![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 64%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJO%3C/text%3E%3C/svg%3E)
Azure Databricks
An Apache Spark-based analytics platform optimized for Azure.
2,181 questions
@João Bálico - Thanks for the question and using MS Q&A platform.
Yes, you can use a single DNS zone for both the customer VNet and the transit VNet. The documentation you are referring to shows two separate DNS zones for clarity, but it is not a requirement.
When you create a private endpoint for Databricks workspace, you need to create a private DNS zone in your Azure DNS. This DNS zone will be used to resolve the private IP address of the Databricks workspace. You can use the same DNS zone for both the customer VNet and the transit VNet.
Here are the high-level steps to create a Databricks workspace with private endpoint:
- Create a virtual network (VNet) in your Azure subscription. This VNet will be used to host your Databricks workspace and the private endpoint.
- Create a subnet in the VNet for the Databricks workspace.
- Create a private DNS zone in your Azure DNS. This DNS zone will be used to resolve the private IP address of the Databricks workspace.
- Create a private endpoint for the Databricks workspace. This will involve creating a network interface in the subnet you created in step 2, and then creating a private endpoint that uses the network interface.
- Create a Databricks workspace in the VNet you created in step 1. When you create the workspace, you will need to specify the VNet and subnet you created in steps 1 and 2, and the private DNS zone you created in step 3.
- Once the workspace is created, you can connect to it using the private endpoint. You can also configure your network security groups to allow traffic only from the private endpoint.
Error: If you see a message “Configured privacy settings disallow access for workspace <your-workspace-id> over your current network. Please contact your administrator for more information”.
This error probably means:
- You are connecting to the workspace over the public internet (not from a Private Link connection).
- You have configured the workspace to not support public network access.
For more details, refer to Enable Azure Private Link as a standard deployment - Authentication troubleshooting.
Hope this helps. Do let us know if you any further queries.
If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 48%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 22%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKF%3C/text%3E%3C/svg%3E)