update

databricks · Oct 19, 2024 · 08b84d4 · 08b84d4
1 parent 0c14c13
commit 08b84d4
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 6 deletions.
diff --git a/apps/resource_custom_app_integration.go b/apps/resource_custom_app_integration.go
@@ -6,6 +6,7 @@ import (
 	"github.com/databricks/databricks-sdk-go/service/oauth2"
 	"github.com/databricks/terraform-provider-databricks/common"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 )
 
 type CustomAppIntegration struct {
@@ -24,7 +25,8 @@ func ResourceCustomAppIntegration() common.Resource {
 			common.CustomizeSchemaPath(m, p).SetForceNew()
 		}
 		common.CustomizeSchemaPath(m, "client_secret").SetSensitive().SetComputed()
-
+		common.CustomizeSchemaPath(m, "token_access_policy", "access_token_ttl_in_minutes").SetValidateFunc(validation.IntBetween(5, 1440))
+		common.CustomizeSchemaPath(m, "token_access_policy", "refresh_token_ttl_in_minutes").SetValidateFunc(validation.IntBetween(5, 129600))
 		return m
 	})
 	return common.Resource{
@@ -58,6 +60,7 @@ func ResourceCustomAppIntegration() common.Resource {
 		},
 		Update: func(ctx context.Context, d *schema.ResourceData, c *common.DatabricksClient) error {
 			var update oauth2.UpdateCustomAppIntegration
+			update.IntegrationId = d.Id()
 			common.DataToStructPointer(d, s, &update)
 			acc, err := c.AccountClient()
 			if err != nil {

diff --git a/docs/resources/custom_app_integration.md b/docs/resources/custom_app_integration.md
@@ -25,14 +25,15 @@ resource "databricks_custom_app_integration" "this" {
 
 The following arguments are available:
 
-* `name` - (Required) Name of the custom OAuth app. Change requires a new resource
-* `confidential` - Indicates whether an OAuth client secret is required to authenticate this client. Default to `false`
-* `redirect_urls` - List of OAuth redirect urls
+* `name` - (Required) Name of the custom OAuth app. Change requires a new resource.
+* `confidential` - Indicates whether an OAuth client secret is required to authenticate this client. Default to `false`. Change requires a new resource.
+* `redirect_urls` - List of OAuth redirect urls.
+* `scopes` - OAuth scopes granted to the application. Supported scopes: `all-apis`, `sql`, `offline_access`, `openid`, `profile`, `email`.
 
 ### token_access_policy Configuration Block (Optional)
 
-* `access_token_ttl_in_minutes` - access token time to live in minutes
-* `refresh_token_ttl_in_minutes` - refresh token time to live in minutes
+* `access_token_ttl_in_minutes` - access token time to live (TTL) in minutes.
+* `refresh_token_ttl_in_minutes` - refresh token TTL in minutes. The TTL of refresh token cannot be lower than TTL of access token.
 
 ## Attribute Reference