Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Note
Azure Databricks charges for networking costs when serverless workloads connect to customer resources. See Understand Databricks serverless networking costs.
This article describes how to manage private endpoint rules for private connectivity from serverless compute using the Azure Databricks account console. You can also use the Network Connectivity Configurations API.
To configure private connectivity for serverless compute, see Configure private connectivity to Azure resources and Configure private connectivity to resources in your VNet.
View the connection status of a private endpoint rule
After you create a private endpoint rule, you can view its status on the Network Connectivity Config page under Private endpoint rules.
PENDING: Pending approval on the resource.ESTABLISHED: Established on the resource.REJECTED: Rejected on the resource.DISCONNECTED: Disconnected on the resource.EXPIRED: Expired on the resource. A private endpoint rule expires after being in theREJECTED,DISCONNECTED, orPENDINGstate for 14 days.
Remove private endpoint rules
You must be an Azure Databricks account admin to remove a private endpoint.
As an account admin, go to the account console.
In the sidebar, click Cloud Resources.
Click Network Connectivity Configs.
Select your NCC.
In Private endpoint rules, click the trash icon
at the right of the rule you want to remove.If the rule is in
ESTABLISHED,REJECTED, orDISCONNECTEDstate, Databricks might retain the private endpoint on your cloud resource for 7 days before permanently deleting it.
Update a private endpoint rule
- From the Network Connectivity Configurations page, select the NCC object attached to your private endpoint.
- Navigate to Private endpoint rules tab.
- Find the private endpoint you want to change and click the kebab menu
.
Supported resources
Private connectivity from serverless compute supports the following resources:
- Azure AI Search
- Azure AI Services
- Azure API Management
- Azure App Service (Azure Functions)
- Azure Database for MySQL - Flexible Server
- Azure Database for MySQL - Single Server
- Azure Database for PostgreSQL - Flexible server
- Azure Database for PostgreSQL - Single server
- Azure Event Grid
- Azure Event Hub
- Azure Key Vault
- Azure SQL Database
- Azure SQL Managed Instance
- Azure Storage
- Resources behind a Standard Load Balancer
What's next
- Configure private connectivity to internal network resources: Use PrivateLink to establish secure and isolated access to your internal network resources from serverless compute, bypassing the public internet. See Configure private connectivity to resources in your VNet.
- Configure a firewall for serverless compute access: Implement a firewall to restrict and secure inbound and outbound network connections for your serverless compute environments. See Configure a firewall for serverless compute access.
- Understand data transfer and connectivity costs: Learn about the costs associated with data transfer and connectivity when using private endpoints and serverless compute. See Understand Databricks serverless networking costs.