Forum Discussion
Workspace failure
Hi Community,
I had my Databricks workspace up and running and it was managed through terraform, and encryption was enabled through cmk, there were some updation in the code, so I put terraform plan, one of the key changes(replace) it showed me was
"azurerm_role_assignment.storage_identity_kv_access
module.workspace.azurerm_role_assignment.storage_identity_kv_access"
the terraform run was running for 30 min, and the workspace was in deployment for long time and then ultimately got failed. Again, as all the changes were not done, I reapplied, and I got this error
"Performing CreateOrUpdate: unexpected status 400 (400 Bad Request
) With error: InvalidEncryptionConfiguration: Configure encryption for workspace at creation is not allowed, configure encryption once workspace is created and key vault access policies are added"
Again, I applied and everything and terraform run succeeded but I can see in azure portal that workspace is in failed state, but if I go to Databricks account
I can see Databricks as running and if I go to workspace, I am able to start clusters and execute some queries.
I am not able to launch the workspace using azure portal, not sure there will be other issues due to this.
Could anyone help me to resolve this issue. Let me know if you need anything further to investigate the issue.
3 Replies
Hello, having the same issue. Did you have any luck fixing it?
were you able to resolve this? I'm having the exact same issue and can't seem to resolve it
The InvalidEncryptionConfiguration: Configure encryption for workspace at creation is not allowed...
indicates that Terraform attempted to modify encryption settings after the workspace was already created. This isn't supported — encryption with CMK must be configured at creation time only.
