Module databricks access connector (#1933)

* adding dac module * Update databricks_access_connectors.tf * Update main.tf * Update configuration.tfvars
aztfmod · Mar 15, 2024 · 61f82e1 · 61f82e1
1 parent 721aa7c
commit 61f82e1
Show file tree

Hide file tree

Showing 12 changed files with 134 additions and 0 deletions.
diff --git a/databricks_access_connectors.tf b/databricks_access_connectors.tf
@@ -0,0 +1,18 @@
+module "databricks_access_connectors" {
+  source   = "./modules/analytics/databricks_access_connector"
+  for_each = local.database.databricks_access_connectors
+
+  client_config     = local.client_config
+  global_settings   = local.global_settings
+  name              = each.value.name
+  settings          = each.value
+  resource_groups   = local.combined_objects_resource_groups
+  base_tags         = local.global_settings.inherit_tags
+  remote_objects = {
+    managed_identities = local.combined_objects_managed_identities
+  }
+}
+
+output "databricks_access_connectors" {
+  value = module.databricks_access_connectors
+}
diff --git a/examples/databricks_access_connectors/100-databricks_access_connectors/configuration.tfvars b/examples/databricks_access_connectors/100-databricks_access_connectors/configuration.tfvars
@@ -0,0 +1,34 @@
+global_settings = {
+  default_region = "region1"
+  regions = {
+    region1 = "australiaeast"
+  }
+}
+
+resource_groups = {
+  dac_test = {
+    name = "rg-databricks-access-connectors"
+  }
+}
+
+databricks_access_connectors = {
+  dac_1 = {
+      name = "example-name"
+      resource_group_key = "dac_test"
+      identity = {
+        type   = "UserAssigned" #SystemAssigned
+        managed_identity_keys = ["dac_test"]
+    }
+     tags = {
+       test = "test"
+       test1 = "test1"
+     }
+  }
+}
+
+managed_identities = {
+  dac_test = {
+    name               = "mi-dac-test"
+    resource_group_key = "dac_test"
+  }
+}
diff --git a/examples/module.tf b/examples/module.tf
@@ -141,6 +141,7 @@ module "example" {
     databricks_workspaces              = var.databricks_workspaces
     database_migration_services        = var.database_migration_services
     databricks_workspaces              = var.databricks_workspaces
+    databricks_access_connectors       = var.databricks_access_connectors
     machine_learning_workspaces        = var.machine_learning_workspaces
     mariadb_servers                    = var.mariadb_servers
     mariadb_databases                  = var.mariadb_databases

diff --git a/examples/variables.tf b/examples/variables.tf
@@ -355,6 +355,9 @@ variable "batch_pools" {
 variable "databricks_workspaces" {
   default = {}
 }
+variable "databricks_access_connectors" {
+  default = {}
+}
 variable "machine_learning_workspaces" {
   default = {}
 }

diff --git a/local.remote_objects.tf b/local.remote_objects.tf
@@ -41,6 +41,7 @@ locals {
     container_registry                             = try(local.combined_objects_container_registry, null)
     cosmos_dbs                                     = try(local.combined_objects_cosmos_dbs, null)
     databricks_workspaces                          = try(local.combined_objects_databricks_workspaces, null)
+    databricks_access_connectors                   = try(local.combined_objects_databricks_access_connectors, null)
     data_factory                                   = try(local.combined_objects_data_factory, null)
     data_factory_integration_runtime_azure_ssis    = try(local.combined_objects_data_factory_integration_runtime_azure_ssis, null)
     data_factory_linked_service_azure_blob_storage = try(local.combined_objects_data_factory_linked_service_azure_blob_storage, null)

diff --git a/locals.combined_objects.tf b/locals.combined_objects.tf
@@ -64,6 +64,7 @@ locals {
   combined_objects_data_factory_pipeline                          = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_pipeline }), try(var.remote_objects.data_factory_pipeline, {}))
   combined_objects_database_migration_services                    = merge(tomap({ (local.client_config.landingzone_key) = module.database_migration_services }), try(var.remote_objects.database_migration_services, {}))
   combined_objects_databricks_workspaces                          = merge(tomap({ (local.client_config.landingzone_key) = module.databricks_workspaces }), try(var.remote_objects.databricks_workspaces, {}), try(var.data_sources.databricks_workspaces, {}))
+  combined_objects_databricks_access_connectors                   = merge(tomap({ (local.client_config.landingzone_key) = module.databricks_access_connectors }), try(var.remote_objects.databricks_access_connectors, {}), try(var.data_sources.databricks_access_connectors, {}))
   combined_objects_ddos_services                                  = merge(tomap({ (local.client_config.landingzone_key) = azurerm_network_ddos_protection_plan.ddos_protection_plan }), try(var.remote_objects.ddos_services, {}), try(var.remote_objects.ddos_services, {}))
   combined_objects_dedicated_host_groups                          = merge(tomap({ (local.client_config.landingzone_key) = module.dedicated_host_groups }), try(var.remote_objects.dedicated_host_groups, {}), try(var.data_sources.dedicated_host_groups, {}))
   combined_objects_dedicated_hosts                                = merge(tomap({ (local.client_config.landingzone_key) = module.dedicated_hosts }), try(var.remote_objects.dedicated_hosts, {}), try(var.data_sources.dedicated_hosts, {}))

