[DOC] Request more Information on non-BYOVPC deployment #368
Comments
|
@HamiltonHord when not using the BYOVPC option and you want databricks to provision and manage the VPC for you, you need to make sure your IAM policy corresponds to the Databricks VPC tab in: https://docs.databricks.com/administration-guide/account-api/iam-role.html#language-Databricks%C2%A0VPC An example can look like: provider "databricks" {
alias = "mws"
host = "https://accounts.cloud.databricks.com"
}
// register cross-account ARN
resource "databricks_mws_credentials" "this" {
provider = databricks.mws
account_id = var.account_id
credentials_name = "${var.prefix}-creds"
role_arn = var.crossaccount_arn
}
// register root bucket
resource "databricks_mws_storage_configurations" "this" {
provider = databricks.mws
account_id = var.account_id
storage_configuration_name = "${var.prefix}-storage"
bucket_name = var.root_bucket
}
// create workspace in given VPC with DBFS on root bucket
resource "databricks_mws_workspaces" "this" {
provider = databricks.mws
account_id = var.account_id
workspace_name = var.prefix
deployment_name = var.prefix
aws_region = var.region
credentials_id = databricks_mws_credentials.this.credentials_id
storage_configuration_id = databricks_mws_storage_configurations.this.storage_configuration_id
verify_workspace_runnning = true
}
provider "databricks" {
// in normal scenario you won't have to give providers aliases
alias = "created_workspace"
host = databricks_mws_workspaces.this.workspace_url
}
// create PAT token to provision entities within workspace
resource "databricks_token" "pat" {
provider = databricks.created_workspace
comment = "Terraform Provisioning"
// 1 day token
lifetime_seconds = 86400
}As you can see in the field network_id it is declared optional and if you dont provide it we just make the network object for you. Please let me know if that answers your question. We can add this as an optional additional documentation in the usage section for folks wanting Databricks to manage the VPC for them. |
|
The only thing I'd like to see is somehow having the Databricks created VPC Id as an attribute that can be used elsewhere. For example, I'd like databricks to make me the VPC, but I then want to hook that VPC up to a Transit gateway + get the VPC info for routing. |
|
Will be fixed in #400 |
* Pre-release fixing * Added NAT to BYOVPC terraform module * added instance profile locks * Added sync block for instance profiles integration tests * Fix #383 Cleaning up clusters that fail to start * Added log delivery use case docs * Fix #382 - ignore changes to deployment_name * Fix test and lints * Fix #382 by ignoring incoming prefix for deployment_name for databricks_mws_workspaces * Improve documentation to fix #368 * fix linting issues Co-authored-by: Serge Smertin <serge.smertin@databricks.com>
Affected Resource(s)
databricks_mws_workspaces Resource
Expected Details
While I understand that the suggested behavior of creating a Databricks Workspace is to use the BYOVPC option, but I was curious about some of the behavior/exported information when creating a workspace resource in a non-BYOVPC deployment.
List of things to potentially add/remove:
This is a list of things to manipulate in the docs:
Important Factoids
Databricks API docs for this
The text was updated successfully, but these errors were encountered: