Manage network configurations using the account console (E2)

This article describes a process that is available only for accounts on the E2 version of the Databricks platform. All new Databricks accounts and most existing accounts are now E2. If you are unsure which account type you have, contact your Databricks representative.

By default, Databricks creates a VPC in your AWS account for each workspace and creates new Databricks Runtime clusters in it. If you are on the E2 version of the Databricks platform, you have the option to create workspaces in your own VPC, known as a customer-managed VPC. This article describes how to use the account console to create and manage network configurations for your account when you want to use a customer-managed VPC. To learn how to create network configurations using the Account API, see Create a new workspace using the Account API.

Using your own VPC enables you to configure it according to your organization’s enterprise cloud standards while still conforming to Databricks requirements. You cannot migrate an existing workspace to your own VPC.

Create a network configuration

To create a network configuration for a customer-managed VPC, you must create the VPC and subnets to meet Databricks requirements and then reference that VPC—including network objects such as VPCs, subnets, and security groups—in a network configuration for your Databricks account.


These instructions show you how to create the network configuration from the Account Settings page in the account console before you create a new workspace. You can also create the storage configuration in a similar way as part of the flow of creating a new workspace. See Create and manage workspaces using the account console.

  1. Set up your VPC, subnets, and security groups, using the instructions in Customer-managed VPC.

    Copy the IDs for each of these objects for use in the next step.


    You can share one customer-managed VPC with multiple workspaces in a single account. You do not have to create a new VPC for each workspace. However, you cannot reuse subnets or security groups with any other resources, including other workspaces or non-Databricks resources. If you plan to share one VPC with multiple workspaces, be sure to size your VPC and subnets accordingly. Because a Databricks network configuration encapsulates this information, you cannot reuse a network configuration across workspaces.

  2. Go to the account console, click Account Settings, and click Network configurations.

  3. Click Add Network Configuration.

  4. In the Network Configuration Name field, enter a human-readable name for your new network configuration.

  5. In the VPC ID field, enter the VPC ID.

  6. In the Subnet IDs field, enter the IDs for at least two subnets in the VPC.

  7. In the Security Group IDs field, enter at least one Security Group ID.

  8. Click Add.

View network configurations including errors

  1. Go to the account console, click Account Settings, and click Network configurations.

    All network configurations are listed, with VPC ID, VPC Status, and Created date displayed for each.

  2. Click the network configuration name to view more details, including subnet IDs, security group IDs, and any error messages.

    Not all validations are run during network configuration creation. Some errors are detected only when the configuration is used to create a new workspace. If a new workspace fails to deploy, re-visit this page to view new error messages.

Delete a network configuration

Network configurations cannot be edited after creation. If the configuration has incorrect data or if you no longer need it, delete the network configuration:

  1. Go to the account console, click Account Settings, and click Network configurations.

  2. On the network configuration row, click the Actions menu icon, and select Delete.

    You can also click the network configuration name and click Delete on the pop-up dialog.

  3. In the confirmation dialog, click Confirm Delete.