Skip to content

Commit 3b8667f

Browse files
jjb007jjb007
authored
fix: Assign all listed Databricks usergroups to associated Databricks cluster policy groups (#728)
* fix: Assign all listed Databricks usergroups to associated Databricks cluster policies, refactor * missed * fix nesting syntax * fix iterator * fix result type * fix result type * more type conformity * fix refs * add output for debugging * flatten list * fix iterator * ticky tick * fix iterator * fix ref * use maps * removed stale piece * fix iterator * refactor * fix type * toset * fix typo * remove stale code
1 parent 21accca commit 3b8667f

File tree

2 files changed

+28
-23
lines changed

2 files changed

+28
-23
lines changed

databricks-default-cluster-policies/groups.tf

Lines changed: 25 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -3,44 +3,46 @@ locals {
33
var.policy_name_prefix,
44
])
55

6-
# Define the policies with existing groups mapped to each policy
7-
policies = var.policy_map
8-
9-
# Generate full workspace policy names by prefixing policy names
10-
all_ws_policy_names = flatten([
6+
policy_group_memberships = flatten([
117
for prefix in local.ws_policy_name_prefixes : [
12-
for policy_map in local.policies :
13-
"${prefix}${keys(policy_map)[0]}"
8+
for policy_suffix, groups_names in merge(var.policy_map...) : [
9+
for group_name in groups_names : {
10+
policy = "${prefix}${policy_suffix}",
11+
group = group_name
12+
}
13+
]
1414
]
1515
])
1616

17-
# Create a flat map of policy names to associated groups
18-
policy_group_map = merge([for policy_map in local.policies : policy_map]...)
17+
ws_cluster_policy_names = toset(flatten([for pair in local.policy_group_memberships : pair.policy]))
18+
usergroups_names = toset(flatten([for pair in local.policy_group_memberships : pair.group]))
1919
}
2020

2121
# Create Databricks groups for each policy name
22-
resource "databricks_group" "ws_policy_groups" {
23-
for_each = toset(local.all_ws_policy_names)
22+
resource "databricks_group" "ws_cluster_policy_groups" {
23+
for_each = local.ws_cluster_policy_names
2424

2525
display_name = each.key
2626
workspace_access = true
2727
}
2828

29-
# Retrieve the existing Databricks groups that need to be assigned
30-
data "databricks_group" "groups" {
31-
for_each = toset(flatten([
32-
for group in local.policy_group_map : group
33-
]))
29+
# Retrieve the existing Databricks usergroups that need to be assigned
30+
data "databricks_group" "usergroups" {
31+
for_each = local.usergroups_names
3432

3533
display_name = each.value
3634
}
3735

38-
# Assign the existing groups to the newly created policy groups
36+
# Assign user groups to policy groups per policy-usergroup pair
3937
resource "databricks_group_member" "ws_policy_group_members" {
40-
for_each = databricks_group.ws_policy_groups
41-
42-
group_id = each.value.id
43-
44-
# Assign all existing groups that correspond to this policy group
45-
member_id = data.databricks_group.groups[local.policy_group_map[replace(each.key, var.policy_name_prefix, "")][0]].id
38+
for_each = {
39+
for pair in local.policy_group_memberships :
40+
"${pair.policy}+${pair.group}" => {
41+
policy : pair.policy,
42+
group : pair.group,
43+
}
44+
}
45+
46+
group_id = databricks_group.ws_cluster_policy_groups[each.value.policy].id
47+
member_id = data.databricks_group.usergroups[each.value.group].id
4648
}

databricks-default-cluster-policies/outputs.tf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
output "policy_group_memberships" {
2+
value = local.policy_group_memberships
3+
}

0 commit comments

Comments
 (0)