Skip to content

Commit

Permalink
Merge pull request #12 from data-platform-hq/feat/gcp-support
Browse files Browse the repository at this point in the history
feat: gcp support
  • Loading branch information
leonidfrolov authored Jul 17, 2024
2 parents f42d680 + c10c3e1 commit 0eefd29
Show file tree
Hide file tree
Showing 5 changed files with 36 additions and 12 deletions.
12 changes: 7 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -76,13 +76,13 @@ module "databricks_locations" {
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >=1.0.0 |
| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | >=3.40.0 |
| <a name="requirement_databricks"></a> [databricks](#requirement\_databricks) | >=1.27.0 |
| <a name="requirement_databricks"></a> [databricks](#requirement\_databricks) | >=1.48.2 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_databricks"></a> [databricks](#provider\_databricks) | >=1.27.0 |
| <a name="provider_databricks"></a> [databricks](#provider\_databricks) | >=1.48.2 |

## Modules

Expand All @@ -95,19 +95,21 @@ No modules.
| [databricks_external_location.this](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/external_location) | resource |
| [databricks_grants.credential](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/grants) | resource |
| [databricks_grants.locations](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/grants) | resource |
| [databricks_storage_credential.this](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/storage_credential) | resource |
| [databricks_storage_credential.azure](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/storage_credential) | resource |
| [databricks_storage_credential.gcp](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/storage_credential) | resource |

## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_external_locations"></a> [external\_locations](#input\_external\_locations) | List of object with external location configuration attributes | <pre>list(object({<br> index = string # Index of instance, for example short name, used later to access exact external location in output map<br> name = string # Custom whole name of resource<br> url = string # Path URL in cloud storage<br> owner = optional(string) # Owner of resource<br> skip_validation = optional(bool, true) # Suppress validation errors if any & force save the external location<br> read_only = optional(bool, false) # Indicates whether the external location is read-only.<br> force_destroy = optional(bool, true)<br> force_update = optional(bool, true)<br> comment = optional(string, "External location provisioned by Terraform")<br> permissions = optional(set(object({<br> principal = string<br> privileges = list(string)<br> })), [])<br> }))</pre> | `[]` | no |
| <a name="input_storage_credential"></a> [storage\_credential](#input\_storage\_credential) | Object with storage credentials configuration attributes | <pre>object({<br> azure_access_connector_id = string # Azure Databricks Access Connector Id<br> name = string # Custom whole name of resource<br> owner = optional(string) # Owner of resource<br> force_destroy = optional(bool, true)<br> comment = optional(string, "Managed identity credential provisioned by Terraform")<br> permissions = optional(set(object({<br> principal = string<br> privileges = list(string)<br> })), [])<br> })</pre> | n/a | yes |
| <a name="input_external_locations"></a> [external\_locations](#input\_external\_locations) | List of object with external location configuration attributes | <pre>list(object({<br> index = string # Index of instance, for example short name, used later to access exact external location in output map<br> name = string # Custom whole name of resource<br> url = string # Path URL in cloud storage<br> owner = optional(string) # Owner of resource<br> skip_validation = optional(bool, true) # Suppress validation errors if any & force save the external location<br> read_only = optional(bool, false) # Indicates whether the external location is read-only.<br> force_destroy = optional(bool, true)<br> force_update = optional(bool, true)<br> comment = optional(string, "External location provisioned by Terraform")<br> isolation_mode = optional(string, null)<br> permissions = optional(set(object({<br> principal = string<br> privileges = list(string)<br> })), [])<br> }))</pre> | `[]` | no |
| <a name="input_storage_credential"></a> [storage\_credential](#input\_storage\_credential) | Object with storage credentials configuration attributes | <pre>object({<br> azure_access_connector_id = optional(string, null) # Azure Databricks Access Connector Id<br> cloud = optional(string, "azure")<br> name = string # Custom whole name of resource<br> owner = optional(string) # Owner of resource<br> force_destroy = optional(bool, true)<br> comment = optional(string, "Managed identity credential provisioned by Terraform")<br> permissions = optional(set(object({<br> principal = string<br> privileges = list(string)<br> })), [])<br> })</pre> | n/a | yes |

