Manage VPC endpoint registrations using the account console

Preview

This feature is in Public Preview.

This article describes a process that is available only for accounts on the E2 version of the Databricks platform. All new Databricks accounts and most existing accounts are now E2. If you are unsure which account type you have, contact your Databricks representative.

What is a VPC endpoint registration?

This article discusses how to create Databricks VPC endpoint registration objects, which is a Databricks configuration object wrapping the regional AWS VPC endpoint. You must register AWS VPC endpoints to enable AWS PrivateLink. An AWS VPC endpoint represents a connection from one VPC to a PrivateLink service in another VPC.

This article does not contain all the information necessary to configure PrivateLink for your workspace. For all requirements and steps, see Enable AWS PrivateLink.

One of the PrivateLink requirements is to use a customer-managed VPC, which you register with Databricksto create a network configuration object. For PrivateLink back-end support, that network configuration object must reference your VPC endpoint registrations (your registered VPC endpoints). For more information about network configurations, see Enable AWS PrivateLink and Manage network configurations using the account console.

If you have multiple workspaces that share the same customer-managed VPC, you can choose to share the AWS VPC endpoints. You can also share these VPC endpoints among multiple Databricks accounts, in which case register the AWS VPC endpoint in each Databricks account.

Register a VPC endpoint

Note

These instructions show you how to create the VPC endpoints from the Cloud resources page in the account console before you create a new workspace. You can also create the VPC endpoints in a similar way as part of the flow of creating or updating a new workspace and choosing Register a VPC endpoint from menus in the network configuration editor. See Create and manage workspaces and Manage network configurations using the account console.

  1. In the account console, click Cloud resources.

  2. Click Network.

  3. From the vertical navigation on the page, click VPC endpoint registrations.

  4. Click Register a VPC endpoint.

  5. In the VPC endpoint registration name field , type the human-readable name you’d like for the new configuration. Databricks recommends including the region and the destination of this particular VPC endpoint. For example, if this is a VPC endpoint for back-end PrivateLink connectivity to the Databricks control plane secure cluster connectivity relay, you might name it something like VPCE us-west-2 for SCC.

  6. Choose the region.

    Important

    The region field must match your workspace region and the region of the AWS VPC endpoints that you are registering. However, Databricks validates this only during workspace creation (or during updating a workspace with PrivateLink), so it is critical that you carefully set the region in this step.

  7. In the AWS VPC endpoint ID field, paste the ID from the relevant AWS VPC endpoint.

  8. Click Register new VPC endpoint.

Delete a VPC endpoint registration

VPC endpoint registrations cannot be edited after creation. If the configuration has incorrect data or if you no longer need it, delete the VPC endpoint registration:

  1. In the account console, click Cloud resources.

  2. Click Network.

  3. From the vertical navigation on the page, click VPC endpoint registrations.

  4. On the row for the configuration, click the kebab menu Vertical Ellipsis on the right, and select Delete.

  5. In the confirmation dialog, click Confirm Delete.