cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

databricks terraform provider, databricks_credential resource, service

sunykim
New Contributor II

Tuesday

I cannot make the databricks_credential resource create a service credential. It works fine with storage credentials. However, when i put `purpose = "SERVICE"` plus aws_iam_role and comment, in the apply phase it fails with 
`Error: cannot create credential: failed during request visitor: default auth: cannot configure default credentials, please check` It surprises me to see an auth error here. The auth of the databricks service principal works fine with everything else. I tried with both workspace level and account level provider. If you need more information i'm happy to provide it

Labels:
0 Kudos
3 REPLIES 3

Khaja_Zaffer
Contributor

Tuesday

Hello @sunykim 

Good day!
Sad to see you going through issue But

Please ensure AWS credentials are set in your environment before running terraform apply. Has IAM role details (e.g., via iam:GetRole) got sufficient credentials permissions to read the role?.
 
You can set them as environment variables:
The below must resolve your issue ( I am open to other solutions from contributors as well. )
export AWS_ACCESS_KEY_ID="your-access-key"
export AWS_SECRET_ACCESS_KEY="your-secret-key"
# If using temporary credentials (e.g., from STS):
export AWS_SESSION_TOKEN="your-session-token"

0 Kudos

sunykim
New Contributor II
In response to Khaja_Zaffer

Tuesday

Hi and thanks for the reaction. The pipeline (github actions) is gets some AWS powers that are unknown to me (more than my personal user) and created the role. 

0 Kudos

sunykim
New Contributor II

Wednesday

I have the same error message now when trying to create a USE_SCHEMA grant for a service principal as in https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/grant#schema-gra... . I create a new service principal and then assign the grant. The creation works, the assignement doesn't. So the databricks credentials do work. Also, there is no AWS IAM role involved. I again tried both with account level and workspace level provider.

0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local communityโ€”sign up today to get started!

Sign Up Now
Announcements