databricks_permission_assignment Resource

These resources are invoked in the workspace context.

Example Usage

In workspace context, adding account-level user to a workspace:

# Use the account provider
data "databricks_user" "me" {
  user_name = "me@example.com"
  provider  = databricks.account
}

resource "databricks_permission_assignment" "add_user" {
  principal_id = data.databricks_user.me.id
  permissions  = ["USER"]
  provider     = databricks.workspace
}

In workspace context, adding account-level service principal to a workspace:

# Use the account provider
data "databricks_service_principal" "sp" {
  display_name = "Automation-only SP"
  provider     = databricks.account
}

resource "databricks_permission_assignment" "add_admin_spn" {
  principal_id = data.databricks_service_principal.sp.id
  permissions  = ["ADMIN"]
  provider     = databricks.workspace
}

In workspace context, adding account-level group to a workspace:

# Use the account provider
data "databricks_group" "account_level" {
  display_name = "example-group"
  provider     = databricks.account
}

# Use the workspace provider
resource "databricks_permission_assignment" "this" {
  principal_id = data.databricks_group.account_level.id
  permissions  = ["USER"]
  provider     = databricks.workspace
}

data "databricks_group" "workspace_level" {
  display_name = "example-group"
  depends_on   = [databricks_permission_assignment.this]
  provider     = databricks.workspace
}

output "databricks_group_id" {
  value = data.databricks_group.workspace_level.id
}

Argument Reference

The following arguments are required:

Attribute Reference

In addition to all arguments above, the following attributes are exported:

Import

The resource databricks_permission_assignment can be imported using the principal id

terraform import databricks_permission_assignment.this principal_id

The following resources are used in the same context: