Closed pnarsi closed 1 year ago
@pnarsi Thank you for your feedback . We will investigate this and update the thread.
While it is possible for the IPs to change 'several times within the same day', the changes on average are closer to the 'every few months' timescale than the 'several times within the same day' timescale. @pnarsi I will ask author whether the approach is officially endorsed.
@mamccrea can you please help me determine whether the solution hosted on Databricks website is officially endorsed by Microsoft?
Just wanted to add, that we're experiencing a similar issue. It also looks like the doc was updated recently to add more artifact storage hostnames for the WestUS2 region.
I see two options
Of course my preferred option, would be for MS to implement something that makes it all transparent to me.
Thanks for your dedication to our documentation. Unfortunately, we have been unable to address your issue and apologize for the delayed response. We are closing this issue, but if you feel that it's still a concern, please let us know directly at doc-feedback@databricks.com.
Invalid command: '#please-close'. Only Microsoft employees can use this command.
The warning box on this page warns that the IP addresses of five of the services that we need to add to the Routing Table with a next hop of "Internet" can change over time.
How frequently will these IP addresses change? In theory can they change several times within the same day or are we talking about infrequent changes to the IP Addresses potentially once every few months?
Furthermore the Databricks team through a blog article talk about an alternative solution where we use an Azure Firewall on a peered VNET with service endpoints to whitelist the specific FQDN of these five service dependencies. The advantage of this is that we don't need to worry about changing IP addresses (at the cost of spinning up an Azure Firewall). Is this alternative setup suggested by Databricks something that Microsoft officially endorses?
Databricks blog entry on this topic: https://databricks.com/blog/2020/03/27/data-exfiltration-protection-with-azure-databricks.html
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.