UNPKG

@pulumi/databricks

Version:

A Pulumi package for creating and managing databricks cloud resources.

pulumi/pulumi-databricks

267 lines • 13.1 kB

JavaScript

"use strict"; // *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.MwsVpcEndpoint = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("./utilities"); /** * > Initialize provider with `alias = "mws"`, `host = "https://accounts.cloud.databricks.com"` and use `provider = databricks.mws` * * Enables you to register awsVpcEndpoint resources or gcp vpcEndpoint resources with Databricks such that they can be used as part of a databricks.MwsNetworks configuration. * * It is strongly recommended that customers read the [Enable AWS Private Link](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html) or the [Enable GCP Private Service Connect](https://docs.gcp.databricks.com/administration-guide/cloud-configurations/gcp/private-service-connect.html) documentation before trying to leverage this resource. * * ## Example Usage * * ### Databricks on AWS usage * * Before using this resource, you will need to create the necessary VPC Endpoints as per your [VPC endpoint requirements](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html#vpc-endpoint-requirements). You can use the awsVpcEndpoint resource for this, for example: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const workspace = new aws.ec2.VpcEndpoint("workspace", { * vpcId: vpc.vpcId, * serviceName: privateLink.workspaceService, * vpcEndpointType: "Interface", * securityGroupIds: [vpc.defaultSecurityGroupId], * subnetIds: [plSubnet.id], * privateDnsEnabled: true, * }, { * dependsOn: [plSubnet], * }); * const relay = new aws.ec2.VpcEndpoint("relay", { * vpcId: vpc.vpcId, * serviceName: privateLink.relayService, * vpcEndpointType: "Interface", * securityGroupIds: [vpc.defaultSecurityGroupId], * subnetIds: [plSubnet.id], * privateDnsEnabled: true, * }, { * dependsOn: [plSubnet], * }); * ``` * * Depending on your use case, you may need or choose to add VPC Endpoints for the AWS Services Databricks uses. See [Add VPC endpoints for other AWS services (recommended but optional) * ](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html#step-9-add-vpc-endpoints-for-other-aws-services-recommended-but-optional) for more information. For example: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const s3 = new aws.ec2.VpcEndpoint("s3", { * vpcId: vpc.vpcId, * routeTableIds: vpc.privateRouteTableIds, * serviceName: `com.amazonaws.${region}.s3`, * }, { * dependsOn: [vpc], * }); * const sts = new aws.ec2.VpcEndpoint("sts", { * vpcId: vpc.vpcId, * serviceName: `com.amazonaws.${region}.sts`, * vpcEndpointType: "Interface", * subnetIds: vpc.privateSubnets, * securityGroupIds: [vpc.defaultSecurityGroupId], * privateDnsEnabled: true, * }, { * dependsOn: [vpc], * }); * const kinesis_streams = new aws.ec2.VpcEndpoint("kinesis-streams", { * vpcId: vpc.vpcId, * serviceName: `com.amazonaws.${region}.kinesis-streams`, * vpcEndpointType: "Interface", * subnetIds: vpc.privateSubnets, * securityGroupIds: [vpc.defaultSecurityGroupId], * }, { * dependsOn: [vpc], * }); * ``` * * Once you have created the necessary endpoints, you need to register each of them via *this* Pulumi resource, which calls out to the [Databricks Account API](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html#step-3-register-your-vpc-endpoint-ids-with-the-account-api)): * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as databricks from "@pulumi/databricks"; * * const workspace = new databricks.MwsVpcEndpoint("workspace", { * accountId: databricksAccountId, * awsVpcEndpointId: workspaceAwsVpcEndpoint.id, * vpcEndpointName: `VPC Relay for ${vpc.vpcId}`, * region: region, * }, { * dependsOn: [workspaceAwsVpcEndpoint], * }); * const relay = new databricks.MwsVpcEndpoint("relay", { * accountId: databricksAccountId, * awsVpcEndpointId: relayAwsVpcEndpoint.id, * vpcEndpointName: `VPC Relay for ${vpc.vpcId}`, * region: region, * }, { * dependsOn: [relayAwsVpcEndpoint], * }); * ``` * * Typically the next steps after this would be to create a databricks.MwsPrivateAccessSettings and databricks.MwsNetworks configuration, before passing the `databricks_mws_private_access_settings.pas.private_access_settings_id` and `databricks_mws_networks.this.network_id` into a databricks.MwsWorkspaces resource: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as databricks from "@pulumi/databricks"; * * const _this = new databricks.MwsWorkspaces("this", { * accountId: databricksAccountId, * awsRegion: region, * workspaceName: prefix, * credentialsId: thisDatabricksMwsCredentials.credentialsId, * storageConfigurationId: thisDatabricksMwsStorageConfigurations.storageConfigurationId, * networkId: thisDatabricksMwsNetworks.networkId, * privateAccessSettingsId: pas.privateAccessSettingsId, * pricingTier: "ENTERPRISE", * }, { * dependsOn: [thisDatabricksMwsNetworks], * }); * ``` * * ### Databricks on GCP usage * * Before using this resource, you will need to create the necessary Private Service Connect (PSC) connections on your Google Cloud VPC networks. You can see [Enable Private Service Connect for your workspace](https://docs.gcp.databricks.com/administration-guide/cloud-configurations/gcp/private-service-connect.html) for more details. * * Once you have created the necessary PSC connections, you need to register each of them via *this* Pulumi resource, which calls out to the Databricks Account API. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as databricks from "@pulumi/databricks"; * * const config = new pulumi.Config(); * // Account Id that could be found in https://accounts.gcp.databricks.com/ * const databricksAccountId = config.requireObject<any>("databricksAccountId"); * const databricksGoogleServiceAccount = config.requireObject<any>("databricksGoogleServiceAccount"); * const googleProject = config.requireObject<any>("googleProject"); * const subnetRegion = config.requireObject<any>("subnetRegion"); * const workspace = new databricks.MwsVpcEndpoint("workspace", { * accountId: databricksAccountId, * vpcEndpointName: "PSC Rest API endpoint", * gcpVpcEndpointInfo: { * projectId: googleProject, * pscEndpointName: "PSC Rest API endpoint", * endpointRegion: subnetRegion, * }, * }); * const relay = new databricks.MwsVpcEndpoint("relay", { * accountId: databricksAccountId, * vpcEndpointName: "PSC Relay endpoint", * gcpVpcEndpointInfo: { * projectId: googleProject, * pscEndpointName: "PSC Relay endpoint", * endpointRegion: subnetRegion, * }, * }); * ``` * * Typically the next steps after this would be to create a databricks.MwsPrivateAccessSettings and databricks.MwsNetworks configuration, before passing the `databricks_mws_private_access_settings.pas.private_access_settings_id` and `databricks_mws_networks.this.network_id` into a databricks.MwsWorkspaces resource: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as databricks from "@pulumi/databricks"; * * const _this = new databricks.MwsWorkspaces("this", { * accountId: databricksAccountId, * workspaceName: "gcp workspace", * location: subnetRegion, * cloudResourceContainer: { * gcp: { * projectId: googleProject, * }, * }, * gkeConfig: { * connectivityType: "PRIVATE_NODE_PUBLIC_MASTER", * masterIpRange: "10.3.0.0/28", * }, * networkId: thisDatabricksMwsNetworks.networkId, * privateAccessSettingsId: pas.privateAccessSettingsId, * pricingTier: "PREMIUM", * }, { * dependsOn: [thisDatabricksMwsNetworks], * }); * ``` * * ## Related Resources * * The following resources are used in the same context: * * * Provisioning Databricks on AWS guide. * * Provisioning Databricks on AWS with Private Link guide. * * Provisioning AWS Databricks workspaces with a Hub & Spoke firewall for data exfiltration protection guide. * * Provisioning Databricks workspaces on GCP with Private Service Connect guide. * * databricks.MwsNetworks to [configure VPC](https://docs.databricks.com/administration-guide/cloud-configurations/aws/customer-managed-vpc.html) & subnets for new workspaces within AWS. * * databricks.MwsPrivateAccessSettings to create a [Private Access Setting](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html#step-5-create-a-private-access-settings-configuration-using-the-databricks-account-api) that can be used as part of a databricks.MwsWorkspaces resource to create a [Databricks Workspace that leverages AWS Private Link](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html). * * databricks.MwsWorkspaces to set up [AWS and GCP workspaces](https://docs.databricks.com/getting-started/overview.html#e2-architecture-1). * * ## Import * * -> Importing this resource is not currently supported. */ class MwsVpcEndpoint extends pulumi.CustomResource { /** * Get an existing MwsVpcEndpoint resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name, id, state, opts) { return new MwsVpcEndpoint(name, state, Object.assign(Object.assign({}, opts), { id: id })); } /** * Returns true if the given object is an instance of MwsVpcEndpoint. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj) { if (obj === undefined || obj === null) { return false; } return obj['__pulumiType'] === MwsVpcEndpoint.__pulumiType; } constructor(name, argsOrState, opts) { let resourceInputs = {}; opts = opts || {}; if (opts.id) { const state = argsOrState; resourceInputs["accountId"] = state ? state.accountId : undefined; resourceInputs["awsAccountId"] = state ? state.awsAccountId : undefined; resourceInputs["awsEndpointServiceId"] = state ? state.awsEndpointServiceId : undefined; resourceInputs["awsVpcEndpointId"] = state ? state.awsVpcEndpointId : undefined; resourceInputs["gcpVpcEndpointInfo"] = state ? state.gcpVpcEndpointInfo : undefined; resourceInputs["region"] = state ? state.region : undefined; resourceInputs["state"] = state ? state.state : undefined; resourceInputs["useCase"] = state ? state.useCase : undefined; resourceInputs["vpcEndpointId"] = state ? state.vpcEndpointId : undefined; resourceInputs["vpcEndpointName"] = state ? state.vpcEndpointName : undefined; } else { const args = argsOrState; if ((!args || args.vpcEndpointName === undefined) && !opts.urn) { throw new Error("Missing required property 'vpcEndpointName'"); } resourceInputs["accountId"] = args ? args.accountId : undefined; resourceInputs["awsAccountId"] = args ? args.awsAccountId : undefined; resourceInputs["awsEndpointServiceId"] = args ? args.awsEndpointServiceId : undefined; resourceInputs["awsVpcEndpointId"] = args ? args.awsVpcEndpointId : undefined; resourceInputs["gcpVpcEndpointInfo"] = args ? args.gcpVpcEndpointInfo : undefined; resourceInputs["region"] = args ? args.region : undefined; resourceInputs["state"] = args ? args.state : undefined; resourceInputs["useCase"] = args ? args.useCase : undefined; resourceInputs["vpcEndpointId"] = args ? args.vpcEndpointId : undefined; resourceInputs["vpcEndpointName"] = args ? args.vpcEndpointName : undefined; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); super(MwsVpcEndpoint.__pulumiType, name, resourceInputs, opts); } } exports.MwsVpcEndpoint = MwsVpcEndpoint; /** @internal */ MwsVpcEndpoint.__pulumiType = 'databricks:index/mwsVpcEndpoint:MwsVpcEndpoint'; //# sourceMappingURL=mwsVpcEndpoint.js.map