Allow disabling of recommendations #4155
Description
Describe the issue
New versions of the cli now this on deploying resources defined in a dab
Recommendation: permissions section should explicitly include the current deployment identity '9e4e3064-2f76-4def-b44f-f5579ea4f6a4' or one of its groups
If it is not included, CAN_MANAGE permissions are only applied if the present identity is used to deploy.
Consider using a adding a top-level permissions section such as the following:
permissions:
- service_principal_name: 9e4e3064-2f76-4def-b44f-f5579ea4f6a4
level: CAN_MANAGE
See https://docs.databricks.com/dev-tools/bundles/permissions.html to learn more about permission configuration.
in resources/jobs.yml:5:14
This is very noisy. We use ci to deploy our jobs and service principals on aws get a random uuid as its name, that would be different if you destroyed and recreteated this principal.
For these reasons I don't think its desirable to do what is suggested. It would be good to allow turning off recommendations on either a global or individual level or remove this one in its entirity
We deploy to a dev target using our own user but deploy to prod using a service principal. so its not even possible to automate what is suggested becaue the permission section would have to include either a user or service principal depening on what token is used