tf
@@ -1,5 +1,6 @@
 resource "databricks_mws_networks" "this" {
-  provider           = databricks.mws
+  provider = databricks.mws
+
   account_id         = var.databricks_account_id
   network_name       = "${var.teamid}-${var.prjid}-${local.suffix}"
   security_group_ids = [module.vpc.default_security_group_id]
@@ -8,7 +9,8 @@ resource "databricks_mws_networks" "this" {
 }
 
 resource "databricks_mws_credentials" "this" {
-  provider         = databricks.mws
+  provider = databricks.mws
+
   account_id       = var.databricks_account_id
   role_arn         = var.existing_role_name != null ? var.existing_role_name : join("", module.iam_role.*.iam_role_arn)
   credentials_name = "${var.teamid}-${var.prjid}-${local.suffix}"
@@ -17,8 +19,9 @@ resource "databricks_mws_credentials" "this" {
 }
 
 resource "databricks_mws_storage_configurations" "this" {
-  provider                   = databricks.mws
+  provider = databricks.mws
+
   account_id                 = var.databricks_account_id
-  bucket_name                = module.s3.s3_bucket_name
+  bucket_name                = module.s3.bucket_name
   storage_configuration_name = "${var.teamid}-${var.prjid}-${local.suffix}"
 }
diff --git a/outputs.tf b/outputs.tf
@@ -29,17 +29,17 @@ output "inline_policy_id" {
 
 output "s3_bucket_name" {
   description = "s3 bucket name"
-  value       = module.s3.s3_bucket_name
+  value       = module.s3.bucket_name
 }
 
 output "s3_bucket_arn" {
   description = "s3 bucket arn"
-  value       = module.s3.s3_bucket_arn
+  value       = module.s3.bucket_arn
 }
 
 output "s3_bucket_id" {
   description = "s3 bucket id"
-  value       = module.s3.s3_bucket_id
+  value       = module.s3.bucket_id
 }
 
 output "databricks_mws_credentials_id" {
@@ -93,10 +93,4 @@ output "databricks_token" {
   value       = databricks_token.pat.id
   sensitive   = true
 }
-
-
-output "pat_token_duration" {
-  description = "databricks pat"
-  value       = databricks_token.pat.lifetime_seconds
-}
 */
diff --git a/pat_token.tf b/pat_token.tf
@@ -3,7 +3,7 @@
 */
 /*
 resource "databricks_token" "pat" {
-  provider         = databricks.created_workspace
+  provider = databricks.created_workspace
 
   comment          = "Terraform managed: ${var.teamid}-${var.prjid}"
   lifetime_seconds = 86400

diff --git a/s3.tf b/s3.tf
@@ -1,9 +1,9 @@
 data "databricks_aws_bucket_policy" "this" {
-  bucket = module.s3.s3_bucket_name
+  bucket = module.s3.bucket_name
 }
 
 resource "aws_s3_bucket_policy" "root_bucket_policy" {
-  bucket     = module.s3.s3_bucket_id
+  bucket     = module.s3.bucket_id
   policy     = data.databricks_aws_bucket_policy.this.json
   depends_on = [databricks_mws_networks.this]
 }
diff --git a/variables.tf b/variables.tf
@@ -20,10 +20,17 @@ variable "aws_region" {
   default     = "us-west-2"
 }
 
+variable "databricks_hostname" {
+  description = "databricks hostname"
+  type        = string
+  default     = "https://accounts.cloud.databricks.com"
+}
+
 variable "databricks_account_username" {
   description = "databricks account username"
   type        = string
 }
+
 variable "databricks_account_password" {
   description = "databricks account password"
   type        = string

diff --git a/versions.tf b/versions.tf
@@ -6,7 +6,7 @@ terraform {
     }
     databricks = {
       source  = "databrickslabs/databricks"
-      version = "0.3.5"
+      version = "0.4.7"
     }
     random = {
       version = "~> 3.1"
@@ -17,6 +17,7 @@ terraform {
   }
 }
 
+
 provider "aws" {
   region  = var.aws_region
   profile = var.profile_to_use
@@ -30,15 +31,17 @@ provider "aws" {
 }
 
 provider "aws" {
-  alias   = "iam-management"
+  alias = "iam-management"
+
   region  = var.aws_region
   profile = local.profile_to_use
 }
 
 # initialize provider in "MWS" mode to provision new workspace
 provider "databricks" {
-  alias    = "mws"
-  host     = "https://accounts.cloud.databricks.com"
+  alias = "mws"
+
+  host     = var.databricks_hostname
   username = var.databricks_account_username
   password = var.databricks_account_password
 }

diff --git a/workspaces.tf b/workspaces.tf
@@ -1,5 +1,6 @@
 resource "databricks_mws_workspaces" "this" {
-  provider        = databricks.mws
+  provider = databricks.mws
+
   account_id      = var.databricks_account_id
   aws_region      = var.aws_region
   workspace_name  = "${var.teamid}-${var.prjid}"