https://community.databricks.com/t5/administration-architecture/can-t-set-account-admin-using-terraform/m-p/38371#M266 <P>I want to set the account admin for a service principal in order to create the Unity Catalog metastore. The Terraform code looks like this:</P><P>&nbsp;</P><LI-CODE lang="markup">data "databricks_service_principal" "application" { count = var.environment == "dev" ? 1 : 0 application_id = "00000000-0000-0000-0000-000000000000" } resource "databricks_service_principal_role" "account_admin" { count = var.environment == "dev" ? 1 : 0 service_principal_id = data.databricks_service_principal.application[0].id role = "account_admin" }</LI-CODE><P>&nbsp;</P><P data-unlink="true">This should theoretically work according to the answers in <A href="https://community.databricks.com/t5/data-engineering/creating-a-service-principal-with-admin-role-on-account-level-in/m-p/23631" target="_blank" rel="noopener">this thread</A>.</P><P data-unlink="true">But unfortunately I get following error from Terraform for the resource "databricks_service_principal_role": <FONT color="#FF0000">Error: cannot read service principal role: Service Principal has no role</FONT></P><P>For me this error message is not very useful and I don't know what is wrong here. Is this maybe a bug in the Databricks Terraform provider?</P><P>Site notes (if relevant):</P><UL><LI>I'm using the newest Databricks Terraform provider (V 1.21)</LI><LI>The Databricks workspace is deployed in Azure.</LI><LI>Using the "databrick_user_role" resource and trying to assign the account_admin role to a Databricks user will produce the same error message: <FONT color="#FF0000">User has no role</FONT></LI></UL><P>Looking at the <A href="https://github.com/databricks/terraform-provider-databricks/blob/master/aws/resource_service_principal_role.go" target="_blank" rel="noopener">source code on GitHub</A>&nbsp;(Databricks Terraform provider) I found the error message from above but I don't understand why the "ReadContext" section in there is even executed.</P><P>It would be really nice if someone can help me, as I have to enable the Unity Catalog metastore very soon <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Tue, 25 Jul 2023 12:14:30 GMT niklas 2023-07-25T12:14:30Z https://community.databricks.com/t5/administration-architecture/can-t-set-account-admin-using-terraform/m-p/38371#M266 <P>I want to set the account admin for a service principal in order to create the Unity Catalog metastore. The Terraform code looks like this:</P><P>&nbsp;</P><LI-CODE lang="markup">data "databricks_service_principal" "application" { count = var.environment == "dev" ? 1 : 0 application_id = "00000000-0000-0000-0000-000000000000" } resource "databricks_service_principal_role" "account_admin" { count = var.environment == "dev" ? 1 : 0 service_principal_id = data.databricks_service_principal.application[0].id role = "account_admin" }</LI-CODE><P>&nbsp;</P><P data-unlink="true">This should theoretically work according to the answers in <A href="https://community.databricks.com/t5/data-engineering/creating-a-service-principal-with-admin-role-on-account-level-in/m-p/23631" target="_blank" rel="noopener">this thread</A>.</P><P data-unlink="true">But unfortunately I get following error from Terraform for the resource "databricks_service_principal_role": <FONT color="#FF0000">Error: cannot read service principal role: Service Principal has no role</FONT></P><P>For me this error message is not very useful and I don't know what is wrong here. Is this maybe a bug in the Databricks Terraform provider?</P><P>Site notes (if relevant):</P><UL><LI>I'm using the newest Databricks Terraform provider (V 1.21)</LI><LI>The Databricks workspace is deployed in Azure.</LI><LI>Using the "databrick_user_role" resource and trying to assign the account_admin role to a Databricks user will produce the same error message: <FONT color="#FF0000">User has no role</FONT></LI></UL><P>Looking at the <A href="https://github.com/databricks/terraform-provider-databricks/blob/master/aws/resource_service_principal_role.go" target="_blank" rel="noopener">source code on GitHub</A>&nbsp;(Databricks Terraform provider) I found the error message from above but I don't understand why the "ReadContext" section in there is even executed.</P><P>It would be really nice if someone can help me, as I have to enable the Unity Catalog metastore very soon <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Tue, 25 Jul 2023 12:14:30 GMT https://community.databricks.com/t5/administration-architecture/can-t-set-account-admin-using-terraform/m-p/38371#M266 niklas 2023-07-25T12:14:30Z https://community.databricks.com/t5/administration-architecture/can-t-set-account-admin-using-terraform/m-p/38504#M271 <P>Hi Kaniz, thank you very much for your reply!<BR />Here is the solution to the problem from above:&nbsp;<A href="https://stackoverflow.com/questions/76762299/cant-set-databricks-account-admin-using-terraform/76763140?noredirect=1#comment135335112_76763140" target="_blank">https://stackoverflow.com/questions/76762299/cant-set-databricks-account-admin-using-terraform/76763140?noredirect=1#comment135335112_76763140</A></P> Wed, 26 Jul 2023 14:30:06 GMT https://community.databricks.com/t5/administration-architecture/can-t-set-account-admin-using-terraform/m-p/38504#M271 niklas 2023-07-26T14:30:06Z