CODEWITHSUNDEEP
databricksazure-databricksdatabricks-unity-catalog
ErikR
ErikR

Reputation: 590

Creating a metastore for Azure Databricks Unity Catalog through terraform fails

Creating a metastore for Unity Catalog through terraform fails with this error message:

Error: cannot create metastore: Only account admin can create metastores. \ 
Using databricks-cli auth: host=https://{wsname}.azuredatabricks.net, \
token=***REDACTED***, profile=DEFAULT

My config is setup like this:

resource "databricks_metastore" "this" {
  name = "primary"
  storage_root = format("abfss://%s@%s.dfs.core.windows.net/",
    azurerm_storage_account.storage.name,
  azurerm_storage_container.container.name)
  force_destroy = true
}

resource "databricks_metastore_assignment" "this" {
  metastore_id = databricks_metastore.this.id
  workspace_id = data.azurerm_databricks_workspace.oat.workspace_id
}

The documentation regarding Azure Databricks administrators lists up four different kinds of administrators, but I fail to see how I can see check who is Azure Databricks account admins.

In short, I have the same error as Not finding Unity Catalog "Create Metastore" in Azure Databricks

Upvotes: 1

Views: 1816

Answers (1)

Kombajn zbożowy
Kombajn zbożowy

Reputation: 10703

Your account is a workspace admin. Account administrator is one level above.

This Unity Catalog documentation describes how you become account administrator:

The first Azure Databricks account admin must be an Azure Active Directory Global Administrator at the time that they first log in to the Azure Databricks account console. Upon first login, that user becomes an Azure Databricks account admin and no longer needs the Azure Active Directory Global Administrator role to access the Azure Databricks account.

Thus, you need Global Administrator role in Azure for the user that is running Terraform.

Upvotes: 2

Related Questions