databricks-solutions · eri-adepoju · Apr 20, 2025 · Jun 13, 2025 · Jun 13, 2025 · alexott
@@ -0,0 +1,22 @@
+DB license
+Definitions. 
+
+Agreement: The agreement between Databricks, Inc., and you governing the use of the Databricks Services, as that term is defined in the Master Cloud Services Agreement (MCSA) located at www.databricks.com/legal/mcsa.
+
+Licensed Materials: The source code, object code, data, and/or other works to which this license applies.
+
+Scope of Use. You may not use the Licensed Materials except in connection with your use of the Databricks Services pursuant to the Agreement. Your use of the Licensed Materials must comply at all times with any restrictions applicable to the Databricks Services, generally, and must be used in accordance with any applicable documentation. You may view, use, copy, modify, publish, and/or distribute the Licensed Materials solely for the purposes of using the Licensed Materials within or connecting to the Databricks Services. If you do not agree to these terms, you may not view, use, copy, modify, publish, and/or distribute the Licensed Materials.
+
+Redistribution. You may redistribute and sublicense the Licensed Materials so long as all use is in compliance with these terms. In addition:
+
+You must give any other recipients a copy of this License;
+You must cause any modified files to carry prominent notices stating that you changed the files;
+You must retain, in any derivative works that you distribute, all copyright, patent, trademark, and attribution notices, excluding those notices that do not pertain to any part of the derivative works; and
+If a "NOTICE" text file is provided as part of its distribution, then any derivative works that you distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the derivative works.
+You may add your own copyright statement to your modifications and may provide additional license terms and conditions for use, reproduction, or distribution of your modifications, or for any such derivative works as a whole, provided your use, reproduction, and distribution of the Licensed Materials otherwise complies with the conditions stated in this License.
+
+Termination. This license terminates automatically upon your breach of these terms or upon the termination of your Agreement. Additionally, Databricks may terminate this license at any time on notice. Upon termination, you must permanently delete the Licensed Materials and all copies thereof.
+
+DISCLAIMER; LIMITATION OF LIABILITY.
+
+THE LICENSED MATERIALS ARE PROVIDED “AS-IS” AND WITH ALL FAULTS. DATABRICKS, ON BEHALF OF ITSELF AND ITS LICENSORS, SPECIFICALLY DISCLAIMS ALL WARRANTIES RELATING TO THE LICENSED MATERIALS, EXPRESS AND IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES, CONDITIONS AND OTHER TERMS OF MERCHANTABILITY, SATISFACTORY QUALITY OR FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. DATABRICKS AND ITS LICENSORS TOTAL AGGREGATE LIABILITY RELATING TO OR ARISING OUT OF YOUR USE OF OR DATABRICKS’ PROVISIONING OF THE LICENSED MATERIALS SHALL BE LIMITED TO ONE THOUSAND ($1,000) DOLLARS.  IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE LICENSED MATERIALS OR THE USE OR OTHER DEALINGS IN THE LICENSED MATERIALS.
@@ -0,0 +1,17 @@
+Copyright (2025) Databricks, Inc.
+
+This Software includes software developed at Databricks (https://www.databricks.com/) and its use is subject to the included LICENSE file.
+
+________________
+This Software contains code from the following open source projects, licensed under the Apache 2.0 license (https://www.apache.org/licenses/LICENSE-2.0):
+
+databricks/terraform-provider-databricks - https://github.com/databricks/terraform-provider-databricks
+Copyright 2022 Databricks, Inc.  All rights reserved.
