Add a warning in databricks_permissions token usage docs (#1380)

ravirahul-db · nfx · web-flow · commit 7b9c73d87be9 · 2022-06-21T09:25:49.000-07:00
Co-authored-by: Serge Smertin &lt;259697+nfx@users.noreply.github.com&gt;
diff --git a/docs/resources/permissions.md b/docs/resources/permissions.md
@@ -495,7 +495,9 @@ resource "databricks_permissions" "password_usage" {
 
 ## Token usage
 
--> **Note** It is required to have at least 1 personal access token in the workspace before you can manage tokens permissions.
+It is required to have at least 1 personal access token in the workspace before you can manage tokens permissions.
+
+!> **Warning** There can be only one `authorization = "tokens"` permissions resource per workspace, otherwise there'll be a permanent configuration drift. After applying changes, users who previously had either `CAN_USE` or `CAN_MANAGE` permission but no longer have either permission have their access to token-based authentication revoked. Their active tokens are immediately deleted (revoked).
 
 Only [possible permission](https://docs.databricks.com/administration-guide/access-control/tokens.html) to assign to non-admin group is `CAN_USE`, where _admins_ `CAN_MANAGE` all tokens:
 
