cancel
Showing results for 
Search instead for 
Did you mean: 
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Showing results for 
Search instead for 
Did you mean: 

Secrets ACL API Behavior Change

aockenden
New Contributor III

Hey all,

Has the behavior of the Secrets ACL API changed over the last 24 hours? With no code changes on our scope-deployment pipeline, I am suddenly getting strange errors back from this endpoint.

Anybody else noticing a change?

Thanks,

Alex

4 REPLIES 4

daniel_sahal
Esteemed Contributor

@aockenden 
Can you paste these errors here?

aockenden
New Contributor III

'User or Group {user email address goes here} does not exist.'

It's happening when I try to set an ACL on a secret scope for an Azure AD user who hasn't actually been invited to the Databricks workspace yet. But I swear this behavior is new. I used to be able to set an ACL for a user who wasn't yet invited to Databricks and it would just soak it up without throwing an error.

daniel_sahal
Esteemed Contributor

@aockenden 
From what I see, there's been no change in Secrets API for some time. Maybe the user already had a Contributor on the Resource Group, that's why he was visible for the Workspace?

Anyways, documentation clearly states that "The principal is a user or group name corresponding to an existing Databricks principal to be granted or revoked access."

aockenden
New Contributor III

Idk, I control the resource group myself and I don't remember ever granting or revoking contributor roles on that RG for any of these users which are now suddenly throwing errors. Interesting to see that line from the docs... I wonder if that was always SUPPOSED to be throwing an error and they've just now got it actually functioning as per the doc descriptions.

Join 100K+ Data Experts: Register Now & Grow with Us!

Excited to expand your horizons with us? Click here to Register and begin your journey to success!

Already a member? Login and join your local regional user group! If there isn’t one near you, fill out this form and we’ll create one for you to join!