diff --git a/aws-lambda/src/databricks_cdk/resources/tokens/token.py b/aws-lambda/src/databricks_cdk/resources/tokens/token.py index b991b302..fb787c58 100644 --- a/aws-lambda/src/databricks_cdk/resources/tokens/token.py +++ b/aws-lambda/src/databricks_cdk/resources/tokens/token.py @@ -126,6 +126,9 @@ def create_or_update_token(properties: TokenProperties, physical_resource_id: Op if update_token or existing_token is None: logger.info("Creating new token") new_token = _create_token(url, properties.comment, properties.lifetime_seconds) + # delete old token if it exists + if existing_token: + _delete_token(token_url=url, token_id=token_id) token_id = new_token["token_info"]["token_id"] token_value = new_token["token_value"] diff --git a/aws-lambda/tests/resources/tokens/test_token.py b/aws-lambda/tests/resources/tokens/test_token.py index b38c4d27..8f651ea4 100644 --- a/aws-lambda/tests/resources/tokens/test_token.py +++ b/aws-lambda/tests/resources/tokens/test_token.py @@ -55,6 +55,7 @@ def test_create_token_not_exist( ) +@patch("src.databricks_cdk.resources.tokens.token._delete_token") @patch("src.databricks_cdk.resources.tokens.token._create_token") @patch("src.databricks_cdk.resources.tokens.token.get_existing_tokens") @patch("src.databricks_cdk.resources.tokens.token.update_token_in_secrets_manager") @@ -64,6 +65,7 @@ def test_create_token_already_exist( patched_update_token_to_secrets_manager, patched_get_existing_tokens, patched__create_token, + patched__delete_token, ): token_properties = TokenProperties( token_name="test",