-
Notifications
You must be signed in to change notification settings - Fork 386
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added AWS PrivateLink related resource documentation
- Loading branch information
Showing
3 changed files
with
96 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
--- | ||
subcategory: "AWS" | ||
--- | ||
# databricks_mws_private_access_settings Resource | ||
|
||
-> **Public Preview** This feature is in [Public Preview](https://docs.databricks.com/release-notes/release-types.html). Contact your Databricks representative to request access. | ||
|
||
-> **Note** This resource has an evolving API, which will change in the upcoming versions of the provider in order to simplify user experience. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
resource "databricks_mws_private_access_settings" "pas" { | ||
account_id = var.databricks_account_id | ||
private_access_settings_name = "Private Access Settings for ${aws_vpc.main.id}" | ||
region = local.region | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are available: | ||
|
||
* `account_id` - Account Id that could be found in the bottom left corner of [Accounts Console](https://accounts.cloud.databricks.com/) | ||
* `private_access_settings_name` - Name of Private Access Settings in Databricks Account | ||
* `public_access_enabled` (Boolean, Optional, `false` by default) - If `true`, the [databricks_mws_workspaces](mws_workspaces.md) can be accessed over the [databricks_mws_vpc_endpoint](mws_vpc_endpoint.md) as well as over the public network. In such a case, you could also configure an [databricks_ip_access_list](ip_access_list.md) for the workspace, to restrict the source networks that could be used to access it over the public network. If `false` (default), the workspace can be accessed only over VPC endpoints, and not over the public network. | ||
* `region` - Region of AWS VPC | ||
|
||
## Attribute Reference | ||
|
||
In addition to all arguments above, the following attributes are exported: | ||
|
||
* `private_access_settings_id` - Canonical unique identifier of Private Access Settings in Databricks Account | ||
* `status` - Status of Private Access Settings |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
--- | ||
subcategory: "AWS" | ||
--- | ||
# databricks_mws_vpc_endpoint Resource | ||
|
||
-> **Public Preview** This feature is in [Public Preview](https://docs.databricks.com/release-notes/release-types.html). Contact your Databricks representative to request access. | ||
|
||
Connects [aws_vpc_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) with [databricks_mws_networks](mws_networks.md) through PrivateLink. | ||
|
||
## Example Usage | ||
|
||
-> **Note** This resource has an evolving API, which will change in the upcoming versions of the provider in order to simplify user experience. | ||
|
||
```hcl | ||
resource "aws_vpc_endpoint" "relay" { | ||
service_name = local.private_link.relay_endpoint | ||
vpc_id = aws_vpc.main.id | ||
vpc_endpoint_type = "Interface" | ||
security_group_ids = [aws_security_group.this.id] | ||
subnet_ids = [aws_subnet.databricks_endpoints.id] | ||
tags = { | ||
"Name" = "${var.workspace_name}-databricks-relay" | ||
} | ||
} | ||
resource "databricks_mws_vpc_endpoint" "relay" { | ||
account_id = var.databricks_account_id | ||
aws_vpc_endpoint_id = aws_vpc_endpoint.relay.id | ||
vpc_endpoint_name = "VPC Relay for ${aws_vpc.main.id}" | ||
region = local.region | ||
} | ||
resource "databricks_mws_networks" "this" { | ||
# ... | ||
vpc_endpoints { | ||
dataplane_relay = [databricks_mws_vpc_endpoint.relay.vpc_endpoint_id] | ||
# rest_api VPC endpoint is created in a similar way | ||
rest_api = [databricks_mws_vpc_endpoint.rest.vpc_endpoint_id] | ||
} | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are required: | ||
|
||
* `account_id` - Account Id that could be found in the bottom left corner of [Accounts Console](https://accounts.cloud.databricks.com/) | ||
* `aws_vpc_endpoint_id` - ID of configured [aws_vpc_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) | ||
* `vpc_endpoint_name` - Name of VPC Endpoint in Databricks Account | ||
* `aws_endpoint_service_id` - ID of Databricks VPC endpoint service to connect to. Please contact your Databricks representative to request mapping | ||
* `region` - Region of AWS VPC | ||
|
||
## Attribute Reference | ||
|
||
In addition to all arguments above, the following attributes are exported: | ||
|
||
* `vpc_endpoint_id` - Canonical unique identifier of VPC Endpoint in Databricks Account | ||
* `state` - State of VPC Endpoint |