Search code examples
azure-databricksterraform-provider-azureterraform-provider-databricks

Azure databrick terraform provider authentication setup for admin user creation

I am getting error while terraform plan while creating databrick_group databrick_user while using databrickslabs/databricks (v0.5.4) :

2023-06-07T14:50:50.4892773Z Error: Invalid JSON received (529 bytes): <!doctype html><html><head><meta charset="utf-8"/><meta http-equiv="Content-Language" content="en"/><title>Databricks - Sign In</title><meta name="viewport" content="width=960"/><link rel="icon" type="image/png" href="/favicon.ico"/><meta http-equiv="content-type" content="text/html; charset=UTF8"/><link rel="icon" href="/favicon.ico"><script defer="defer" src="/static/js/login/login.96b6985d.js"></script></head><body class="light-mode"><uses-legacy-bootstrap><div id="login-page"></div></uses-legacy-bootstrap></body></html>

with module.databricks.data.databricks_group.admins,
on ../modules/landingzone/FADS/databricks/databricks_admin.tf line 8, in data "databricks_group" "admins":
 8: data "databricks_group" "admins" {

Here is part of the terraform snippet:

provider "databricks" {
  host = azurerm_databricks_workspace.databricks_workspace.workspace_url
  azure_workspace_resource_id = azurerm_databricks_workspace.databricks_workspace.id
}

# Gathers data about the admins Databricks workspace group
data "databricks_group" "admins" {
  display_name = "admins"
  depends_on = [azurerm_databricks_workspace.databricks_workspace]
}

resource "databricks_user" "admin_user" {
    for_each = var.databricks.databricks_admin_users
  user_name = each.key
  depends_on = [azurerm_databricks_workspace.databricks_workspace]
}

I am using a Service Principal that has owner permission on the subscription for terraform deployment. Is there missing authentication, if yes how do I provide these in provider block?

Solution

  • If you created a workspace using the service principal, then you need to continue to use it for authentication. Authentication parameters could be specified two ways:

    • Environments variables - Databricks provider uses the same variables as azurerm provider
    • Directly in configuration block - as described in the docs:
    provider "databricks" {
  host                        = azurerm_databricks_workspace.this.workspace_url
  azure_workspace_resource_id = azurerm_databricks_workspace.this.id
  azure_client_id             = var.client_id
  azure_client_secret         = var.client_secret
  azure_tenant_id             = var.tenant_id
}

    But if you just created a workspace, then you need also to provide workspace resource ID as azure_workspace_resource_id parameter.

    P.S. You need to upgrade Databricks provider - this is not supported version.