Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
Has the behavior of the Secrets ACL API changed over the last 24 hours? With no code changes on our scope-deployment pipeline, I am suddenly getting strange errors back from this endpoint.
โ04-25-202404:55 AM - edited โ04-25-202404:55 AM
'User or Group {user email address goes here} does not exist.'
It's happening when I try to set an ACL on a secret scope for an Azure AD user who hasn't actually been invited to the Databricks workspace yet. But I swear this behavior is new. I used to be able to set an ACL for a user who wasn't yet invited to Databricks and it would just soak it up without throwing an error.
@aockenden From what I see, there's been no change in Secrets API for some time. Maybe the user already had a Contributor on the Resource Group, that's why he was visible for the Workspace?
Anyways, documentation clearly states that "The principal is a user or group name corresponding to an existing Databricks principal to be granted or revoked access."
Idk, I control the resource group myself and I don't remember ever granting or revoking contributor roles on that RG for any of these users which are now suddenly throwing errors. Interesting to see that line from the docs... I wonder if that was always SUPPOSED to be throwing an error and they've just now got it actually functioning as per the doc descriptions.
Join Us as a Local Community Builder!
Passionate about hosting events and connecting people? Help us grow a vibrant local communityโsign up today to get started!
