Skip to content

Latest commit

 

History

History
85 lines (70 loc) · 8.74 KB

File metadata and controls

85 lines (70 loc) · 8.74 KB

AWS Databricks Workspace Terraform module

Terraform module for creation AWS Databricks Workspace

Usage

Requirements

Name Version
terraform >= 1.8
aws ~>5.0
databricks ~>1.0
time ~> 0.11

Providers

Name Version
aws ~>5.0
databricks ~>1.0
time ~> 0.11

Modules

Name Source Version
iam_cross_account_workspace_policy terraform-aws-modules/iam/aws//modules/iam-policy 5.41.0
iam_cross_account_workspace_role terraform-aws-modules/iam/aws//modules/iam-assumable-role 5.41.0
privatelink_vpce ./modules/privatelink/ n/a
storage_configuration_dbfs_bucket terraform-aws-modules/s3-bucket/aws 4.1.2

Resources

Name Type
aws_s3_bucket_policy.databricks_aws_bucket_policy resource
databricks_mws_credentials.this resource
databricks_mws_networks.this resource
databricks_mws_private_access_settings.this resource
databricks_mws_storage_configurations.this resource
databricks_mws_workspaces.this resource
time_sleep.wait_30_seconds resource
databricks_aws_assume_role_policy.this data source
databricks_aws_bucket_policy.this data source
databricks_aws_crossaccount_policy.this data source

Inputs

Name Description Type Default Required
account_id Databricks Account ID string n/a yes
iam_cross_account_workspace_role_config Configuration object for setting the IAM cross-account role for the Databricks workspace
object({
role_name = optional(string, null)
policy_name = optional(string, null)
permission_boundary_arn = optional(string, null)
role_description = optional(string, "Databricks IAM Role to launch clusters in your AWS account, you must create a cross-account IAM role that gives access to Databricks.")
})
{} no
iam_cross_account_workspace_role_enabled A boolean flag to determine if the cross-account IAM role for Databricks workspace access should be created bool true no
label A customizable string used as a prefix for naming Databricks resources string n/a yes
private_access_settings_config Configuration for private access settings
object({
name = optional(string, null)
allowed_vpc_endpoint_ids = optional(list(string), [])
public_access_enabled = optional(bool, true)
})
{} no
private_access_settings_enabled Indicates whether private access settings should be enabled for the Databricks workspace. Set to true to activate these settings bool true no
privatelink_dedicated_vpce_config Configuration object for AWS PrivateLink dedicated VPC Endpoints (VPCe)
object({
rest_vpc_endpoint_name = optional(string, null)
relay_vpc_endpoint_name = optional(string, null)
rest_aws_vpc_endpoint_id = optional(string, null)
relay_aws_vpc_endpoint_id = optional(string, null)
})
{} no
privatelink_dedicated_vpce_enabled Boolean flag to enable or disable the creation of dedicated AWS VPC Endpoints (VPCe) for Databricks PrivateLink bool false no
privatelink_enabled Boolean flag to enabled registration of Privatelink VPC Endpoints (REST API and SCC Relay) in target Databricks Network Config bool false no
privatelink_relay_vpce_id AWS VPC Endpoint ID used for Databricks SCC Relay when PrivateLink is enabled string null no
privatelink_rest_vpce_id AWS VPC Endpoint ID used for Databricks REST API if PrivateLink is enabled string null no
region AWS region string n/a yes
security_group_ids Set of AWS security group IDs for Databricks Account network configuration set(string) n/a yes
storage_dbfs_config Configuration for the Databricks File System (DBFS) storage
object({
bucket_name = optional(string)
})
{} no
storage_dbfs_enabled Flag to enable or disable the use of DBFS (Databricks File System) storage in the Databricks workspace bool true no
subnet_ids Set of AWS subnet IDs for Databricks Account network configuration set(string) n/a yes
tags Assigned tags to AWS services map(string) {} no
vpc_id AWS VPC ID string n/a yes
workspace_creator_token_enabled Indicates whether to enable the creation of a token for workspace creators in Databricks bool false no

Outputs

Name Description
iam_role The IAM role created for cross-account access to the Databricks workspace
storage The storage configuration for the DBFS bucket associated with the workspace
workspace The Databricks workspace resource that has been created
workspace_id The unique identifier of the Databricks workspace.
workspace_url The URL for accessing the Databricks workspace

License

Apache 2 Licensed. For more information please see LICENSE