Create a workspace using the account console
This article describes how to create and manage workspaces using the account console on the E2 version of the platform. To learn how to create and manage workspaces using the Account API, see Create a workspace using the Account API. To learn how to use Databricks Terraform provider, see Create Databricks workspaces using Terraform
To create a workspace from the account console:
Go to the account console and click the Workspaces icon.
Click Create Workspace.
In the Workspace Name field, enter a human-readable name for this workspace. It can contain spaces.
In the Workspace URL field, enter a deployment name (optional). This field may be hidden for some customers.
The deployment name defines part of the subdomain for the workspace. The workspace URL for access to the Databricks web application and REST APIs is
<workspace-deployment-name>.cloud.databricks.com. For example, if the deployment name is
abcsales, your workspace URL will be
https://abcsales.cloud.databricks.com. Hyphens are allowed. This property supports only the set of characters that are allowed in a subdomain. This value must be unique across all workspaces across all AWS regions, not including deleted workspaces. If you leave this field blank, the server generates a unique deployment name for you with the pattern
Some Databricks accounts have a deployment name prefix that interacts with this feature. Contact your Databricks representative to set a deployment name prefix for your account. If your account has a deployment name prefix, the final workspace deployment name includes the account prefix followed by a hyphen. For example, if your account’s deployment prefix is
acmeand you enter the deployment name as
workspace-1, the new workspace’s deployment name becomes
acme-workspace-1. The final workspace URL is
The deployment name must adhere to the Databricks acceptable use policy.
In the Subscription plan field, select the plan that you want to associate with this workspace. Depending on your account, there may be only one choice. For detailed information about subscription plans, see Databricks AWS pricing.
In the Region field, select an AWS region for your workspace’s network and clusters.
In the Credential configuration field, select or add a credential configuration, which references a cross-account IAM role in your AWS account to delegate limited access to Databricks.
You must set up the AWS cross-account IAM role in your account so that Databricks can perform certain tasks in your account, such as creating new Databricks Runtime clusters.
If you want to create a new credential configuration, select Add a new credential to open the Add credential configuration dialog and follow these instructions:
In the Storage field, select or add a storage configuration, which contains the name of an AWS S3 bucket that stores certain workspace objects, such as libraries, logs, and notebook version history.
If you have already created storage configurations, they appear in the picker, and you can select one.
If you want to create a new storage configuration, select Add a new storage configuration to open the Add storage configuration dialog and follow the instructions in Manage storage configurations using the account console.
Configure Databricks to use your own VPC (optional, but required for back-end AWS PrivateLink)
By default, Databricks creates a VPC for each workspace it creates in your AWS account. You can choose to use your own VPC and configure it according to your organization’s enterprise cloud standards while still conforming to Databricks requirements. This feature is known as a customer-managed VPC.
Use the Advanced configurations section to select or configure a network configuration. For information about the requirements for the VPC, subnets, and security groups, see Customer-managed VPC.
If you want to create a new network configuration, select Add a new network configuration and follow the instructions in Manage network configurations using the account console.
When Databricks creates a VPC on your behalf, you must have at least one unused Elastic IP. Otherwise, the workspace isn’t created and creates the following error during workspace creation: “The maximum number of addresses has been reached.”
To use a customer-managed VPC, the IAM role referenced in your workspace’s credential configuration must use a role policy that supports customer-managed VPCs. The instructions in Create a cross-account IAM role explain which role policy to use. If you did not use the right role policy in your credential configuration, create a new credential configuration with the correct policy.
To enable back-end AWS PrivateLink connectivity, you must use a customer-managed VPC and your network configuration object must include the references to VPC endpoint registrations. For more information about PrivateLink, its requirements, and how to create VPC endpoints and VPC endpoint registrations, see Enable AWS PrivateLink. Your workspace must also include a private access settings object.
For back-end AWS PrivateLink:
Under the Private Link heading, choose a private access settings object or create a new one by clicking Add a new private access settings to open the Add configuration dialog. See Manage private access settings.
To enable PrivateLink, you must also have created the correct regional VPC endpoints, registered them, and referenced them from your network configuration. For more guidance, see Enable AWS PrivateLink.
Confirm that your workspace was created successfully.
View workspace status
After you create a workspace, you can view its status on the Workspaces page.
Provisioning: In progress. Wait a few minutes and refresh the page.
Running: Successful workspace deployment.
Failed: Failed deployment.
Banned: Contact your Databricks representative.
Cancelling: In the process of cancellation.
If the status for your new workspace is Failed, click the workspace to view a detailed error message. You can make updates to the configuration and try to deploy the workspace again. See Troubleshooting creating workspaces.
Log into a workspace
Go to the account console and click the Workspaces icon.
On the row with your workspace, click Open.
To log in as a workspace administrator, log in with your account owner or account administrator email address and password. If you configured single-sign on (SSO), click the Single Sign On button.