cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Administration & Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Databricks workspace creation using Terraform and storage configuration IAM Role Arn

sampo
New Contributor II

‎03-02-2024 10:51 AM - edited ‎03-02-2024 10:56 AM

Hi,

When creating a new AWS Databricks workspace in account console manually, it appears that IAM Role ARN is mandatory parameter when configuring a Storage Configuration

sampo_1-1709404789587.png

However in the Terraform databricks_mws_storage_configurations resource there is apparently no way to set the IAM Role arn.

This then leads to failure when creating workspace using databricks_mws_workspaces resource

sampo_3-1709405245369.png

Has anyone else seen this problem?

 

0 Kudos
1 REPLY 1

sampo
New Contributor II

‎03-04-2024 11:42 PM - edited ‎03-04-2024 11:44 PM

Investigated this further... Terraform code to create the workspace

 

resource "databricks_mws_workspaces" "databricks_ws" {
  provider = databricks.mws
  account_id = var.databricks_account_id
  aws_region = var.region
  workspace_name = "databricks-workspace-${local.env}"

  credentials_id = databricks_mws_credentials.databricks_credential_conf.id
  storage_configuration_id = databricks_mws_storage_configurations.databricks_storage_conf.id
  network_id = databricks_mws_networks.databricks_network_conf.id

  token {
    comment = "Terraform"
  }
}

 

From the Terraform log it looks like account_id string is added to credentials_id, network_id, and storage_configuration_id values

 

POST /api/2.0/accounts/<account_id>/workspaces
{
  "account_id": "<account_id>",
  "aws_region": "eu-west-1",
  "credentials_id": "<account_id>/bbf46eba-67e2-4538-8d19-426e75136ead",
  "is_no_public_ip_enabled": true,
  "network_id": "<account_id>/e9d9fb8a-3b9d-4ea3-8823-72c62e7c8f6d",
  "storage_configuration_id": "<account_id>/06bfb24a-4426-4343-b474-6fe593e20746",
  "workspace_name": "databricks-workspace-test"
}
< HTTP/2.0 400 Bad Request

 

 Looking at the Rest API sample for new workspace creation

sampo_0-1709624314099.png

There is no account_id in the credentials_id, network_id, and storage_configuration_id values

I replaced account_id string with empty string in the Terraform code and now workspace creation works without any errors

 

resource "databricks_mws_workspaces" "databricks_ws" {
  provider = databricks.mws
  account_id = var.databricks_account_id
  aws_region = var.region
  workspace_name = "databricks-workspace-${local.env}"

  credentials_id = replace(databricks_mws_credentials.databricks_credential_conf.id, "${var.databricks_account_id}/", "")
  storage_configuration_id = replace(databricks_mws_storage_configurations.databricks_storage_conf.id, "${var.databricks_account_id}/", "")
  network_id = replace(databricks_mws_networks.databricks_network_conf.id, "${var.databricks_account_id}/", "")
  
  token {
    comment = "Terraform"
  }
}

 

0 Kudos
Announcements
Welcome to Databricks Community: Lets learn, network and celebrate together

Join our fast-growing data practitioner and expert community of 80K+ members, ready to discover, help and collaborate together while making meaningful connections. 

Click here to register and join today! 

Engage in exciting technical discussions, join a group with your peers and meet our Featured Members.