Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ISSUE] Issue with databricks_group_member resource #3364

Closed
TeddyBear1314 opened this issue Mar 12, 2024 · 1 comment
Closed

[ISSUE] Issue with databricks_group_member resource #3364

TeddyBear1314 opened this issue Mar 12, 2024 · 1 comment

Comments

@TeddyBear1314
Copy link

Configuration

# Copy-paste your Terraform configuration here
resource "databricks_service_principal" "uc_service_principal" {
  provider              = databricks.account
  for_each              = local.service_principal_group_assignment_respect_account
#  display_name          = each.key
  application_id        = var.sp2aid[each.key]
  allow_cluster_create  = true
  workspace_access      = true
  databricks_sql_access = true
}

resource "databricks_group_member" "service_principal_group_assignment" {
  provider  = databricks.account
  for_each  = local.service_principal_group_assignment_map
  group_id  = local.databricksgroup2id[each.value["account_group_name"]]
  member_id = databricks_service_principal.uc_service_principal[each.value["service_principal_name"]].id
}

Expected Behavior

I can use the above terraform configuration to add a service principal to account level and into an account group, but when I plan to remove the comment in the line to change the service principal name to a human-readeable one:

display_name = each.key

The generated terraform plan will destroy the existing group assignment:
image

The above terraform plan shoud be executed successfully.

Actual Behavior

When I execute the plan, it will fail of a SCIM API exception:
image

Steps to Reproduce

1, add the service principal to the account level and an account group with the application id

2, add a line of "display_name=XXX" in "databricks_service_principal" resource to generate a plan to recreate the service principal and readd to the account group.

3, The issue will occur and fail to delete the service principal from the group.

Terraform and provider versions

databricks = {
  source  = "databricks/databricks"
  version = "1.38.0"
}

Is it a regression?

no

Debug Output

currently it's specific to our internal Databricks deployment and could not be provided.

Important Factoids

Would you like to implement a fix?
@TeddyBear1314
Copy link
Author

Hi, I will mark this one as closed since it's fixed in version 1.39.0:
#3411
#3374

Thanks for all the help !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@TeddyBear1314