databricks.MwsNccPrivateEndpointRule
Explore with Pulumi AI
Allows you to create a private endpoint in a Network Connectivity Config that can be used to configure private connectivity from serverless compute.
This resource can only be used with an account-level provider!
This feature is available on Azure, and in Public Preview on AWS.
Example Usage
Create private endpoints to an Azure storage account and an Azure standard load balancer.
import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";
const config = new pulumi.Config();
const region = config.requireObject<any>("region");
const prefix = config.requireObject<any>("prefix");
const ncc = new databricks.MwsNetworkConnectivityConfig("ncc", {
name: `ncc-for-${prefix}`,
region: region,
});
const storage = new databricks.MwsNccPrivateEndpointRule("storage", {
networkConnectivityConfigId: ncc.networkConnectivityConfigId,
resourceId: "/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Storage/storageAccounts/examplesa",
groupId: "blob",
});
const slb = new databricks.MwsNccPrivateEndpointRule("slb", {
networkConnectivityConfigId: ncc.networkConnectivityConfigId,
resourceId: "/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Network/privatelinkServices/example-private-link-service",
domainNames: ["my-example.exampledomain.com"],
});
import pulumi
import pulumi_databricks as databricks
config = pulumi.Config()
region = config.require_object("region")
prefix = config.require_object("prefix")
ncc = databricks.MwsNetworkConnectivityConfig("ncc",
name=f"ncc-for-{prefix}",
region=region)
storage = databricks.MwsNccPrivateEndpointRule("storage",
network_connectivity_config_id=ncc.network_connectivity_config_id,
resource_id="/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Storage/storageAccounts/examplesa",
group_id="blob")
slb = databricks.MwsNccPrivateEndpointRule("slb",
network_connectivity_config_id=ncc.network_connectivity_config_id,
resource_id="/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Network/privatelinkServices/example-private-link-service",
domain_names=["my-example.exampledomain.com"])
package main
import (
"fmt"
"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
region := cfg.RequireObject("region")
prefix := cfg.RequireObject("prefix")
ncc, err := databricks.NewMwsNetworkConnectivityConfig(ctx, "ncc", &databricks.MwsNetworkConnectivityConfigArgs{
Name: pulumi.Sprintf("ncc-for-%v", prefix),
Region: pulumi.Any(region),
})
if err != nil {
return err
}
_, err = databricks.NewMwsNccPrivateEndpointRule(ctx, "storage", &databricks.MwsNccPrivateEndpointRuleArgs{
NetworkConnectivityConfigId: ncc.NetworkConnectivityConfigId,
ResourceId: pulumi.String("/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Storage/storageAccounts/examplesa"),
GroupId: pulumi.String("blob"),
})
if err != nil {
return err
}
_, err = databricks.NewMwsNccPrivateEndpointRule(ctx, "slb", &databricks.MwsNccPrivateEndpointRuleArgs{
NetworkConnectivityConfigId: ncc.NetworkConnectivityConfigId,
ResourceId: pulumi.String("/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Network/privatelinkServices/example-private-link-service"),
DomainNames: pulumi.StringArray{
pulumi.String("my-example.exampledomain.com"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var region = config.RequireObject<dynamic>("region");
var prefix = config.RequireObject<dynamic>("prefix");
var ncc = new Databricks.MwsNetworkConnectivityConfig("ncc", new()
{
Name = $"ncc-for-{prefix}",
Region = region,
});
var storage = new Databricks.MwsNccPrivateEndpointRule("storage", new()
{
NetworkConnectivityConfigId = ncc.NetworkConnectivityConfigId,
ResourceId = "/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Storage/storageAccounts/examplesa",
GroupId = "blob",
});
var slb = new Databricks.MwsNccPrivateEndpointRule("slb", new()
{
NetworkConnectivityConfigId = ncc.NetworkConnectivityConfigId,
ResourceId = "/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Network/privatelinkServices/example-private-link-service",
DomainNames = new[]
{
"my-example.exampledomain.com",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.MwsNetworkConnectivityConfig;
import com.pulumi.databricks.MwsNetworkConnectivityConfigArgs;
import com.pulumi.databricks.MwsNccPrivateEndpointRule;
import com.pulumi.databricks.MwsNccPrivateEndpointRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var region = config.get("region");
final var prefix = config.get("prefix");
var ncc = new MwsNetworkConnectivityConfig("ncc", MwsNetworkConnectivityConfigArgs.builder()
.name(String.format("ncc-for-%s", prefix))
.region(region)
.build());
var storage = new MwsNccPrivateEndpointRule("storage", MwsNccPrivateEndpointRuleArgs.builder()
.networkConnectivityConfigId(ncc.networkConnectivityConfigId())
.resourceId("/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Storage/storageAccounts/examplesa")
.groupId("blob")
.build());
var slb = new MwsNccPrivateEndpointRule("slb", MwsNccPrivateEndpointRuleArgs.builder()
.networkConnectivityConfigId(ncc.networkConnectivityConfigId())
.resourceId("/subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Network/privatelinkServices/example-private-link-service")
.domainNames("my-example.exampledomain.com")
.build());
}
}
configuration:
region:
type: dynamic
prefix:
type: dynamic
resources:
ncc:
type: databricks:MwsNetworkConnectivityConfig
properties:
name: ncc-for-${prefix}
region: ${region}
storage:
type: databricks:MwsNccPrivateEndpointRule
properties:
networkConnectivityConfigId: ${ncc.networkConnectivityConfigId}
resourceId: /subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Storage/storageAccounts/examplesa
groupId: blob
slb:
type: databricks:MwsNccPrivateEndpointRule
properties:
networkConnectivityConfigId: ${ncc.networkConnectivityConfigId}
resourceId: /subscriptions/653bb673-1234-abcd-a90b-d064d5d53ca4/resourcegroups/example-resource-group/providers/Microsoft.Network/privatelinkServices/example-private-link-service
domainNames:
- my-example.exampledomain.com
Create a private endpoint rule to an AWS VPC endpoint and to an S3 bucket.
import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";
const config = new pulumi.Config();
const region = config.requireObject<any>("region");
const prefix = config.requireObject<any>("prefix");
const ncc = new databricks.MwsNetworkConnectivityConfig("ncc", {
name: `ncc-for-${prefix}`,
region: region,
});
const storage = new databricks.MwsNccPrivateEndpointRule("storage", {
networkConnectivityConfigId: ncc.networkConnectivityConfigId,
endpointService: "com.amazonaws.us-east-1.s3",
resourceNames: ["bucket"],
});
const vpce = new databricks.MwsNccPrivateEndpointRule("vpce", {
networkConnectivityConfigId: ncc.networkConnectivityConfigId,
endpointService: "com.amazonaws.vpce.us-west-2.vpce-svc-xyz",
domainNames: ["subdomain.internal.net"],
});
import pulumi
import pulumi_databricks as databricks
config = pulumi.Config()
region = config.require_object("region")
prefix = config.require_object("prefix")
ncc = databricks.MwsNetworkConnectivityConfig("ncc",
name=f"ncc-for-{prefix}",
region=region)
storage = databricks.MwsNccPrivateEndpointRule("storage",
network_connectivity_config_id=ncc.network_connectivity_config_id,
endpoint_service="com.amazonaws.us-east-1.s3",
resource_names=["bucket"])
vpce = databricks.MwsNccPrivateEndpointRule("vpce",
network_connectivity_config_id=ncc.network_connectivity_config_id,
