[ISSUE] Provider enhancement request -> adding databricks_user_role for role assignment at account-level

[nkvuong]

Unity Catalog private preview will add account-level roles, starting with account_admin

This would require calling the SCIM API, similar to user_instance_profile. However, the ARN is currently validated so it does not work

Configuration

provider "databricks" {
  host = "https://accounts.cloud.databricks.com"
  account_id = var.account_id
  username = var.user
  password = var.password
}

resource "databricks_user" "my_user" {
  user_name = "me@example.com"
}

resource "databricks_user_role" "my_user_account_admin" {
  user_id             = databricks_user.my_user.id
  role = "account_admin"
}

Expected Behavior

This will create the me@example.com user at account-level, and assign the account admin role to my user

[nfx]

@nkvuong you've forgotten to add account_id on provider ;)

are you sure we don't need databricks_group_role as well?

[nkvuong]

we don't have role assignment to group yet, but could future proof it, as SCIM API is well known?

[nfx]

We may just add "roles" attribute to users :) though it might be more fragile.