Terraform import Databricks workspace - public network access enabled

I have a brownfield environment where I want to manage a previously deployed Databricks workspace (manually) by Terraform.

I have imported the databricks workspace into the (remote) state file and now when rerunning plan again, it tries to modify the public_network_access_enabled argument, but replacing (destroying) the resource in the process. It doesn’t matter whether I set the true or false value for the argument or leave the argument out in my code entirely (which was initially the case).

See screenshots:


I believe it has to do with the fact that this public network access control is a feature implemented after the databricks workspace was deployed (already a few years ago). As we have a lot of code, jobs, policies and other integrations set within this databricks workspace, recreating it is not an option (for now, as we don’t have everything in code yet). Is a migration the only option?

@eddylu1s i think this is an issue in azurerm provider, that you have to create on the respective github reppository.

But as a side node, https://registry.terraform.io/providers/databrickslabs/databricks/latest/docs/guides/experimental-exporter can help to generating .tf files for any existing Databricks workspace, so you may migrate manually created Databricks resources into Terraform easier…