endpoint_service="com.amazonaws.vpce.us-west-2.vpce-svc-xyz",
domain_names=["subdomain.internal.net"])
package main
import (
"fmt"
"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
region := cfg.RequireObject("region")
prefix := cfg.RequireObject("prefix")
ncc, err := databricks.NewMwsNetworkConnectivityConfig(ctx, "ncc", &databricks.MwsNetworkConnectivityConfigArgs{
Name: pulumi.Sprintf("ncc-for-%v", prefix),
Region: pulumi.Any(region),
})
if err != nil {
return err
}
_, err = databricks.NewMwsNccPrivateEndpointRule(ctx, "storage", &databricks.MwsNccPrivateEndpointRuleArgs{
NetworkConnectivityConfigId: ncc.NetworkConnectivityConfigId,
EndpointService: pulumi.String("com.amazonaws.us-east-1.s3"),
ResourceNames: pulumi.StringArray{
pulumi.String("bucket"),
},
})
if err != nil {
return err
}
_, err = databricks.NewMwsNccPrivateEndpointRule(ctx, "vpce", &databricks.MwsNccPrivateEndpointRuleArgs{
NetworkConnectivityConfigId: ncc.NetworkConnectivityConfigId,
EndpointService: pulumi.String("com.amazonaws.vpce.us-west-2.vpce-svc-xyz"),
DomainNames: pulumi.StringArray{
pulumi.String("subdomain.internal.net"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var region = config.RequireObject<dynamic>("region");
var prefix = config.RequireObject<dynamic>("prefix");
var ncc = new Databricks.MwsNetworkConnectivityConfig("ncc", new()
{
Name = $"ncc-for-{prefix}",
Region = region,
});
var storage = new Databricks.MwsNccPrivateEndpointRule("storage", new()
{
NetworkConnectivityConfigId = ncc.NetworkConnectivityConfigId,
EndpointService = "com.amazonaws.us-east-1.s3",
ResourceNames = new[]
{
"bucket",
},
});
var vpce = new Databricks.MwsNccPrivateEndpointRule("vpce", new()
{
NetworkConnectivityConfigId = ncc.NetworkConnectivityConfigId,
EndpointService = "com.amazonaws.vpce.us-west-2.vpce-svc-xyz",
DomainNames = new[]
{
"subdomain.internal.net",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.MwsNetworkConnectivityConfig;
import com.pulumi.databricks.MwsNetworkConnectivityConfigArgs;
import com.pulumi.databricks.MwsNccPrivateEndpointRule;
import com.pulumi.databricks.MwsNccPrivateEndpointRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var region = config.get("region");
final var prefix = config.get("prefix");
var ncc = new MwsNetworkConnectivityConfig("ncc", MwsNetworkConnectivityConfigArgs.builder()
.name(String.format("ncc-for-%s", prefix))
.region(region)
.build());
var storage = new MwsNccPrivateEndpointRule("storage", MwsNccPrivateEndpointRuleArgs.builder()
.networkConnectivityConfigId(ncc.networkConnectivityConfigId())
.endpointService("com.amazonaws.us-east-1.s3")
.resourceNames("bucket")
.build());
var vpce = new MwsNccPrivateEndpointRule("vpce", MwsNccPrivateEndpointRuleArgs.builder()
.networkConnectivityConfigId(ncc.networkConnectivityConfigId())
.endpointService("com.amazonaws.vpce.us-west-2.vpce-svc-xyz")
.domainNames("subdomain.internal.net")
.build());
}
}
configuration:
region:
type: dynamic
prefix:
type: dynamic
resources:
ncc:
type: databricks:MwsNetworkConnectivityConfig
properties:
name: ncc-for-${prefix}
region: ${region}
storage:
type: databricks:MwsNccPrivateEndpointRule
properties:
networkConnectivityConfigId: ${ncc.networkConnectivityConfigId}
endpointService: com.amazonaws.us-east-1.s3
resourceNames:
- bucket
vpce:
type: databricks:MwsNccPrivateEndpointRule
properties:
networkConnectivityConfigId: ${ncc.networkConnectivityConfigId}
endpointService: com.amazonaws.vpce.us-west-2.vpce-svc-xyz
domainNames:
- subdomain.internal.net
Related Resources
The following resources are used in the context:
- databricks.MwsNetworkConnectivityConfig to create Network Connectivity Config objects.
- databricks.MwsNccBinding to attach an NCC to a workspace.
Create MwsNccPrivateEndpointRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new MwsNccPrivateEndpointRule(name: string, args: MwsNccPrivateEndpointRuleArgs, opts?: CustomResourceOptions);
@overload
def MwsNccPrivateEndpointRule(resource_name: str,
args: MwsNccPrivateEndpointRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def MwsNccPrivateEndpointRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
network_connectivity_config_id: Optional[str] = None,
endpoint_service: Optional[str] = None,
resource_id: Optional[str] = None,
deactivated: Optional[bool] = None,
deactivated_at: Optional[int] = None,
domain_names: Optional[Sequence[str]] = None,
enabled: Optional[bool] = None,
creation_time: Optional[int] = None,
group_id: Optional[str] = None,
endpoint_name: Optional[str] = None,
connection_state: Optional[str] = None,
account_id: Optional[str] = None,
resource_names: Optional[Sequence[str]] = None,
rule_id: Optional[str] = None,
updated_time: Optional[int] = None,
vpc_endpoint_id: Optional[str] = None)
func NewMwsNccPrivateEndpointRule(ctx *Context, name string, args MwsNccPrivateEndpointRuleArgs, opts ...ResourceOption) (*MwsNccPrivateEndpointRule, error)
public MwsNccPrivateEndpointRule(string name, MwsNccPrivateEndpointRuleArgs args, CustomResourceOptions? opts = null)
public MwsNccPrivateEndpointRule(String name, MwsNccPrivateEndpointRuleArgs args)
public MwsNccPrivateEndpointRule(String name, MwsNccPrivateEndpointRuleArgs args, CustomResourceOptions options)
type: databricks:MwsNccPrivateEndpointRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args MwsNccPrivateEndpointRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args MwsNccPrivateEndpointRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args MwsNccPrivateEndpointRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args MwsNccPrivateEndpointRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args MwsNccPrivateEndpointRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var mwsNccPrivateEndpointRuleResource = new Databricks.MwsNccPrivateEndpointRule("mwsNccPrivateEndpointRuleResource", new()
{
NetworkConnectivityConfigId = "string",
EndpointService = "string",
ResourceId = "string",
Deactivated = false,
DeactivatedAt = 0,
DomainNames = new[]
{
"string",
},
Enabled = false,
CreationTime = 0,
GroupId = "string",
EndpointName = "string",
ConnectionState = "string",
AccountId = "string",
ResourceNames = new[]
{
"string",
},
RuleId = "string",
UpdatedTime = 0,
VpcEndpointId = "string",
});
example, err := databricks.NewMwsNccPrivateEndpointRule(ctx, "mwsNccPrivateEndpointRuleResource", &databricks.MwsNccPrivateEndpointRuleArgs{
NetworkConnectivityConfigId: pulumi.String("string"),
EndpointService: pulumi.String("string"),
ResourceId: pulumi.String("string"),
Deactivated: pulumi.Bool(false),
DeactivatedAt: pulumi.Int(0),
DomainNames: pulumi.StringArray{
pulumi.String("string"),
},
Enabled: pulumi.Bool(false),
CreationTime: pulumi.Int(0),
GroupId: pulumi.String("string"),
EndpointName: pulumi.String("string"),
ConnectionState: pulumi.String("string"),
AccountId: pulumi.String("string"),
ResourceNames: pulumi.StringArray{
pulumi.String("string"),
},
RuleId: pulumi.String("string"),
UpdatedTime: pulumi.Int(0),
VpcEndpointId: pulumi.String("string"),
})
var mwsNccPrivateEndpointRuleResource = new MwsNccPrivateEndpointRule("mwsNccPrivateEndpointRuleResource", MwsNccPrivateEndpointRuleArgs.builder()
.networkConnectivityConfigId("string")
.endpointService("string")
.resourceId("string")
.deactivated(false)
.deactivatedAt(0)
.domainNames("string")
.enabled(false)
.creationTime(0)
.groupId("string")
.endpointName("string")
.connectionState("string")
.accountId("string")
.resourceNames("string")
.ruleId("string")
.updatedTime(0)
.vpcEndpointId("string")
.build());
mws_ncc_private_endpoint_rule_resource = databricks.MwsNccPrivateEndpointRule("mwsNccPrivateEndpointRuleResource",
network_connectivity_config_id="string",
endpoint_service="string",
resource_id="string",
deactivated=False,
deactivated_at=0,
domain_names=["string"],
enabled=False,
creation_time=0,
group_id="string",
endpoint_name="string",
connection_state="string",
account_id="string",
resource_names=["string"],
rule_id="string",
updated_time=0,
vpc_endpoint_id="string")
const mwsNccPrivateEndpointRuleResource = new databricks.MwsNccPrivateEndpointRule("mwsNccPrivateEndpointRuleResource", {
networkConnectivityConfigId: "string",
endpointService: "string",
resourceId: "string",
deactivated: false,
deactivatedAt: 0,
domainNames: ["string"],
enabled: false,
creationTime: 0,
groupId: "string",
endpointName: "string",
connectionState: "string",
accountId: "string",
resourceNames: ["string"],
ruleId: "string",
updatedTime: 0,
vpcEndpointId: "string",
});
type: databricks:MwsNccPrivateEndpointRule
properties:
accountId: string
connectionState: string
creationTime: 0
deactivated: false
deactivatedAt: 0
domainNames:
- string
enabled: false
endpointName: string
endpointService: string
groupId: string
networkConnectivityConfigId: string
resourceId: string
resourceNames:
- string
ruleId: string
updatedTime: 0
vpcEndpointId: string
MwsNccPrivateEndpointRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The MwsNccPrivateEndpointRule resource accepts the following input properties:
- Network
Connectivity stringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- Account
Id string - Connection
State string - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- Creation
Time int - Time in epoch milliseconds when this object was created.
- Deactivated bool
- Whether this private endpoint is deactivated.
- Deactivated
At int - Time in epoch milliseconds when this object was deactivated.
- Domain
Names List<string> - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- Enabled bool
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- Endpoint
Name string - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- Endpoint
Service string - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - Group
Id string - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - Resource
Id string - The Azure resource ID of the target resource. Change forces creation of a new resource.
- Resource
Names List<string> - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - Rule
Id string - the ID of a private endpoint rule.
- Updated
Time int - Time in epoch milliseconds when this object was updated.
- Vpc
Endpoint stringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- Network
Connectivity stringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- Account
Id string - Connection
State string - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- Creation
Time int - Time in epoch milliseconds when this object was created.
- Deactivated bool
- Whether this private endpoint is deactivated.
- Deactivated
At int - Time in epoch milliseconds when this object was deactivated.
- Domain
Names []string - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- Enabled bool
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- Endpoint
Name string - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- Endpoint
Service string - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - Group
Id string - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - Resource
Id string - The Azure resource ID of the target resource. Change forces creation of a new resource.
- Resource
Names []string - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - Rule
Id string - the ID of a private endpoint rule.
- Updated
Time int - Time in epoch milliseconds when this object was updated.
- Vpc
Endpoint stringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- network
Connectivity StringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- account
Id String - connection
State String - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- creation
Time Integer - Time in epoch milliseconds when this object was created.
- deactivated Boolean
- Whether this private endpoint is deactivated.
- deactivated
At Integer - Time in epoch milliseconds when this object was deactivated.
- domain
Names List<String> - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- enabled Boolean
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- endpoint
Name String - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- endpoint
Service String - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - group
Id String - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - resource
Id String - The Azure resource ID of the target resource. Change forces creation of a new resource.
- resource
Names List<String> - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - rule
Id String - the ID of a private endpoint rule.
- updated
Time Integer - Time in epoch milliseconds when this object was updated.
- vpc
Endpoint StringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- network
Connectivity stringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- account
Id string - connection
State string - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- creation
Time number - Time in epoch milliseconds when this object was created.
- deactivated boolean
- Whether this private endpoint is deactivated.
- deactivated
At number - Time in epoch milliseconds when this object was deactivated.
- domain
Names string[] - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- enabled boolean
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- endpoint
Name string - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- endpoint
Service string - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - group
Id string - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - resource
Id string - The Azure resource ID of the target resource. Change forces creation of a new resource.
- resource
Names string[] - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - rule
Id string - the ID of a private endpoint rule.
- updated
Time number - Time in epoch milliseconds when this object was updated.
- vpc
Endpoint stringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- network_
connectivity_ strconfig_ id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- account_
id str - connection_
state str - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- creation_
time int - Time in epoch milliseconds when this object was created.
- deactivated bool
- Whether this private endpoint is deactivated.
- deactivated_
at int - Time in epoch milliseconds when this object was deactivated.
- domain_
names Sequence[str] - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- enabled bool
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- endpoint_
name str - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- endpoint_
service str - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - group_
id str - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - resource_
id str - The Azure resource ID of the target resource. Change forces creation of a new resource.
- resource_
names Sequence[str] - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - rule_
id str - the ID of a private endpoint rule.
- updated_
time int - Time in epoch milliseconds when this object was updated.
- vpc_
endpoint_ strid - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- network
Connectivity StringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- account
Id String - connection
State String - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- creation
Time Number - Time in epoch milliseconds when this object was created.
- deactivated Boolean
- Whether this private endpoint is deactivated.
- deactivated
At Number - Time in epoch milliseconds when this object was deactivated.
- domain
Names List<String> - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- enabled Boolean
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- endpoint
Name String - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- endpoint
Service String - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - group
Id String - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - resource
Id String - The Azure resource ID of the target resource. Change forces creation of a new resource.
