https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# aws
s
This message was deleted.
s
I have not yet figured that out. See https://pulumi-community.slack.com/archives/CRH5ENVDX/p1694207839918349 I am waiting for input from @billowy-army-68599 there
But from reading the databricks docs it sounds like their APIs strongly favour non password-based auth approaches i.e. tokens or other means.
a
True - I had this approach for the workspaces. As for mng. acc.: Right now I am stuck even being able to enable passwords for the other account I provisioned as a SA. Currently using SSO - but password still works for my own account. I found a SCIM token, but wondering how it can be used - if at all.
s
did you figure out a solution?
a
No, I used the Cloudformation template for the workspace and then API token for my workspace user for configuring the workspace. Eg. no AWS IAM in use from Pulumi side.
s
I figured out how to set up the workspace from pulumi (almost)
🙌 1
just need to set some more AWS policies around S3
@ambitious-agent-35343 do you add users using Pulumi? Does this work or fail for you? By the way jaxxstorm created this awesome sample here https://github.com/jaxxstorm/pulumi-examples/tree/main/python/aws/databricks maybe this is useful for you as well.
🎉 1
👀 1
a
Thank you for sharing this with me Georg and great work @billowy-army-68599! I am currently opting for a hybrid approach and migrating new users to IaC. Using getOrCreate function for all other users and their group allocation. But again, not much for using my personal account for administering the mng account. Instead I will be using pulumi with access_token for each workspace which is less nice.
Open in Slack
PreviousNext
Powered by