cancel
Showing results for 
Search instead for 
Did you mean: 
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Showing results for 
Search instead for 
Did you mean: 

Terraform Failed to get oauth access token. Please retry after logout and login again. with GCP

NelsonE
New Contributor II

Hi I'm having trouble creating a databricks_mws_vpc_endpoint with Terraform.

I already created 2 Private Service Connect (PSC) and I'm trying to create the vpc endpoint for Databricks but I'm getting this error:

BAD_REQUEST: Failed to get oauth access token. Please retry after logout and login again.

This is my terraform:

 

 

 

 

 

provider "databricks" {
    alias = "accounts"
    profile = "DEFAULT"
}

resource "databricks_mws_vpc_endpoint" "backend_rest_vpce" {
    provider = databricks.accounts
    account_id = var.databricks_account_id
    vpc_endpoint_name = "vpce-backend-rest-ven"
    gcp_vpc_endpoint_info {
        project_id = var.network_project_id
        psc_endpoint_name = var.backend_rest_psce
        endpoint_region = google_compute_subnetwork.network-with-private-secondary-ip-ranges.region
    }
}

 

 

 

 

I Configure my credentials inside the .databrickscfg and I'm using a service principal to create databricks resources. Also I tested my credentials with the databricks CLI and the work perfectly.

If I created manually they are working fine as well.

Thanks

2 REPLIES 2

NelsonE
New Contributor II

The solution was the type of auth type that I was using with Databricks. It start working when I created a service account in my GCP project, then I changed that I could make request on behalf of that user and I added the user into Databricks account.

That worked for me. Now the auth_type in the provider is something like:
auth_type = "google-id"

wlam1
New Contributor II

Thank you @NelsonE ! This helped me as well. Tried messing around with all kinds of authentication methods but this was what worked.

For the record, I am also using service account impersonation to register VPC endpoints on Terraform / GCP for Databricks. My .databrickscfg profile looks like this:

[GCP_ID_ACCOUNT]
host                    = https://accounts.gcp.databricks.com
account_id              = <acc-id>
google_service_account  = <service-account-email>

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group