Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ISSUE] Issue with databricks_connection resource #4471

Open
840 opened this issue Feb 5, 2025 · 0 comments · May be fixed by #4474
Open

[ISSUE] Issue with databricks_connection resource #4471

840 opened this issue Feb 5, 2025 · 0 comments · May be fixed by #4474
Assignees
@840

Comments

@840
Copy link
Contributor

840 commented Feb 5, 2025
edited
Loading

When creating a databricks_connection with Snowflake using PEM private key. Everytime you re-apply the Terraform resource, a change will be detected even though nothing has changed in the Terraform code.

Configuration

resource "databricks_connection" "this" {
  name            = "<REDACTED>"
  connection_type = "SNOWFLAKE"

  options = {
    "host"        = "<snowflake-host>"
    "port"        = "443"
    "sfWarehouse" = "<snowflake-warehouse>"
    "user"        = "<snowflake-user>"
    "pem_private_key" = "<base64-encoded-private-key>"
  }
}

First run:

> terraform apply  

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # databricks_connection.this will be created
  + resource "databricks_connection" "this" {
      + connection_type = "SNOWFLAKE"
      + id              = (known after apply)
      + metastore_id    = (known after apply)
      + name            = "<REDACTED>"
      + options         = (sensitive value)
      + owner           = (known after apply)
      + read_only       = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

databricks_connection.this: Creating...
databricks_connection.this: Creation complete after 1s [id=<REDACTED>|<REDACTED>]

Subsequent run:

> terraform apply

databricks_connection.this: Refreshing state... [id=<REDACTED>|<REDACTED>]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # databricks_connection.this will be updated in-place
  ~ resource "databricks_connection" "this" {
        id              = "<REDACTED>"
        name            = "<REDACTED>"
      ~ options         = (sensitive value)
        # (4 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value:

The reason is because the /api/2.1/unity-catalog/connections/<connection-name> endpoint for a Snowflake connection returns the attribute pem_private_key_expiration_epoch_sec which changes depending on when the plan is executed. Because this changes all the time, it will always be seen as a drift.

Expected Behavior

Subsequent applies for the databricks_connection resource without any changes should not result into drifts.

Actual Behavior

Subsequent applies for the databricks_connection resource result into drifts because of the pem_private_key_expiration_epoch_sec attribute.

Steps to Reproduce

  1. terraform apply
  2. terraform apply (again)

Terraform and provider versions

Terraform v1.7.5
on darwin_arm64
+ provider registry.terraform.io/databricks/databricks v1.64.1

Would you like to implement a fix?

Yes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@840 840

Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@840