diff --git a/locals.tf b/locals.tf
@@ -122,6 +122,7 @@ locals {
     database_migration_services        = try(var.database.database_migration_services, {})
     database_migration_projects        = try(var.database.database_migration_projects, {})
     databricks_workspaces              = try(var.database.databricks_workspaces, {})
+    databricks_access_connectors       = try(var.database.databricks_access_connectors, {})
     machine_learning_workspaces        = try(var.database.machine_learning_workspaces, {})
     mariadb_databases                  = try(var.database.mariadb_databases, {})
     mariadb_servers                    = try(var.database.mariadb_servers, {})

diff --git a/modules/analytics/databricks_access_connector/main.tf b/modules/analytics/databricks_access_connector/main.tf
@@ -0,0 +1,18 @@
+locals {
+  tags = var.base_tags ? merge(
+    var.global_settings.tags,
+    try(var.resource_groups.tags, null),
+    try(var.settings.tags, null)
+  ) : try(var.settings.tags, null)
+
+
+  resource_group  = var.resource_groups[try(var.settings.lz_key, var.settings.resource_group.lz_key, var.client_config.landingzone_key)][try(var.settings.resource_group.key, var.settings.resource_group_key)]
+}
+
+terraform {
+  required_providers {
+    azurecaf = {
+      source = "aztfmod/azurecaf"
+    }
+  }
+}
diff --git a/modules/analytics/databricks_access_connector/managed_identities.tf b/modules/analytics/databricks_access_connector/managed_identities.tf
@@ -0,0 +1,17 @@
+locals {
+  managed_local_identities = flatten([
+    for managed_identity_key in try(var.settings.identity.managed_identity_keys, []) : [
+      var.remote_objects.managed_identities[var.client_config.landingzone_key][managed_identity_key].id
+    ]
+  ])
+
+  managed_remote_identities = flatten([
+    for lz_key, value in try(var.settings.identity.remote, []) : [
+      for managed_identity_key in value.managed_identity_keys : [
+        var.remote_objects.managed_identities[lz_key][managed_identity_key].id
+      ]
+    ]
+  ])
+
+  managed_identities = concat(local.managed_local_identities, local.managed_remote_identities)
+}
diff --git a/modules/analytics/databricks_access_connector/module.tf b/modules/analytics/databricks_access_connector/module.tf
@@ -0,0 +1,15 @@
+resource "azurerm_databricks_access_connector" "databricks_access_connector" {
+  name                = var.name
+  resource_group_name = local.resource_group.name
+  location            = lookup(var.settings, "region", null) == null ? local.resource_group.location : var.global_settings.regions[var.settings.region]
+  tags                = local.tags
+
+  dynamic "identity" {
+    for_each = can(var.settings.identity) ? [var.settings.identity] : []
+    content {
+      type         = identity.value.type
+      identity_ids = concat(local.managed_identities, try(identity.value.identity_ids, []))
+    }
+  }
+
+}
diff --git a/modules/analytics/databricks_access_connector/output.tf b/modules/analytics/databricks_access_connector/output.tf
@@ -0,0 +1,4 @@
+output "id" {
+  description = "The ID of the Manages a Databricks Access Connector."
+  value       = azurerm_databricks_access_connector.databricks_access_connector.id
+}
diff --git a/modules/analytics/databricks_access_connector/variables.tf b/modules/analytics/databricks_access_connector/variables.tf
@@ -0,0 +1,21 @@
+variable "name" {
+  default = null
+}
+variable "settings" {}
+
+variable "global_settings" {
+  description = "Global settings object (see module README.md)"
+}
+
+variable "client_config" {
+  description = "Client configuration object (see module README.md)."
+}
+
+variable "resource_groups" {
+  default = {}
+}
+variable "base_tags" {
+  description = "Base tags for the resource to be inherited from the resource group."
+  type        = bool
+}
+variable "remote_objects" {}