Has the behavior of the Secrets ACL API changed over the last 24 hours? With no code changes on our scope-deployment pipeline, I am suddenly getting strange errors back from this endpoint.
'User or Group {user email address goes here} does not exist.'
It's happening when I try to set an ACL on a secret scope for an Azure AD user who hasn't actually been invited to the Databricks workspace yet. But I swear this behavior is new. I used to be able to set an ACL for a user who wasn't yet invited to Databricks and it would just soak it up without throwing an error.
@aockenden From what I see, there's been no change in Secrets API for some time. Maybe the user already had a Contributor on the Resource Group, that's why he was visible for the Workspace?
Anyways, documentation clearly states that "The principal is a user or group name corresponding to an existing Databricks principal to be granted or revoked access."
Idk, I control the resource group myself and I don't remember ever granting or revoking contributor roles on that RG for any of these users which are now suddenly throwing errors. Interesting to see that line from the docs... I wonder if that was always SUPPOSED to be throwing an error and they've just now got it actually functioning as per the doc descriptions.
Welcome to Databricks Community: Lets learn, network and celebrate together
Join our fast-growing data practitioner and expert community of 80K+ members, ready to discover, help and collaborate together while making meaningful connections.