feat: module and example to create compute policies#226
feat: module and example to create compute policies#226steven-muschler wants to merge 7 commits intodatabricks:mainfrom
Conversation
…te policies using policy families
| policy_key = "personal-vm" | ||
| policy_family_id = "personal-vm" |
There was a problem hiding this comment.
do we need both if they are the same?
There was a problem hiding this comment.
@alexott let me put in a better example for this scenario. The reason these are separate because DLT/SDP does not have a policy family, but requires specific policy elements like cluster_type
Description for all variables Remove alias as only one provider is used in this example Show example of when policy_key and policy_family_id are different
There was a problem hiding this comment.
Pull request overview
This PR introduces a Terraform module for creating Databricks cluster policies based on policy families, with support for environment-specific configurations and team-level customization. The implementation provides a reusable framework for managing compute policies across different teams and environments.
Changes:
- Added a new Terraform module
cluster-policy-from-policy-familythat creates cluster policies with configurable overrides - Implemented JSON-based policy configurations for different environments (dev/prod), runtimes (standard/ML), and cluster types
- Created an example configuration demonstrating multi-team policy deployment with team-specific overrides
Reviewed changes
Copilot reviewed 18 out of 18 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| modules/cluster-policy-from-policy-family/variables.tf | Defines input variables for team, environment, policy version, and override configurations |
| modules/cluster-policy-from-policy-family/provider.tf | Configures required Databricks provider |
| modules/cluster-policy-from-policy-family/outputs.tf | Exposes the created policy ID |
| modules/cluster-policy-from-policy-family/cluster-policies.tf | Main module logic that merges policy configurations and creates resources |
| modules/cluster-policy-from-policy-family/cluster_policy_json/*.json | JSON configuration files for various policy components |
| modules/cluster-policy-from-policy-family/README.md | Module documentation |
| modules/cluster-policy-from-policy-family/Makefile | Build targets for documentation generation |
| examples/cluster-policies/*.tf | Example implementation showing multi-team usage |
| examples/cluster-policies/example.tfvars | Sample variable values for the example |
| examples/cluster-policies/README.md | Example documentation |
| examples/cluster-policies/Makefile | Build targets for example documentation |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 18 out of 18 changed files in this pull request and generated 13 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
| group_assignments = list(string) | ||
| service_principal_assignments = list(string) | ||
| user_assignments = list(string) |
There was a problem hiding this comment.
let's make them optional with [] as default
| policy_key = "sdp-cluster" | ||
| policy_family_id = "job-cluster" | ||
| group_assignments = ["groupA"] | ||
| service_principal_assignments = [] |
There was a problem hiding this comment.
we would be able to remove these default values if we change the declaration of a variable
2 participants
Adding in TF module and example that demonstrates how to create compute policies using policy families and allow for team specific overrides