Skip to content

data-platform-hq/terraform-databricks-unity-catalog

BranchesTags

Repository files navigation

Databricks Unity Catalog Terraform module

Terraform module for creation Databricks Unity Catalog

Usage

This module manages Unity Catalog resources like Catalogs, Schemas. In addition, it is possible to manage permissions within Metastore, Catalog and Schemas.

# Configure Databricks Provider
data "azurerm_databricks_workspace" "example" {
  name                = "example-workspace"
  resource_group_name = "example-rg"
}

provider "databricks" {
  alias                       = "workspace"
  host                        = data.databricks_workspace.example.workspace_url
  azure_workspace_resource_id = data.databricks_workspace.example.id
}

locals {
  catalog_config = [

    # Catalog w/o grants
    {
      catalog_name = "catalog_with_no_grants"
    },

    # Catalog with grants
    {
      catalog_name = "catalog_with_grants"
      catalog_grants = [
        { principal = "account users", privileges = ["USE_CATALOG", "APPLY_TAG", "CREATE_SCHEMA", "SELECT"] }
      ]
    },

    # Catalog with grants and schemas
    {
      catalog_name = "catalog_with_schemas"
      catalog_grants = [{ principal = "account users", privileges = ["USE_CATALOG", "APPLY_TAG", "SELECT"] }]
      schema_configs = [
        { schema_name = "schema_01" },
        { schema_name = "schema_02" }
      ]
    },

    # Catalog with schemas where 'schema_01' and 'schema_02' have a default set of grants from 'schema_default_grants' parameter
    # and 'schema_03' has its own set of grants managed with 'schema_custom_grants' parameter
    {
      catalog_name = "catalog_custom_schema_grants"
      catalog_grants = [{ principal = "account users", privileges = ["USE_CATALOG", "APPLY_TAG"] }]
      schema_default_grants = [{ principal = "account users", privileges = ["CREATE_TABLE", "SELECT"] }]
      schema_configs = [
        { schema_name = "schema_01" },
        { schema_name = "schema_02" },
        { 
          schema_name = "schema_03", 
          schema_custom_grants = [
            { principal = "account users", privileges = ["CREATE_VOLUME", "READ_VOLUME", "WRITE_VOLUME", "SELECT"] },
          ]
        },
      ]
    },
  ]
}

module "unity_catalog" {
  source  = "data-platform/unity-catalog/databricks"
  version = "~> 2.0.0"

  catalog_config = local.catalog_config

  providers = {
    databricks = databricks.workspace
  }
  
  depends_on = [module.metastore_assignment]
}

Requirements

Name Version
terraform ~>1.3
databricks ~>1.0

Providers

Name Version
databricks ~>1.0

Modules

No modules.

Resources

Name Type
databricks_catalog.this resource
databricks_grants.catalog resource
databricks_grants.schema resource
databricks_schema.this resource
databricks_workspace_binding.this resource

Inputs

Name Description Type Default Required
catalog_config 
list(object({

    # Catalog config
    catalog_name           = string
    catalog_owner          = optional(string)         # Username/groupname/sp application_id of the catalog owner.
    catalog_storage_root   = optional(string)         # Location in cloud storage where data for managed tables will be stored
    catalog_isolation_mode = optional(string, "OPEN") # Whether the catalog is accessible from all workspaces or a specific set of workspaces. Can be ISOLATED or OPEN.
    catalog_comment        = optional(string)         # User-supplied free-form text
    catalog_properties     = optional(map(string))    # Extensible Catalog Tags.
    catalog_grants = optional(list(object({           # List of objects to set catalog permissions
      principal  = string                             # Account level group name, user or service principal app ID
      privileges = list(string)
    })), [])

    # Schemas
    schema_default_grants = optional(list(object({ # Sets default grants for each schema created by 'schema_configs' block w/o 'schema_custom_grants' parameter set
      principal  = string                          # Account level group name, user or service principal app ID
      privileges = list(string)
    })), [])

    schema_configs = optional(list(object({
      schema_name       = string
      schema_owner      = optional(string)
      schema_comment    = optional(string)
      schema_properties = optional(map(string))
      schema_custom_grants = optional(list(object({ # Overwrites 'schema_default_grants'
        principal  = string                         # Account level group name, user or service principal app ID
        privileges = list(string)
      })), [])
    })), [])
  }))
 [] no
isolated_unmanaged_catalog_bindings 
list(object({
    catalog_name = string                                      # Name of ISOLATED catalog
    binding_type = optional(string, "BINDING_TYPE_READ_WRITE") # Binding mode. Possible values are BINDING_TYPE_READ_ONLY, BINDING_TYPE_READ_WRITE
  }))
 [] no
workspace_id ID of the target workspace. string null no

Outputs

No outputs.

License

Apache 2 Licensed. For more information please see LICENSE

About

Terraform module for creation of new or managemet of already existing Databricks Unity Catalog Metastore

registry.terraform.io/modules/data-platform-hq/unity-catalog/databricks/latest

Topics

databricks terraform-module databricks-unity-catalog

Resources

Readme

License

View license
Activity
Custom properties

Stars

2 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 14

v1.3.1 Latest
Feb 17, 2025
+ 13 releases

Packages

No packages published

Contributors 5

Languages