Re: Terraform keep show changes for databricks_sql...

Pat · ‎12-06-2022

I am not sure if I understand this correctly, but what you need to do is set privileges in one terraform resource, otherwise they will get overwritten, meaning you should do:

resource "databricks_sql_permissions" "any_file" {
any_file = true
 
 
privilege_assignments {
principal = "EC - DATA"
privileges = ["SELECT", "MODIFY"]
}
 
privilege_assignments {
principal = "SOME_OTHER- DATA"
privileges = ["SELECT"]
}
 
 
}

not:

resource "databricks_sql_permissions" "ec_data_any_file" {
any_file = true
 
 
privilege_assignments {
principal = "EC - DATA"
privileges = ["SELECT", "MODIFY"]
}
 
}
 
resource "databricks_sql_permissions" "some_other_data_any_file" {
any_file = true
 
privilege_assignments {
principal = "SOME_OTHER- DATA"
privileges = ["SELECT"]
}
 
}

source: https://registry.terraform.io/providers/databricks/databricks/1.6.5/docs/resources/sql_permissions#a...

You must specify one or many

privilege_assignments

configuration blocks to declare

privileges

to a

principal

, which corresponds to

display_name

of databricks_group or databricks_user. Terraform would ensure that only those principals and privileges defined in the resource are applied for the data object and would remove anything else.

View solution in original post