- resource
Names List<String> - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - rule
Id String - the ID of a private endpoint rule.
- updated
Time Number - Time in epoch milliseconds when this object was updated.
- vpc
Endpoint StringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
Outputs
All input properties are implicitly available as output properties. Additionally, the MwsNccPrivateEndpointRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing MwsNccPrivateEndpointRule Resource
Get an existing MwsNccPrivateEndpointRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: MwsNccPrivateEndpointRuleState, opts?: CustomResourceOptions): MwsNccPrivateEndpointRule
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
connection_state: Optional[str] = None,
creation_time: Optional[int] = None,
deactivated: Optional[bool] = None,
deactivated_at: Optional[int] = None,
domain_names: Optional[Sequence[str]] = None,
enabled: Optional[bool] = None,
endpoint_name: Optional[str] = None,
endpoint_service: Optional[str] = None,
group_id: Optional[str] = None,
network_connectivity_config_id: Optional[str] = None,
resource_id: Optional[str] = None,
resource_names: Optional[Sequence[str]] = None,
rule_id: Optional[str] = None,
updated_time: Optional[int] = None,
vpc_endpoint_id: Optional[str] = None) -> MwsNccPrivateEndpointRule
func GetMwsNccPrivateEndpointRule(ctx *Context, name string, id IDInput, state *MwsNccPrivateEndpointRuleState, opts ...ResourceOption) (*MwsNccPrivateEndpointRule, error)
public static MwsNccPrivateEndpointRule Get(string name, Input<string> id, MwsNccPrivateEndpointRuleState? state, CustomResourceOptions? opts = null)
public static MwsNccPrivateEndpointRule get(String name, Output<String> id, MwsNccPrivateEndpointRuleState state, CustomResourceOptions options)
resources: _: type: databricks:MwsNccPrivateEndpointRule get: id: ${id}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - Connection
State string - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- Creation
Time int - Time in epoch milliseconds when this object was created.
- Deactivated bool
- Whether this private endpoint is deactivated.
- Deactivated
At int - Time in epoch milliseconds when this object was deactivated.
- Domain
Names List<string> - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- Enabled bool
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- Endpoint
Name string - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- Endpoint
Service string - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - Group
Id string - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - Network
Connectivity stringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- Resource
Id string - The Azure resource ID of the target resource. Change forces creation of a new resource.
- Resource
Names List<string> - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - Rule
Id string - the ID of a private endpoint rule.
- Updated
Time int - Time in epoch milliseconds when this object was updated.
- Vpc
Endpoint stringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- Account
Id string - Connection
State string - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- Creation
Time int - Time in epoch milliseconds when this object was created.
- Deactivated bool
- Whether this private endpoint is deactivated.
- Deactivated
At int - Time in epoch milliseconds when this object was deactivated.
- Domain
Names []string - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- Enabled bool
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- Endpoint
Name string - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- Endpoint
Service string - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - Group
Id string - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - Network
Connectivity stringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- Resource
Id string - The Azure resource ID of the target resource. Change forces creation of a new resource.
- Resource
Names []string - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - Rule
Id string - the ID of a private endpoint rule.
- Updated
Time int - Time in epoch milliseconds when this object was updated.
- Vpc
Endpoint stringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- account
Id String - connection
State String - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- creation
Time Integer - Time in epoch milliseconds when this object was created.
- deactivated Boolean
- Whether this private endpoint is deactivated.
- deactivated
At Integer - Time in epoch milliseconds when this object was deactivated.
- domain
Names List<String> - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- enabled Boolean
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- endpoint
Name String - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- endpoint
Service String - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - group
Id String - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - network
Connectivity StringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- resource
Id String - The Azure resource ID of the target resource. Change forces creation of a new resource.
- resource
Names List<String> - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - rule
Id String - the ID of a private endpoint rule.
- updated
Time Integer - Time in epoch milliseconds when this object was updated.
- vpc
Endpoint StringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- account
Id string - connection
State string - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- creation
Time number - Time in epoch milliseconds when this object was created.
- deactivated boolean
- Whether this private endpoint is deactivated.
- deactivated
At number - Time in epoch milliseconds when this object was deactivated.
