cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

Creating an Azure-Keyvault-backed secret scope with terraform

VicS
Visitor

We want to create an Azure-Keyvault-backed secret scope with terraform - while we are able to do it via the UI with the URL https://adb-xxxxxxxx.x.azuredatabricks.net/?o=xxxxxxxxxxxxxx#secrets/createScope, I'm unable to do it with Terraform. 

 

resource "databricks_secret_scope" "this" {
  name = "my-keyvault-name"
  keyvault_metadata {
    resource_id = "/subscriptions/x/resourceGroups/x/providers/Microsoft.KeyVault/vaults/my-keyvault-name"
    dns_name    = "my-keyvault-name.vault.azure.net/"
  }
}

 

In case it's relevant: while running Terraform we authenticate with a browser-pop up with our ActiveDirectory to authenticate against and deploy the Azure ressources. 

2 REPLIES 2

szymon_dybczak
Contributor III

Could you share with us what error message you get?

Sorry I forgot, of course - Terraform plan goes through without a problem, but during the apply phase, I get

โ”‚ Error: cannot create secret scope: Scope with Azure KeyVault must have userAADToken defined!
โ”‚
โ”‚   with databricks_secret_scope.this,
โ”‚   on main_secret_scope_and_keyvault_acl.tf line 15, in resource "databricks_secret_scope" "this":
โ”‚   15: resource "databricks_secret_scope" "this" {
โ”‚

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโ€™t want to miss the chance to attend and share knowledge.

If there isnโ€™t a group near you, start one and help create a community that brings people together.

Request a New Group