Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ISSUE] Issue with databricks_sql_permissions resource #4140

Open
nstans opened this issue Oct 23, 2024 · 3 comments · May be fixed by #4141
Open

[ISSUE] Issue with databricks_sql_permissions resource #4140

nstans opened this issue Oct 23, 2024 · 3 comments · May be fixed by #4141
Labels
platform bug this issue cannot be fixed or worked around in scope of this plugin. Please create a support case.

Comments

@nstans
Copy link

nstans commented Oct 23, 2024

Configuration

File structure:
Screenshot 2024-10-23 121918

main.tf:

terraform {
  required_providers {
    databricks = {
      source  = "databricks/databricks"
      version = "~> 1.54.0" // for the succesful run ~> 1.38.0
    }
  }
}

provider "databricks" {
  host  = var.workspace_url
  token = var.pat_token
}

resource "databricks_sql_permissions" "sp_any_file" {
  any_file = true

  privilege_assignments {
    principal  = trimprefix("servicePrincipals/DONSENTMATTERPRINCIPAL", "servicePrincipals/")
    privileges = ["SELECT", "MODIFY"]
  }
}

variables.tf:

variable "pat_token" {
  type        = string
  description = "Export at runtime as ... export TF_VAR_pat_token=<Your PAT>"
  default     = ""
}

variable "workspace_url" {
  type        = string
  description = "Export at runtime as ... export TF_VAR_workspace_url=<Your workspace url> "
  default     = ""
}

Expected Behavior

Note: the service principal provided in the example is a trivial variable, the issue is that the compute does not initialise, which is the point of the minimum reproducible example.

Should fire up a compute on the workspace to lodge the SQL query like below. This successful execution was carried out with databricks provider 1.38

Screenshot 2024-10-23 121326

Actual Behavior

Error output to console and no compute initialised on workspace.

Screenshot 2024-10-23 121637

Error: cannot create sql permissions: Access mode LEGACY_SHARED_TABLE_ACL is not compatible with single-node mode. Only NO_ISOLATION and SINGLE_USER are supported.

Steps to Reproduce

  1. Export your test workspace PAT token in console as per variable description
  2. Export your workspace url like https://dbc-AAAAAAAA-1111.cloud.databricks.com in console as per variable description
  3. Run terraform init from the root folder
  4. Run terraform apply and confirm with yes

Terraform and provider versions

Terraform v1.9.5
on linux_amd64

  • provider registry.terraform.io/databricks/databricks v1.54.0

Is it a regression?

This was working in terraform version 1.38, noticedthe issue when updating to 1.53, and still a bug on 1.54

Debug Output

Important Factoids

No

Would you like to implement a fix?

@nstans nstans changed the title [ISSUE] Issue with databricks_XXX resource [ISSUE] Issue with databricks_sql_permissions resource Oct 23, 2024
@alexott alexott added the platform bug this issue cannot be fixed or worked around in scope of this plugin. Please create a support case. label Oct 23, 2024
@alexott
Copy link
Contributor

alexott commented Oct 23, 2024

The problem here is more on the backend side - I can't create a cluster with such a configuration anymore. Most probably the 1.38 used the cluster created long time ago that was kept for compatibility reasons.

alexott added a commit that referenced this issue Oct 23, 2024
Due to the internal changes in the backend API, it doesn't allow to create non-UC single-node
clusters.  Until the fix is implemented on the backend, create a cluster for setting
permissions consisting of 1 worker.

Also, went through the documentation's grammar.

Resolves #4140
@NicholasFiorentini
Copy link

Maybe it is related to the permission refactoring done in 1.53? I also have a regression: #4143.

@mgyucht
Copy link
Contributor

mgyucht commented Oct 30, 2024

For posterity, this is a separate issue from databricks_permissions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
platform bug this issue cannot be fixed or worked around in scope of this plugin. Please create a support case.
Projects
None yet
4 participants