- domain
Names string[] - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- enabled boolean
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- endpoint
Name string - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- endpoint
Service string - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - group
Id string - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - network
Connectivity stringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- resource
Id string - The Azure resource ID of the target resource. Change forces creation of a new resource.
- resource
Names string[] - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - rule
Id string - the ID of a private endpoint rule.
- updated
Time number - Time in epoch milliseconds when this object was updated.
- vpc
Endpoint stringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- account_
id str - connection_
state str - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- creation_
time int - Time in epoch milliseconds when this object was created.
- deactivated bool
- Whether this private endpoint is deactivated.
- deactivated_
at int - Time in epoch milliseconds when this object was deactivated.
- domain_
names Sequence[str] - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- enabled bool
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- endpoint_
name str - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- endpoint_
service str - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - group_
id str - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - network_
connectivity_ strconfig_ id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- resource_
id str - The Azure resource ID of the target resource. Change forces creation of a new resource.
- resource_
names Sequence[str] - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - rule_
id str - the ID of a private endpoint rule.
- updated_
time int - Time in epoch milliseconds when this object was updated.
- vpc_
endpoint_ strid - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
- account
Id String - connection
State String - The current status of this private endpoint. The private endpoint rules are effective only if the connection state is
ESTABLISHED
. Remember that you must approve new endpoints on your resources in the Azure portal before they take effect. The possible values are:PENDING
: The endpoint has been created and pending approval.ESTABLISHED
: The endpoint has been approved and is ready to be used in your serverless compute resources.REJECTED
: Connection was rejected by the private link resource owner.DISCONNECTED
: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.EXPIRED
: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
- creation
Time Number - Time in epoch milliseconds when this object was created.
- deactivated Boolean
- Whether this private endpoint is deactivated.
- deactivated
At Number - Time in epoch milliseconds when this object was deactivated.
- domain
Names List<String> - On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
group_id
. - On AWS: List of target resource FQDNs accessible via the VPC endpoint service. Only used by private endpoints towards a VPC endpoint service behind a customer-managed VPC endpoint service. Conflicts with
resource_names
.
- On Azure: List of domain names of target private link service. Only used by private endpoints to customer-managed private endpoint services. Conflicts with
- enabled Boolean
- Activation status. Only used by private endpoints towards an AWS S3 service. Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources. Can only be updated after a private endpoint rule towards an AWS S3 service is successfully created.
- endpoint
Name String - The name of the Azure private endpoint resource, e.g. "databricks-088781b3-77fa-4132-b429-1af0d91bc593-pe-3cb31234"
- endpoint
Service String - Example
com.amazonaws.vpce.us-east-1.vpce-svc-123abcc1298abc123
. The full target AWS endpoint service name that connects to the destination resources of the private endpoint. - group
Id String - Not used by customer-managed private endpoint services. The sub-resource type (group ID) of the target resource. Must be one of supported resource types (i.e.,
blob
,dfs
,sqlServer
, etc. Consult the Azure documentation for full list of supported resources). Note that to connect to workspace root storage (root DBFS), you need two endpoints, one forblob
and one fordfs
. Change forces creation of a new resource. Conflicts withdomain_names
. - network
Connectivity StringConfig Id - Canonical unique identifier of Network Connectivity Config in Databricks Account. Change forces creation of a new resource.
- resource
Id String - The Azure resource ID of the target resource. Change forces creation of a new resource.
- resource
Names List<String> - Only used by private endpoints towards AWS S3 service. List of globally unique S3 bucket names that will be accessed via the VPC endpoint. The bucket names must be in the same region as the NCC/endpoint service. Conflict with
domain_names
. - rule
Id String - the ID of a private endpoint rule.
- updated
Time Number - Time in epoch milliseconds when this object was updated.
- vpc
Endpoint StringId - The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by Databricks.
Import
This resource can be imported by Databricks account ID and Network Connectivity Config ID.
hcl
import {
to = databricks_mws_ncc_private_endpoint_rule.this
id = “<network_connectivity_config_id>/<rule_id>”
}
Alternatively, when using terraform
version 1.4 or earlier, import using the pulumi import
command:
$ pulumi import databricks:index/mwsNccPrivateEndpointRule:MwsNccPrivateEndpointRule this "<network_connectivity_config_id>/<rule_id>"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- databricks pulumi/pulumi-databricks
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
databricks
Terraform Provider.