Open
Description
Configuration
resource "databricks_access_control_rule_set" "this" {
provider = databricks.workspace
name = "accounts/${data.databricks_current_config.mws.account_id}/servicePrincipals/<service principal>/ruleSets/default"
grant_rules {
principals = [databricks_service_principal.this.acl_principal_id]
role = "roles/servicePrincipal.user"
}
}When changing the name argument terraform shows the resource being updated but both the name as well as the id attributes in the state remain unchanged resulting in errors in case the resource referenced in name no longer exists
│ Error: cannot read access control rule set: ServicePrincipal <old service principal id> not found
│
│ with databricks_access_control_rule_set.this,
│ on databricks.tf line 52, in resource "databricks_access_control_rule_set" "this":
│ 52: resource "databricks_access_control_rule_set" "this" {
Expected Behavior
The state should be correctly updated
Actual Behavior
The state isn't updated correctly, resulting in breakage.
Terraform and provider versions
OpenTofu v1.9.0-dev
on linux_amd64
+ provider registry.opentofu.org/databricks/databricks v1.68.0
It seems like the same issue was described here #3369 but incorrectly dismissed.
Looking at the code, update doesn't seem to update/set the id
create does
Also
read seems to be using the id as the value for the name
which would align with the issue we're seeing.Metadata
Metadata
Assignees
Labels
No labels
Activity