azureterraformdatabricksdatabricks-unity-catalog
Terraform azure databricks unity catalog from start
I would like to create a single terraform .tf that creates my databricks environment from scratch. I have followed an example that creates an databricks workspace in azure and it works fine.
https://learn.microsoft.com/en-us/azure/databricks/dev-tools/terraform/azure-workspace
Seems like this also creates components needed for unity catalog like Managed identity, access connector and storage account. But unity catalog is not enabled. In the code example, this is the part that actually makes the resource:
resource "azurerm_databricks_workspace" "this" {
name = "${local.prefix}-workspace"
resource_group_name = azurerm_resource_group.this.name
location = azurerm_resource_group.this.location
sku = "premium"
managed_resource_group_name = "${local.prefix}-workspace-rg"
tags = local.tags
}
What am I missing to be able to get the Unity catalog enabled through terraform?
Solution
What am I missing to be able to get the Unity catalog enabled through terraform?
Here is the updated terraform code to create a meta store and enabled Unity catalog.
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
}
databricks = {
source = "databricks/databricks"
}
}
}
provider "azurerm" {
subscription_id = ""
features {}
}
resource "azurerm_resource_group" "rgname" {
name = "databricks-temp-1"
location = "centralus"
}
resource "azurerm_databricks_workspace" "example" {
name = "databricks-test"
resource_group_name = azurerm_resource_group.rgname.name
location = azurerm_resource_group.rgname.location
sku = "premium"
}
provider "databricks" {
host = azurerm_databricks_workspace.example.workspace_url
}
resource "azurerm_databricks_access_connector" "unity" {
name = "venkatdatabricksmi1"
resource_group_name = azurerm_resource_group.rgname.name
location = azurerm_resource_group.rgname.location
identity {
type = "SystemAssigned"
}
}
resource "azurerm_storage_account" "unity_catalog" {
name = "thejadatabricksdemo2"
resource_group_name = azurerm_resource_group.rgname.name
location = azurerm_resource_group.rgname.location
account_tier = "Standard"
account_replication_type = "GRS"
is_hns_enabled = true
}
resource "azurerm_storage_container" "unity_catalog" {
name = "venkat-container2"
storage_account_name = azurerm_storage_account.unity_catalog.name
container_access_type = "private"
}
resource "azurerm_role_assignment" "example" {
scope = azurerm_storage_account.unity_catalog.id
role_definition_name = "Storage Blob Data Contributor"
principal_id = azurerm_databricks_access_connector.unity.identity[0].principal_id
}
resource "databricks_metastore" "this" {
name = "demometastoretest"
storage_root = format("abfss://%s@%s.dfs.core.windows.net/",
azurerm_storage_container.unity_catalog.name,
azurerm_storage_account.unity_catalog.name)
force_destroy = true
region = "centralus"
}
resource "databricks_metastore_assignment" "this" {
provider = databricks
workspace_id = azurerm_databricks_workspace.example.workspace_id
metastore_id = databricks_metastore.this.id
default_catalog_name = "hive_metastore"
}
resource "databricks_metastore_data_access" "this" {
metastore_id = databricks_metastore.this.id
name = "mi_dac"
azure_managed_identity {
access_connector_id = azurerm_databricks_access_connector.unity.id
}
is_default = true
depends_on = [ databricks_metastore_assignment.this ]
}
Terraform apply:
After running the code, the Unity catalog has been enabled.
The Databricks workspace was also successfully added to the metastore.
Reference: databricks_metastore Resource
- Unable to get all users from Microsoft Graph using Python SDK
- You need to ensure that WebApp1 uses the ASP.NET v4.7 runtime stack
- MS Graph API - How to query additional pages
- how to hash users into random values in azure databricks
- How can I manage Azure SQL user/login/credentials
- How to connect secrets value stored in Azure key vault to Azure app service env variables directly
- AVD Insights Host Performance Blade Empty after vhange to new Azure Monitoring Agent
- How to get a list of users from azure graph API
- Azure App Service Flask Deployment Error: "Failed to Respond to HTTP Pings on Port 8000; Site Start Failed. Check Container Logs for Debugging."
- Azure Function App - No continuous deployment setting for "Flex Consumption" hosting plan?
- Az-GetRoleAssigments Not returning Data for DisplayName, SignInName & Object Type - Azure Powershell Runbook
- Can you publish a new standalone Angular project (esproj) directly from VS2022 to Azure?
- Cors configuration
- Publish error: Found multiple publish output files with the same relative path
- remove event subscriptions from system topics
- node-fetch azure document translator
- Is it possible to use .env in a React Web project?
- Sign in to Azure Account from VS Code
- How to copy blobs from azure to aws using python?
- AKV10032: Invalid issuer error when connecting to Azure Key Vault from App Service
- how to mask hash users into random values [email protected] in azure databricks
- Can we use PostgREST API with Azure
- Bicep adding DNS Records saying already exists when it doesn't
- Issue in sending personal message in MS Teams with Graph API
- import files to databricks workspace
- Create an Api connection to log analytics workspace via bicep
- az funcapp publish .net8 Isolated breaking Azure configuration runtime settings on Sync
- Is there a way to get more than 1000 Packages and versions from Azure DEVOPs Feed RESTAPI for GET Packages?
- how to insert json into cosmos db collection using c#
- How to grant a Managed Identity permissions to an Azure SQL Database using IaC?