## Outputs

| Name | Description |
|------|-------------|
| <a name="output_databricks_gcp_service_account"></a> [databricks\_gcp\_service\_account](#output\_databricks\_gcp\_service\_account) | The email of the GCP service account created, to be granted access to relevant buckets |
| <a name="output_external_locations"></a> [external\_locations](#output\_external\_locations) | Map of objects with External Location parameters, like name, credentials name and url of target storage |
| <a name="output_storage_credential_metastore_id"></a> [storage\_credential\_metastore\_id](#output\_storage\_credential\_metastore\_id) | Storage Credential metastore id |
| <a name="output_storage_credential_name"></a> [storage\_credential\_name](#output\_storage\_credential\_name) | Storage Credential name |
Expand Down
21 changes: 18 additions & 3 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,21 @@ locals {
}
}

resource "databricks_storage_credential" "this" {
resource "databricks_storage_credential" "gcp" {
count = var.storage_credential.cloud == "gcp" ? 1 : 0

name = var.storage_credential.name
owner = var.storage_credential.owner

databricks_gcp_service_account {}

force_destroy = var.storage_credential.force_destroy
comment = var.storage_credential.comment
}

resource "databricks_storage_credential" "azure" {
count = var.storage_credential.cloud == "azure" ? 1 : 0

name = var.storage_credential.name
owner = var.storage_credential.owner

Expand All @@ -27,7 +41,7 @@ resource "databricks_storage_credential" "this" {
resource "databricks_grants" "credential" {
count = length(var.storage_credential.permissions) != 0 ? 1 : 0

storage_credential = databricks_storage_credential.this.id
storage_credential = coalesce(try(databricks_storage_credential.azure[0].id, null), try(databricks_storage_credential.gcp[0].id, null))
dynamic "grant" {
for_each = var.storage_credential.permissions
content {
Expand All @@ -43,12 +57,13 @@ resource "databricks_external_location" "this" {
name = each.value.name
owner = each.value.owner
url = each.value.url
credential_name = databricks_storage_credential.this.id
credential_name = coalesce(try(databricks_storage_credential.azure[0].id, null), try(databricks_storage_credential.gcp[0].id, null))
comment = each.value.comment
skip_validation = each.value.skip_validation
read_only = each.value.read_only
force_destroy = each.value.force_destroy
force_update = each.value.force_update
isolation_mode = each.value.isolation_mode
}

resource "databricks_grants" "locations" {
Expand Down
9 changes: 7 additions & 2 deletions outputs.tf
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
output "storage_credential_name" {
value = databricks_storage_credential.this.name
value = coalesce(try(databricks_storage_credential.azure[0].name, null), try(databricks_storage_credential.gcp[0].name, null))
description = "Storage Credential name"
}

output "storage_credential_metastore_id" {
value = databricks_storage_credential.this.metastore_id
value = coalesce(try(databricks_storage_credential.azure[0].metastore_id, null), try(databricks_storage_credential.gcp[0].metastore_id, null))
description = "Storage Credential metastore id"
}

Expand All @@ -16,3 +16,8 @@ output "external_locations" {
} }
description = "Map of objects with External Location parameters, like name, credentials name and url of target storage"
}

output "databricks_gcp_service_account" {
value = try(databricks_storage_credential.gcp[0].databricks_gcp_service_account[0].email, null)
description = "The email of the GCP service account created, to be granted access to relevant buckets"
}
4 changes: 3 additions & 1 deletion variables.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
variable "storage_credential" {
type = object({
azure_access_connector_id = string # Azure Databricks Access Connector Id
azure_access_connector_id = optional(string, null) # Azure Databricks Access Connector Id
cloud = optional(string, "azure")
name = string # Custom whole name of resource
owner = optional(string) # Owner of resource
force_destroy = optional(bool, true)
Expand All @@ -24,6 +25,7 @@ variable "external_locations" {
force_destroy = optional(bool, true)
force_update = optional(bool, true)
comment = optional(string, "External location provisioned by Terraform")
isolation_mode = optional(string, null)
permissions = optional(set(object({
principal = string
privileges = list(string)
Expand Down
2 changes: 1 addition & 1 deletion versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ terraform {
}
databricks = {
source = "databricks/databricks"
version = ">=1.27.0"
version = ">=1.48.2"
}
}
}

0 comments on commit 0eefd29

Please sign in to comment.