The Security Reference Architecture (SRA) implements typical security features as Terraform Templates that are deployed by most high-security organizations, and enforces controls for the largest risks that customers ask about most often.
Fortunately @nathanknox already had the private dbfs terraform code in the Azure SRA folder. I uncommented the azure/tf/modules/azure_spoke/dbfs_privatelink.tf file and added the following conditionals.
Each block in the azure/tf/modules/azure_spoke/dbfs_privatelink.tf will have:
The first line checks if the variable boolean_create_private_dbfs is set to true (default) or false. Leaving as default or setting to explicit true in the *.tfvars will create all the private dbfs resources as long as the azurerm_databricks_workspace.this dependency is complete.
I added a boolean variable in the azure/tf/modules/azure_spoke/variables.tf (default is true) for implementing private dbfs
Fortunately @nathanknox already had the private dbfs terraform code in the Azure SRA folder. I uncommented the
azure/tf/modules/azure_spoke/dbfs_privatelink.tf
file and added the following conditionals. Each block in the azure/tf/modules/azure_spoke/dbfs_privatelink.tf will have:The first line checks if the variable
boolean_create_private_dbfs
is set to true (default) or false. Leaving as default or setting to explicit true in the *.tfvars will create all the private dbfs resources as long as theazurerm_databricks_workspace.this
dependency is complete.