-
Notifications
You must be signed in to change notification settings - Fork 385
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ISSUE] Issue with databricks_user
resource loses admin role with force = true
#2648
Comments
the same bug is also on "databricks_group", I just accidentally removed "uc-admins-groups" admin role. I am also guessing it will happen on SPNs as well (not tested) |
@grusin-db once #2706 is completed (and a new release is out) - could you share the debug logs, so we understand which API calls are being made? As far as I can tell, we do not make any calls to replace the user roles, so need to understand if this behaviour happens in the backend |
Any news about this error Im facing the same problem in my terraform code I'm trying to add users dynamically from group that I have in azure when I add new user in group the terraform somehow try to destroy old users and recreate all users from beginning
I got this error :
|
The `Update` method wasn't reading the correct set of attributes when updating user (i.e. when having `force = true`) - this lead that groups were reset to empty state, and users were losing their groups association. This fixes #2648
force = true
ignores user's admin role when pulling user from admin console, and user loses the admin role as a outcome.Configuration
Expected Behavior
User's admin role defined in account console should be preserved if user is importeed for the first time.
Actual Behavior
When
force = true
tries to import a user, the admin role is being lost, due to this on mass import due to terraform state removal all users in account console will lose their admin status. Luckily attempt to remove the admin role for last user from console makes account API to throw the error.Steps to Reproduce
grzegorz.rusin@someplace.com
account admin, make other user account admin tooterraform apply
grzegorz.rusin@someplace.com
will no longer be account admin, or error will be throw ifgrzegorz.rusin@someplace.com
was the last account admin (there always has to be at least account admin or API will fail)Terraform and provider versions
1.24.1
The text was updated successfully, but these errors were encountered: