Skip to content

Latest commit

 

History

History

adb-with-private-link-standard

README.md

Provisioning Databricks on Azure with Private Link - Standard deployment

This module contains Terraform code used to deploy an Azure Databricks workspace with Azure Private Link.

Note
An Azure VM is deployed using this module in order to test the connectivity to the Azure Databricks workspace.

Module content

This module can be used to deploy the following:

Azure Databricks with Private Link - Standard

It covers a standard deployment to configure Azure Databricks with Private Link:

  • Two seperate VNets are used:
    • A transit VNet
    • A customer Data Plane VNet
  • A private endpoint is used for back-end connectivity and deployed in the customer Data Plane VNet.
  • A private endpoint is used for front-end connectivity and deployed in the transit VNet.
  • A private endpoint is used for web authentication and deployed in the transit VNet.
  • A dedicated Databricks workspace, called Web Auth workspace, is used for web authentication traffic. This workspace is configured with the sub resource browser_authentication and deployed using subnets in the transit VNet.

How to use

Note
You can customize this module by adding, deleting or updating the Azure resources to adapt the module to your requirements. A deployment example using this module can be found in examples/adb-with-private-link-standard

  1. Reference this module using one of the different module source types
  2. Add a variables.tf with the same content in variables.tf
  3. Add a terraform.tfvars file and provide values to each defined variable
  4. Add a output.tf file.
  5. (Optional) Configure your remote backend
  6. Run terraform init to initialize terraform and get provider ready.
  7. Run terraform apply to create the resources.

Requirements

Name Version
azurerm >=4.0.0

Providers

Name Version
azurerm >=4.0.0
external n/a
http n/a
random n/a

Modules

No modules.

Resources

Name Type
azurerm_databricks_workspace.dp_workspace resource
azurerm_databricks_workspace.transit_workspace resource
azurerm_network_interface.testvmnic resource
azurerm_network_interface_security_group_association.testvmnsgassoc resource
azurerm_network_security_group.dp_sg resource
azurerm_network_security_group.testvm-nsg resource
azurerm_network_security_group.transit_sg resource
azurerm_network_security_rule.dp_aad resource
azurerm_network_security_rule.dp_azfrontdoor resource
azurerm_network_security_rule.test0 resource
azurerm_network_security_rule.transit_aad resource
azurerm_network_security_rule.transit_azfrontdoor resource
azurerm_private_dns_zone.dns_auth_front resource
azurerm_private_dns_zone.dnsdbfs_blob resource
azurerm_private_dns_zone.dnsdbfs_dfs resource
azurerm_private_dns_zone.dnsdpcp resource
azurerm_private_dns_zone_virtual_network_link.dbfsdnszonevnetlink_blob resource
azurerm_private_dns_zone_virtual_network_link.dbfsdnszonevnetlink_dfs resource
azurerm_private_dns_zone_virtual_network_link.dpcpdnszonevnetlink resource
azurerm_private_dns_zone_virtual_network_link.transitdnszonevnetlink resource
azurerm_private_endpoint.dp_dbfspe_blob resource
azurerm_private_endpoint.dp_dbfspe_dfs resource
azurerm_private_endpoint.dp_dpcp resource
azurerm_private_endpoint.front_pe resource
azurerm_private_endpoint.transit_auth resource
azurerm_public_ip.testvmpublicip resource
azurerm_resource_group.dp_rg resource
azurerm_resource_group.transit_rg resource
azurerm_subnet.dp_plsubnet resource
azurerm_subnet.dp_private resource
azurerm_subnet.dp_public resource
azurerm_subnet.testvmsubnet resource
azurerm_subnet.transit_plsubnet resource
azurerm_subnet.transit_private resource
azurerm_subnet.transit_public resource
azurerm_subnet_network_security_group_association.dp_private resource
azurerm_subnet_network_security_group_association.dp_public resource
azurerm_subnet_network_security_group_association.transit_private resource
azurerm_subnet_network_security_group_association.transit_public resource
azurerm_virtual_network.dp_vnet resource
azurerm_virtual_network.transit_vnet resource
azurerm_windows_virtual_machine.testvm resource
random_string.naming resource
random_string.password resource
azurerm_client_config.current data source
external_external.me data source
http_http.my_public_ip data source

Inputs

Name Description Type Default Required
cidr_dp (Required) The CIDR for the Azure Data Plane VNet string n/a yes
cidr_transit (Required) The CIDR for the Azure transit VNet string n/a yes
location (Required) The location for the resources in this module string n/a yes
private_subnet_endpoints The list of Service endpoints to associate with the private subnet. list(string) [] no
public_network_access_enabled (Optional, default: false) If access from the public networks should be enabled bool false no
transit_private_subnet_endpoints The list of Service endpoints to associate with the private transit subnet. list(string) [] no

Outputs

Name Description
dp_databricks_azure_workspace_resource_id Depricated The ID of the Databricks Workspace in the Azure management plane.
dp_workspace_url Depricated Renamed to workspace_url to align with naming used in other modules
my_ip_addr n/a
test_vm_password Password to access the Test VM, use terraform output -json test_vm_password to get the password value
test_vm_public_ip Public IP of the created virtual machine
workspace_id The Databricks workspace ID
workspace_url The workspace URL which is of the format 'adb-{workspaceId}.{random}.azuredatabricks.net'