some fixes

Author: mgyucht

docs/resources/mws_workspaces.md

@@ -323,6 +323,7 @@ The following arguments are available:
 * `deployment_name` - (Optional) part of URL as in `https://<prefix>-<deployment-name>.cloud.databricks.com`. Deployment name cannot be used until a deployment name prefix is defined. Please contact your Databricks representative. Once a new deployment prefix is added/updated, it only will affect the new workspaces created.
 * `workspace_name` - name of the workspace, will appear on UI.
 * `network_id` - (Optional) `network_id` from [networks](mws_networks.md).
+* `credentials_id` - (AWS only) ID of the workspace's credential configuration object.
 * `aws_region` - (AWS only) region of VPC.
 * `storage_configuration_id` - (AWS only)`storage_configuration_id` from [storage configuration](mws_storage_configurations.md).
 * `managed_services_customer_managed_key_id` - (Optional) `customer_managed_key_id` from [customer managed keys](mws_customer_managed_keys.md) with `use_cases` set to `MANAGED_SERVICES`. This is used to encrypt the workspace's notebook and secret data in the control plane.
@@ -331,7 +332,9 @@ The following arguments are available:
 * `cloud_resource_container` - (GCP only) A block that specifies GCP workspace configurations, consisting of following blocks:
   * `gcp` - A block that consists of the following field:
     * `project_id` - The Google Cloud project ID, which the workspace uses to instantiate cloud resources for your workspace.
-* `gke_config` - (GCP only) A block that specifies GKE configuration for the Databricks workspace:
+* `gcp_managed_network_config` - (GCP only) A block that describes the network configuration for workspaces with Databricks-managed networks.
+  * `subnet_cidr` - The IP range from which to allocate GKE cluster nodes. No bigger than `/9` and no smaller than `/29`.
+* `gke_config` - (GCP only, deprecated) A block that specifies GKE configuration for the Databricks workspace:
   * `connectivity_type`: Specifies the network connectivity types for the GKE nodes and the GKE master network. Possible values are: `PRIVATE_NODE_PUBLIC_MASTER`, `PUBLIC_NODE_PUBLIC_MASTER`.
   * `master_ip_range`: The IP range from which to allocate GKE cluster master resources. This field will be ignored if GKE private cluster is not enabled. It must be exactly as big as `/28`.
 * `private_access_settings_id` - (Optional) Canonical unique identifier of [databricks_mws_private_access_settings](mws_private_access_settings.md) in Databricks Account.
@@ -351,24 +354,25 @@ You can specify a `token` block in the body of the workspace resource, so that T
 
 On AWS, the following arguments could be modified after the workspace is running:
 
-* `network_id` - Modifying [networks on running workspaces](mws_networks.md#modifying-networks-on-running-workspaces-aws-only) would require three separate `terraform apply` steps.
 * `credentials_id`
-* `storage_customer_managed_key_id`
-* `private_access_settings_id`
 * `custom_tags`
+* `managed_services_customer_managed_key_id`
+* `network_id` - Modifying [networks on running workspaces](mws_networks.md#modifying-networks-on-running-workspaces-aws-only) would require three separate `terraform apply` steps.
+* `private_access_settings_id`
+* `storage_customer_managed_key_id`
 
 ## Attribute Reference
 
 In addition to all arguments above, the following attributes are exported:
 
 * `id` - (String) Canonical unique identifier for the workspace, of the format `<account-id>/<workspace-id>`
+* `creation_time` - (Integer) time when workspace was created
+* `custom_tags` - (Map) Custom Tags (if present) added to workspace
+* `gcp_workspace_sa` - (String, GCP only) identifier of a service account created for the workspace in form of `db-<workspace-id>@prod-gcp-<region>.iam.gserviceaccount.com`
 * `workspace_id` - (String) workspace id
 * `workspace_status_message` - (String) updates on workspace status
 * `workspace_status` - (String) workspace status
-* `creation_time` - (Integer) time when workspace was created
 * `workspace_url` - (String) URL of the workspace
-* `custom_tags` - (Map) Custom Tags (if present) added to workspace
-* `gcp_workspace_sa` - (String, GCP only) identifier of a service account created for the workspace in form of `db-<workspace-id>@prod-gcp-<region>.iam.gserviceaccount.com`
 
 ## Timeouts
 

mws/resource_mws_workspaces.go

@@ -28,8 +28,12 @@ import (
 // this may help with local DNS cache issues.
 const DefaultProvisionTimeout = 20 * time.Minute
 
