Nextail Terraform module for creating a Databricks workspace in AWS within an existing VPC
- Run
make update-docsand commit updated README - Tag the commit with the proper version
| Name | Version |
|---|---|
| terraform | >= 1.1.2 |
| aws | >= 3.37.0 |
| databricks | >= 1.0.0 |
| Name | Version |
|---|---|
| aws | >= 3.37.0 |
| databricks | >= 1.0.0 |
| time | n/a |
| Name | Source | Version |
|---|---|---|
| vpc_endpoints | terraform-aws-modules/vpc/aws//modules/vpc-endpoints | 3.2.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| add_deployment_name | Whether to add the workspace name as a deployment name. Capability of adding deployment name must be provided by Databricks: https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/mws_workspaces#deployment_name |
bool |
true |
no |
| aws_region | AWS Region in which to provision the workspace, e.g. eu-west-1 | string |
n/a | yes |
| create_root_bucket | Whether to create and configure the root bucket. If false, the module will assume that root_bucket_name belongs to a valid root bucket that thas been already created by the module | bool |
true |
no |
| databricks_account_id | Databricks account ID under which to provision the workspace | string |
n/a | yes |
| default_tags | (optional) Tags to be set by default in all resources created for the workspace | map(string) |
{} |
no |
| resource_prefix | Prefix to apply in the names of shared AWS resources to be created for the workspace | string |
n/a | yes |
| root_bucket_name | Name of the root bucket for the workspace, e.g. 'myworkspace-root-bucket'. It can be one already in use by other workspaces | string |
n/a | yes |
| security_group_egress_ports | (Optional) List of custom ports to allow TCP egress access to 0.0.0.0/0 outside security group. No need to specify ports 443, 3306 and 6666 as they will be open by default, as recommended by Databricks |
list(number) |
[] |
no |
| security_groups_to_allow_egress_to | (Optional) List of security group IDs to allow egress to within the VPC | list(string) |
null |
no |
| subnets | List of subnet definitions per Availability Zone. Each one will create two subnets: - Databricks Compute Resources subnet: each compute resource takes two IPs, so a good range of IPs would be from 512 to 4096, depending on specific needs - NAT Gateway: each NAT subnet takes just one IP, so a /24 CIDR is more than enough A minimum of two list items in different Availability Zones are required Note: Internet access is required for Databricks clusters to work. Every NAT Gateway will require an available EIP and a default Internet Gateway in the VPC. |
list(object({ |
n/a | yes |
| vpc_endpoints | (Optional) List of VPC endpoints to create. The valid values are 's3', 'kinesis-streams' and 'sts'. If not specified, no VPC endpoints will be created. It is recommended to create all where possible. More info: https://docs.databricks.com/administration-guide/cloud-configurations/aws/customer-managed-vpc.html#regional-endpoints-1 |
map(bool) |
{ |
no |
| vpc_id | ID of the VPC in which to provision the workspace. The VPC must have a valid Internet Gateway | string |
n/a | yes |
| workspace | Databricks workspace name. Optionally will be used as deployment name, if add_deployment_name is true. | string |
n/a | yes |
| Name | Description |
|---|---|
| cross_account_role_name | Name of the cross-account IAM role created for the Databricks workspace |
| databricks_host | Databricks workspace URL for the given created workspace. |
| databricks_token | Databricks workspace tokens for the given created workspace. Can be used to create resources in the workspace in the same Terraform state. |
| security_group_id | ID of the security group created for the Databricks workspace |