+
+_____________
+This Software contains code from the following open source projects, licensed under the MPL License Agreement:
+
+hashicorp/terraform-provider-azurerm - https://github.com/hashicorp/terraform-provider-azurerm
+Copyright © 2017- Hashicorp, Inc; All Rights Reserved
+License - https://github.com/hashicorp/terraform-provider-azurerm/blob/main/LICENSE
+
@@ -0,0 +1,15 @@
+# Terraform Workspace Infrastucture Migration Guide
+
+## Overview
+
+This project contain templates can be used to migrate the current infrastructure details of a Databricks workspace into a Terraform project. [Blog post](https://community.databricks.com/t5/technical-blog/bg-p/technical-blog)
+
+- [AWS](https://github.com/databricks-solutions/databricks-blogposts/tree/main/2025-04-managing-databricks-accounts-and-workspaces-with-code/aws)
+- [Azure](https://github.com/databricks-solutions/databricks-blogposts/tree/main/2025-04-managing-databricks-accounts-and-workspaces-with-code/azure)
+- [GCP](https://github.com/databricks-solutions/databricks-blogposts/tree/main/2025-04-managing-databricks-accounts-and-workspaces-with-code/gcp)
+
+
+
+
+
+
@@ -0,0 +1,34 @@
+# Overview
+This code example is based on this [Databricks Terraform workspace module](https://github.com/databricks/terraform-databricks-examples/blob/main/modules/aws-databricks-workspace/main.tf) and showcases the first step to migrating an existing workspace's infrastructure to Terraform.
+
+
+If your workspace has features not included in this template, such as Private Link or Network Connnectivity Configurations, use the [Deployment section in the Databricks Terraform Provider's documentation](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/mws_workspaces#argument-reference)for the resource syntax to include.
+
+# Prerequistes
+* Databricks Account Admin role and access to the account console.
+* (Optional but recommended) A Databricks service principal with account admin role for authentication 
+* [Terraform CLI installed on your machine](https://developer.hashicorp.com/terraform/install)
+
+
+# Instructions
+* Configure Databricks Authentication. If using a service principal, generate an OAuth Token and add to your local .databrickcfg file. See the [documentation for details and alternative authenication methods](https://docs.databricks.com/aws/en/dev-tools/auth/oauth-m2m?language=Terraform). 
+* Fill out the variables in the terraform.tfvars file with values as specified below.
+* Run `terraform init` in your terminal.
+* Input variable values in bash.sh file and run `sh bash.sh` in your terminal.
+* Run `terraform plan` in your terminal. You should receive a "No changes. Your infrastructure matches the configuration." message.
+    * Edit main.tf to match discrepanies if you get an execution plan instead.
+
+# Variables to inlcude in .tfvars file
+
+### From the Databricks account console
+* databricks_account_id (string) - see upper right corner and click on the circular avatar
+* workspace_name (string) - from workspace details
+* region (string) - from workspace details
+* network_name (string) - from network configuration
+* vpc_id (string) - from network configuration
+* security_group_ids list(string) - from network configuration
+* vpc_private_subnets list(string) - from network configuration
+* cross_account_role_arn (string) - from credential configuration
+* credentials_name (string) - from credential configuration
+* root_storage_bucket (string) - from storage credential
+* storage_configuration_name (string) - from storage credential
diff --git a/2025-04-managing-databricks-accounts-and-workspaces-with-code/aws/bash.sh b/2025-04-managing-databricks-accounts-and-workspaces-with-code/aws/bash.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+# Define variables
+databricks_account_id=""
+storage_configuration_id=""
+network_id=""
+credentials_id=""
+workspace_id=""
+
+# Run multiple import commands at once
+
+terraform import databricks_mws_credentials.this "${databricks_account_id}/${credentials_id}"
+terraform import databricks_mws_networks.this "${databricks_account_id}/${network_id}"
+terraform import databricks_mws_storage_configurations.this "${databricks_account_id}/${storage_configuration_id}"
+terraform import databricks_mws_workspaces.this "${databricks_account_id}/${workspace_id}"
+
+
+echo "Terraform import commands completed."
