Skip to content

Commit

Permalink
Improve databricks_group documentation (databricks#1816)
Browse files Browse the repository at this point in the history
* Correct and improve group documentation

* Update group.md

Co-authored-by: Alex Ott <alexey.ott@databricks.com>
  • Loading branch information
fuselessmatt and alexott authored Jan 9, 2023
1 parent 11c16ff commit 405c490
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions docs/resources/group.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@ subcategory: "Security"
---
# databricks_group Resource

This resource allows you to manage [groups in Databricks Workspace](https://docs.databricks.com/administration-guide/users-groups/groups.html), [Databricks Account Console](https://accounts.cloud.databricks.com/) or [Azure Databricks Account Console](https://accounts.azuredatabricks.net). You can also [associate](group_member.md) Databricks users and [service principals](service_principal.md) to groups. This is useful if you are using an application to sync users & groups with SCIM API.
This resource allows you to manage both [account groups and workspace-local groups](https://docs.databricks.com/administration-guide/users-groups/groups.html). You can use the [databricks_group_member resource](group_member.md) to assign Databricks users, [service principals](service_principal.md) as well as other groups as members of the group. This is useful if you are using an application to sync users & groups with SCIM API.

-> **Note** To assign account level groups to workspace use [databricks_mws_permission_assignment](mws_permission_assignment.md).
-> **Note** To assign an account level group to a workspace use [databricks_mws_permission_assignment](mws_permission_assignment.md).

To create groups in the Databricks account, the provider must be configured with `host = "https://accounts.cloud.databricks.com"` on AWS deployments or `host = "https://accounts.azuredatabricks.net"` and authenticate using [AAD tokens](https://registry.terraform.io/providers/databricks/databricks/latest/docs#special-configurations-for-azure) on Azure deployments
To create account groups in the Databricks account, the provider must be configured accordingly. On AWS deployment with `host = "https://accounts.cloud.databricks.com"` and `account_id = "00000000-0000-0000-0000-000000000000"`. On Azure deployments `host = "https://accounts.azuredatabricks.net"`, `account_id = "00000000-0000-0000-0000-000000000000"` and using [AAD tokens](https://registry.terraform.io/providers/databricks/databricks/latest/docs#special-configurations-for-azure) as authentication.

Recommended to use along with Identity Provider SCIM provisioning to populate users into those groups:

Expand Down

0 comments on commit 405c490

Please sign in to comment.