cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Governance
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

unity catalog databricks_metastore terraform - not authorized

Go to solution
amitca71
Contributor II

‎09-07-2022 01:38 AM

i created unity catalog using terraform on AWS, and able to create manualy a meta store with same user.

when trying to create metsastore from terraform, i get unauthorized error:

Error: cannot create metastore: Unauthorized

│ 

│  with module.unity_catalog_metastore.databricks_metastore.this,

│  on modules/uc_metastore/main.tf line 1, in resource "databricks_metastore" "this":

│  1: resource "databricks_metastore" "this" {

provider:

databricks = {

source = "databricks/databricks"

version = "~>1.2.1"

}

i use the mws provider with user and password:

provider "databricks" {

alias = "mws"

host = "https://accounts.cloud.databricks.com"

account_id = var.databricks_account_id

username = var.databricks_username

password = var.databricks_password

}

my user is account admin (otherwise i wouldnt be able to create the catalog itself..)

the resource configuration:

resource "databricks_metastore" "this" {

name = "primary"

storage_root = "s3://${var.unity_metastore_bucket}/metastore"

owner = var.unity_admin_group

force_destroy = true

}

Any idea?

Thanks,

Amit

Labels:
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Anonymous
Not applicable

‎10-11-2022 07:23 AM

Hello @Amit Cahanovich​ ,

You'll need to use the workspace provider when creating a UC metastore using TF. Please use this guide - https://registry.terraform.io/providers/databricks/databricks/latest/docs/guides/unity-catalog#creat...

Few things to note

  • Unity catalogue APIs are currently exposed via the workspace endpoint, not the account endpoint. When you create via UI it uses account-level API but it's still not exposed to the public.

https://api-docs.databricks.com/rest/latest/unity-catalog-api-specification-2-1.html

For better understanding, you could also check a similar query here - https://discuss.hashicorp.com/t/databricks-unity-catalog-account-vs-workspace-level-understanding/42...

View solution in original post

2 REPLIES 2

Go to solution
Anonymous
Not applicable

‎10-11-2022 07:23 AM

Hello @Amit Cahanovich​ ,

You'll need to use the workspace provider when creating a UC metastore using TF. Please use this guide - https://registry.terraform.io/providers/databricks/databricks/latest/docs/guides/unity-catalog#creat...

Few things to note

  • Unity catalogue APIs are currently exposed via the workspace endpoint, not the account endpoint. When you create via UI it uses account-level API but it's still not exposed to the public.

https://api-docs.databricks.com/rest/latest/unity-catalog-api-specification-2-1.html

For better understanding, you could also check a similar query here - https://discuss.hashicorp.com/t/databricks-unity-catalog-account-vs-workspace-level-understanding/42...

Go to solution
amitca71
Contributor II

‎10-11-2022 09:47 AM

thanks 🙂

0 Kudos
Announcements
Welcome to Databricks Community: Lets learn, network and celebrate together

Join our fast-growing data practitioner and expert community of 80K+ members, ready to discover, help and collaborate together while making meaningful connections. 

Click here to register and join today! 

Engage in exciting technical discussions, join a group with your peers and meet our Featured Members.