-// Workspace is the object that contains all the information for deploying a workspace
-type Workspace struct {
+// workspaceReachableRequestTimeout is the amount of seconds to wait when polling the
+// newly created workspace's SCIM Me endpoint to check if the workspace is reachable.
+const workspaceReachableRequestTimeout = 10 * time.Second
+
+// workspace is the object that contains all the information for deploying a workspace
+type workspace struct {
 	provisioning.Workspace
 	CustomerManagedKeyID string `json:"customer_managed_key_id,omitempty"` // just for compatibility, will be removed
 	GcpWorkspaceSa       string `json:"gcp_workspace_sa" tf:"computed"`
@@ -49,7 +53,7 @@ func verifyWorkspaceReachable(ctx context.Context, w *databricks.WorkspaceClient
 		}
 		return false
 	})).Wait(ctx, func(ctx context.Context) error {
-		ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
+		ctx, cancel := context.WithTimeout(ctx, workspaceReachableRequestTimeout)
 		defer cancel()
 		_, err := w.CurrentUser.Me(ctx)
 		return err
@@ -154,27 +158,27 @@ func removeToken(ctx context.Context, w *databricks.WorkspaceClient, tokenID str
 // ResourceMwsWorkspaces manages E2 workspaces
 func ResourceMwsWorkspaces() common.Resource {
 	var computedFields = map[string]struct{}{
-		"cloud":                    {},
-		"workspace_id":             {},
-		"workspace_url":            {},
-		"workspace_status":         {},
-		"workspace_status_message": {},
+		"azure_workspace_info":     {},
 		"creation_time":            {},
 		"gke_config":               {},
 		"pricing_tier":             {},
+		"workspace_id":             {},
+		"workspace_status":         {},
+		"workspace_status_message": {},
+		"workspace_url":            {},
 	}
 
 	var workspaceRunningUpdatesAllowed = map[string]struct{}{
 		"credentials_id":                           {},
+		"custom_tags":                              {},
+		"managed_services_customer_managed_key_id": {},
 		"network_id":                               {},
-		"storage_customer_managed_key_id":          {},
 		"private_access_settings_id":               {},
-		"managed_services_customer_managed_key_id": {},
-		"custom_tags":                              {},
+		"storage_customer_managed_key_id":          {},
 		"token":                                    {},
 	}
 
-	workspaceSchema := common.StructToSchema(Workspace{},
+	workspaceSchema := common.StructToSchema(workspace{},
 		func(s map[string]*schema.Schema) map[string]*schema.Schema {
 			for name, fieldSchema := range s {
 				if _, ok := computedFields[name]; ok {
@@ -258,7 +262,7 @@ func ResourceMwsWorkspaces() common.Resource {
 			}
 			var createWorkspaceRequest provisioning.CreateWorkspaceRequest
 			common.DataToStructPointer(d, workspaceSchema, &createWorkspaceRequest)
-			var workspaceConfig Workspace
+			var workspaceConfig workspace
 			common.DataToStructPointer(d, workspaceSchema, &workspaceConfig)
 
 			// Validate required fields by cloud
@@ -275,6 +279,9 @@ func ResourceMwsWorkspaces() common.Resource {
 				log.Print("[INFO] Using existing customer_managed_key_id as value for new managed_services_customer_managed_key_id")
 				createWorkspaceRequest.ManagedServicesCustomerManagedKeyId = customerManagedKeyId.(string)
 			}
+			// is_no_public_ip_enabled always needs to be serialized. It is true by default, but if it is disabled
+			// by a customer, it will be omitted by the default request serializer.
+			createWorkspaceRequest.ForceSendFields = append(createWorkspaceRequest.ForceSendFields, "IsNoPublicIpEnabled")
 
 			// Create the workspace. If creation fails, clean it up and return.
 			wait, err := a.Workspaces.Create(ctx, createWorkspaceRequest)
@@ -332,7 +339,7 @@ func ResourceMwsWorkspaces() common.Resource {
 			if err != nil {
 				return err
 			}
-			var workspaceConfig Workspace
+			var workspaceConfig workspace
 			common.DataToStructPointer(d, workspaceSchema, &workspaceConfig)
 			workspace, err := a.Workspaces.Get(ctx, provisioning.GetWorkspaceRequest{WorkspaceId: common.MustInt64(workspaceID)})
 			if err != nil {
@@ -370,7 +377,7 @@ func ResourceMwsWorkspaces() common.Resource {
 			}
 			var updateWorkspaceRequest provisioning.UpdateWorkspaceRequest
 			common.DataToStructPointer(d, workspaceSchema, &updateWorkspaceRequest)
-			var workspaceConfig Workspace
+			var workspaceConfig workspace
 			common.DataToStructPointer(d, workspaceSchema, &workspaceConfig)
 			// WorkspaceId in UpdateWorkspaceRequest is a path parameter, thus tagged with `json:"-"`.
 			// This causes it not to be set in DataToStructPointer. Instead, the workspace ID can be