Merge pull request #26 from data-platform-hq/fix/condition-in-resource-permissions

owlleg6 · web-flow · commit 39171946b1f7 · 2023-05-20T11:51:39.000+03:00
fix: updated condition for resource permissions
diff --git a/permissions.tf b/permissions.tf
@@ -17,7 +17,7 @@ resource "databricks_permissions" "clusters" {
   dynamic "access_control" {
     for_each = each.value.permissions
     content {
-      group_name       = length(var.iam_workspace_groups) != 0 ? data.databricks_group.account_groups[access_control.value.group_name].display_name : databricks_group.this[access_control.value.group_name].display_name
+      group_name       = length(var.iam_account_groups) != 0 ? data.databricks_group.account_groups[access_control.value.group_name].display_name : databricks_group.this[access_control.value.group_name].display_name
       permission_level = access_control.value.permission_level
     }
   }
@@ -34,7 +34,7 @@ resource "databricks_permissions" "sql_endpoint" {
   dynamic "access_control" {
     for_each = each.value.permissions
     content {
-      group_name       = length(var.iam_workspace_groups) != 0 ? data.databricks_group.account_groups[access_control.value.group_name].display_name : databricks_group.this[access_control.value.group_name].display_name
+      group_name       = length(var.iam_account_groups) != 0 ? data.databricks_group.account_groups[access_control.value.group_name].display_name : databricks_group.this[access_control.value.group_name].display_name
       permission_level = access_control.value.permission_level
     }
   }
@@ -44,6 +44,6 @@ resource "databricks_secret_acl" "this" {
   for_each = { for entry in local.secrets_acl_objects_list : "${entry.scope}.${entry.principal}.${entry.permission}" => entry }
 
   scope      = databricks_secret_scope.this[each.value.scope].name
-  principal  = length(var.iam_workspace_groups) != 0 ? data.databricks_group.account_groups[each.value.principal].display_name : databricks_group.this[each.value.principal].display_name
+  principal  = length(var.iam_account_groups) != 0 ? data.databricks_group.account_groups[each.value.principal].display_name : databricks_group.this[each.value.principal].display_name
   permission = each.value.permission
 }

Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@ resource "databricks_permissions" "clusters" {`
`17`	`17`	`dynamic "access_control" {`
`18`	`18`	`for_each = each.value.permissions`
`19`	`19`	`content {`
`20`		`- group_name = length(var.iam_workspace_groups) != 0 ? data.databricks_group.account_groups[access_control.value.group_name].display_name : databricks_group.this[access_control.value.group_name].display_name`
	`20`	`+ group_name = length(var.iam_account_groups) != 0 ? data.databricks_group.account_groups[access_control.value.group_name].display_name : databricks_group.this[access_control.value.group_name].display_name`
`21`	`21`	`permission_level = access_control.value.permission_level`
`22`	`22`	`}`
`23`	`23`	`}`
`@@ -34,7 +34,7 @@ resource "databricks_permissions" "sql_endpoint" {`
`34`	`34`	`dynamic "access_control" {`
`35`	`35`	`for_each = each.value.permissions`
`36`	`36`	`content {`
`37`		`- group_name = length(var.iam_workspace_groups) != 0 ? data.databricks_group.account_groups[access_control.value.group_name].display_name : databricks_group.this[access_control.value.group_name].display_name`
	`37`	`+ group_name = length(var.iam_account_groups) != 0 ? data.databricks_group.account_groups[access_control.value.group_name].display_name : databricks_group.this[access_control.value.group_name].display_name`
`38`	`38`	`permission_level = access_control.value.permission_level`
`39`	`39`	`}`
`40`	`40`	`}`
`@@ -44,6 +44,6 @@ resource "databricks_secret_acl" "this" {`
`44`	`44`	`for_each = { for entry in local.secrets_acl_objects_list : "${entry.scope}.${entry.principal}.${entry.permission}" => entry }`
`45`	`45`
`46`	`46`	`scope = databricks_secret_scope.this[each.value.scope].name`
`47`		`- principal = length(var.iam_workspace_groups) != 0 ? data.databricks_group.account_groups[each.value.principal].display_name : databricks_group.this[each.value.principal].display_name`
	`47`	`+ principal = length(var.iam_account_groups) != 0 ? data.databricks_group.account_groups[each.value.principal].display_name : databricks_group.this[each.value.principal].display_name`
`48`	`48`	`permission = each.value.permission`
`49`	`49`	`}`