+
+chmod +x bash.sh
@@ -0,0 +1,30 @@
+resource "databricks_mws_credentials" "this" {
+  account_id       = var.databricks_account_id
+  role_arn         = var.cross_account_role_arn
+  credentials_name = var.credentials_name
+}
+
+resource "databricks_mws_networks" "this" {
+  account_id         = var.databricks_account_id
+  network_name       = var.network_name
+  security_group_ids = var.security_group_ids
+  subnet_ids         = var.vpc_private_subnets
+  vpc_id             = var.vpc_id
+}
+
+resource "databricks_mws_storage_configurations" "this" {
+  account_id                 = var.databricks_account_id
+  bucket_name                = var.root_storage_bucket
+  storage_configuration_name = var.storage_configuration_name
+}
+
+resource "databricks_mws_workspaces" "this" {
+  account_id     = var.databricks_account_id
+  aws_region     = var.region
+  workspace_name = var.workspace_name
+
+  credentials_id           = databricks_mws_credentials.this.credentials_id
+  storage_configuration_id = databricks_mws_storage_configurations.this.storage_configuration_id
+  network_id               = databricks_mws_networks.this.network_id
+
+}
@@ -0,0 +1,11 @@
+region = ""
+credentials_name = ""
+cross_account_role_arn = ""
+databricks_account_id = ""
+network_name = ""
+security_group_ids = [ "" ]
+vpc_id = ""
+vpc_private_subnets = [ "" ]
+root_storage_bucket = ""
+storage_configuration_name = ""
+workspace_name = ""
@@ -0,0 +1,54 @@
+variable "workspace_name" {
+  type        = string
+  description = "(Required) Workspace name"
+}
+
+variable "region" {
+  type        = string
+  description = "(Required) AWS region where the assets will be deployed"
+}
+
+variable "vpc_id" {
+  type        = string
+  description = "(Required) AWS VPC ID"
+}
+
+variable "security_group_ids" {
+  type        = list(string)
+  description = "(Required) List of VPC network security group IDs from Databricks Account Console"
+}
+
+variable "vpc_private_subnets" {
+  type        = list(string)
+  description = "(Required) AWS VPC Subnet IDs from Databricks account console"
+}
+
+variable "databricks_account_id" {
+  type        = string
+  description = "(Required) Databricks Account ID"
+}
+
+variable "cross_account_role_arn" {
+  type        = string
+  description = "(Required) AWS cross account role ARN from Databricks account console"
+}
+
+variable "root_storage_bucket" {
+  type        = string
+  description = "(Required) AWS root storage bucket"
+}
+
+variable "credentials_name" {
+  type        = string
+  description = "(Required) Credentials name from Databricks account console"
+}
+
+variable "network_name" {
+  type        = string
+  description = "(Required) Network name from Databricks account console"
+}
+
+variable "storage_configuration_name" {
+  type        = string
+  description = "(Required) Storage name from Databricks account console"
+}
@@ -0,0 +1,14 @@
+terraform {
+  required_providers {
+    databricks = {
+      source  = "databricks/databricks"
+      version = ">=1.13.0"
+    }
+
+  }
+}
+
+provider "databricks" {
+  host     = "https://accounts.cloud.databricks.com"
+  account_id = var.databricks_account_id
+}
@@ -0,0 +1,39 @@
+# Overview
+This code example is based on this [Databricks Terraform workspace module](https://github.com/databricks/terraform-databricks-examples/tree/main/modules/adb-lakehouse) and showcases the first step to migrating an existing workspace's infrastructure to Terraform.
+
+
+If your workspace has features not included in this template, such as Private Link or Customer-Managed Keys, use the [Deployment section in the Databricks Terraform Provider's documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/databricks_workspace)for the resource syntax to include.
+
+# Prerequistes
+* Permissions to view the details of the Databricks workspace in the Azure Portal.
+* Workspace admin role.
+* (Optional but recommended) A Databricks service principal with workspace admin role for authentication.
+* [Terraform CLI installed on your machine](https://developer.hashicorp.com/terraform/install).
+
+
+# Instructions
+* Configure [Azure authentication](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs#authenticating-to-azure).
+* Review the main.tf file and include any additional configuration.
+* Fill out the variables in the terraform.tfvars file with values as specified below. Include new values and variables if added in the previous step.
+* Run `terraform init` in your terminal.
+* Input variable values in bash.sh file and run `sh bash.sh` in your terminal.
+* Run `terraform plan` in your terminal. You should receive a "No changes. Your infrastructure matches the configuration." message.
+    * Edit main.tf to match discrepanies if you get an execution plan instead.
