[FEATURE] New data block `databricks_users`

[w0ut0]

Use-cases

I want to be able to get all users provisioned to my Databricks account (or, depending on provider configuration, workspace). My use case is adding them to a certain 'default' catalog (or group), and create a schema for every user that they can use as 'personal space'.

Attempted Solutions

• I can use AzureAD provider to query the SCIM app, and go from there, but this is not clean (nor cloud-agnostic).
• I can also use data block databricks_group to fetch the built-in group account users (or users in a workspace context).

Proposal

A data block that uses the account-level List users endpoint. Should be have similar as existing databricks_service_principals.

data "databricks_users" "users" {
  display_name_contains = "@domain.org"
}

• display_name_contains - (Optional) Only return display name that match the given name string

I see it returning 2 possible outputs:

• either a map of user_id => display_name mapping, that can then be used in databricks_user data block to fetch further details (like how it is done for databricks_service_principals, or
• a list of users, with some basic attributes like id, external_id, user_name, display_name,.. (similar to azuread_users)

References

• databricks_service_principals
• databricks_user
• azuread_users
• accounts rest api
• workspace rest api

[Serpinex3]

In addition to @w0ut0 request, we would also be happy having a databricks_groups data source similar to databricks_service_principals with an optional attribute display_name_contains.

Something like this:

data "databricks_groups" "groups" {
  display_name_contains = "xyz"
}

This data source would allow us to retrieve a list of all SCIM provisioned Entra ID groups and pass the information (e.g. the Databricks internal group ID) via a configuration store to all our downstream users.