Skip to main content
Feedback

Creating Azure Databricks Private Link

Data Integration supports connecting to Azure Databricks using Azure Private Link. This provides secure, private connectivity between Data Integration and your Databricks workspace, avoiding exposure to the public internet.

Private Link is available for the Pro Plus plan.

Prerequisites

Verify region support

Your Databricks workspace must be deployed in an Azure region that supports Private Link for Azure Databricks. To learn more, refer to Microsoft’s Azure Databricks feature and region support.

Share workspace details

Provide the following information to the Data Integration team:

  • Workspace URL, for example, https://adb-xxxxxxxx.azuredatabricks.net.
  • Azure Resource ID of the workspace.
note

Azure Resource ID can be found in Azure Portal → Databricks workspace → JSON view.

  • Azure Region of the workspace.
  • Tenant ID and a contact with Owner/Contributor permissions on the workspace to approve private endpoint requests.
important

Data Integration requires the workspace’s Resource ID and Region to target Private Endpoints correctly across tenants/subscriptions.

Workspace networking posture

For end-to-end private networking, configure your workspace with:

  • Secure cluster connectivity (No Public IP addresses)
  • Virtual Network injection

To learn more about best practices, refer to Databricks Private Link guidance.

Approve Data Integration private endpoint requests

Data Integration creates private endpoints in the Azure tenant targeting your workspace sub-resources:

  • databricks_ui_api
  • browser_authentication (recommended/required depending on authentication egress posture)

Procedure

  1. Navigate to the Azure Portal → Databricks workspace → Networking → Private endpoint connections.
  2. Select each "Pending connection" from Data Integration. You can view Pending connections in your Azure portal.
  3. Click Approve.

To learn more, refer to Databricks front‑end Private Link documentation.

Once you complete the request:

The Data Integration team creates the private endpoints for your workspace.

  • Configures private DNS to privately resolve *.pl-auth.azuredatabricks.net, and share this connection name with you.
  • Validates API connectivity over Private Link.
On this Page