+
+
+
+# Variables to inlcude in .tfvars file
+
+### From the Azure portal
+* workspace_name (string) - from workspace overview
+* resource_group_name (string) -  from workspace overview
+* location (string) -  from workspace overview
+* managed_resource_group_name (string) -  from workspace overview
+* sku_type (string) - from workspace overview (premium or standard)
+* virtual_network_id (string) - resource ID from virtual network JSON view in the upper right corner
+* private_subnet_name (string) - from virtual network subnet setting page
+* public_subnet_name (string) - from virtual network subnet setting page
+* public_subnet_id (string) - subnet ID from virtual network subnet setting details page
+* private_subnet_id (string) - subnet ID from virtual network subnet setting details page
+* nat_gateway_id (string) - resource ID from NAT gateway JSON view in the upper right corner
+
diff --git a/2025-04-managing-databricks-accounts-and-workspaces-with-code/azure/bash.sh b/2025-04-managing-databricks-accounts-and-workspaces-with-code/azure/bash.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# Define variables
+azure_workspace_resource_id=""
+public_subnet_resource_id=""
+private_subnet_resource_id= ""
+
+terraform import azurerm_databricks_workspace.this "${azure_workspace_resource_id}"
+terraform import azurerm_subnet_nat_gateway_association.private "${private_subnet_resource_id}"
+terraform import azurerm_subnet_nat_gateway_association.public "${public_subnet_resource_id}"
+
+echo "Terraform import commands completed."
+
+chmod +x bash.sh
@@ -0,0 +1,25 @@
+resource "azurerm_databricks_workspace" "this" {
+  name                        = var.workspace_name
+  resource_group_name         = var.resource_group_name
+  managed_resource_group_name = var.managed_resource_group_name
+  location                    = var.location
+  sku                         = var.sku_type
+
+  custom_parameters {
+
+    no_public_ip                                         = true
+    virtual_network_id                                   = var.virtual_network_id
+    private_subnet_name                                  = var.private_subnet_name
+    public_subnet_name                                   = var.public_subnet_name
+  }
+}
+
+resource "azurerm_subnet_nat_gateway_association" "private" {
+  subnet_id      = var.private_subnet_id
+  nat_gateway_id = var.nat_gateway_id
+}
+
+resource "azurerm_subnet_nat_gateway_association" "public" {
+  subnet_id      = var.public_subnet_id
+  nat_gateway_id = var.nat_gateway_id
+}
@@ -0,0 +1,11 @@
+workspace_name = ""
+resource_group_name = ""
+managed_resource_group_name = ""
+location = ""                 
+sku_type = ""   
+virtual_network_id = ""
+private_subnet_name = ""
+public_subnet_name  = ""    
+public_subnet_id = ""
+private_subnet_id = ""
+nat_gateway_id  = ""          
@@ -0,0 +1,59 @@
+variable "workspace_name" {
+  type        = string
+  default     = ""
+  description = "(Required) Workspace Name for this module - if none are provided, the prefix will be used to name the workspace via coalesce()"
+}
+
+variable "private_subnet_name" {
+  type        = string
+  description = "(Required) Name of subnet for internal cluster communication"
+}
+
+variable "public_subnet_name" {
+  type        = string
+  description = "(Required Name of subnet for cluster host"
+}
+
+variable "private_subnet_id" {
+  type        = string
+  description = "(Required) Private subnet resource ID from Azure portal"
+}
+
+variable "public_subnet_id" {
+  type        = string
+  description = "(Required) Public subnet resource ID from Azure portal"
+}
+
+variable "nat_gateway_id" {
+  type        = string
+  description = "(Required) NAT Gateway resource ID from Azure portal"
+}
+
+variable "virtual_network_id" {
+  type        = string
+  description = "(Required) Virtual network resource ID from Azure portal"
+}
+
+variable "sku_type" {
+  type        = string
+  description = "(Required) Pricing tier from Azure Portal"
+  validation {
+    condition     = contains(["premium", "standard"], var.sku_type)
+    error_message = "Invalid instance type. Allowed values are standard or premium."
+  }
+}
+
+variable "location" {
+  type        = string
+  description = "(Required) Databricks workspace region"
+}
+
+variable "resource_group_name" {
+  type        = string
+  description = "(Required) Resource group name from Azure Portal"
+}
+
+variable "managed_resource_group_name" {
+  type        = string
+  description = "(Required) Databricks managed resource group name from Azure Portal"
+}