Merge pull request #42 from data-platform-hq/support_system_schemas_e…

…nablement fix: support system schemas
data-platform-hq · Feb 26, 2024 · cc66516 · cc66516
2 parents 02be393 + ffb140c
commit cc66516
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -202,6 +202,7 @@ No modules.
 | [databricks_service_principal.this](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/service_principal) | resource |
 | [databricks_sql_endpoint.this](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/sql_endpoint) | resource |
 | [databricks_sql_global_config.this](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/sql_global_config) | resource |
+| [databricks_system_schema.this](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/system_schema) | resource |
 | [databricks_token.pat](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/token) | resource |
 | [databricks_user.this](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/user) | resource |
 | [databricks_workspace_conf.this](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/workspace_conf) | resource |
@@ -231,6 +232,8 @@ No modules.
 | <a name="input_secret_scope"></a> [secret\_scope](#input\_secret\_scope) | Provides an ability to create custom Secret Scope, store secrets in it and assigning ACL for access management<br>scope\_name - name of Secret Scope to create;<br>acl - list of objects, where 'principal' custom group name, this group is created in 'Premium' module; 'permission' is one of "READ", "WRITE", "MANAGE";<br>secrets - list of objects, where object's 'key' param is created key name and 'string\_value' is a value for it; | <pre>list(object({<br>    scope_name = string<br>    acl = optional(list(object({<br>      principal  = string<br>      permission = string<br>    })))<br>    secrets = optional(list(object({<br>      key          = string<br>      string_value = string<br>    })))<br>  }))</pre> | <pre>[<br>  {<br>    "acl": null,<br>    "scope_name": null,<br>    "secrets": null<br>  }<br>]</pre> | no |
 | <a name="input_sql_endpoint"></a> [sql\_endpoint](#input\_sql\_endpoint) | Set of objects with parameters to configure SQL Endpoint and assign permissions to it for certain custom groups | <pre>set(object({<br>    name                      = string<br>    cluster_size              = optional(string, "2X-Small")<br>    min_num_clusters          = optional(number, 0)<br>    max_num_clusters          = optional(number, 1)<br>    auto_stop_mins            = optional(string, "30")<br>    enable_photon             = optional(bool, false)<br>    enable_serverless_compute = optional(bool, false)<br>    spot_instance_policy      = optional(string, "COST_OPTIMIZED")<br>    warehouse_type            = optional(string, "PRO")<br>    permissions = optional(set(object({<br>      group_name       = string<br>      permission_level = string<br>    })), [])<br>  }))</pre> | `[]` | no |
 | <a name="input_suffix"></a> [suffix](#input\_suffix) | Optional suffix that would be added to the end of resources names. | `string` | `""` | no |
+| <a name="input_system_schemas"></a> [system\_schemas](#input\_system\_schemas) | Set of strings with all possible System Schema names | `set(string)` | <pre>[<br>  "access",<br>  "billing",<br>  "compute",<br>  "marketplace",<br>  "storage"<br>]</pre> | no |
+| <a name="input_system_schemas_enabled"></a> [system\_schemas\_enabled](#input\_system\_schemas\_enabled) | System Schemas only works with assigned Unity Catalog Metastore. Boolean flag to enabled this feature | `bool` | `false` | no |
 | <a name="input_user_object_ids"></a> [user\_object\_ids](#input\_user\_object\_ids) | Map of AD usernames and corresponding object IDs | `map(string)` | `{}` | no |
 | <a name="input_workspace_admins"></a> [workspace\_admins](#input\_workspace\_admins) | Provide users or service principals to grant them Admin permissions in Workspace. | <pre>object({<br>    user              = list(string)<br>    service_principal = list(string)<br>  })</pre> | <pre>{<br>  "service_principal": null,<br>  "user": null<br>}</pre> | no |
 

diff --git a/main.tf b/main.tf
@@ -51,3 +51,9 @@ resource "databricks_sql_endpoint" "this" {
   }
   depends_on = [databricks_sql_global_config.this]
 }
+
+resource "databricks_system_schema" "this" {
+  for_each = var.system_schemas_enabled ? var.system_schemas : toset([])
+
+  schema = each.value
+}
diff --git a/variables.tf b/variables.tf
@@ -231,3 +231,15 @@ variable "mount_cluster_name" {
   description = "Name of the cluster that will be used during storage mounting. If mount_adls_passthrough == true, cluster should also have option cluster_conf_passthrought == true"
   default     = null
 }
+
+variable "system_schemas" {
+  type        = set(string)
+  description = "Set of strings with all possible System Schema names"
+  default     = ["access", "billing", "compute", "marketplace", "storage"]
+}
+
+variable "system_schemas_enabled" {
+  type        = bool
+  description = "System Schemas only works with assigned Unity Catalog Metastore. Boolean flag to enabled this feature"
+  default     = false
+}