Enabled IP Access Control in Databricks workspace and no one can connect to the workspace

Inna Mednyk 1 Reputation point
2024-06-04T19:19:54.28+00:00

We setup Access control list with only one entry of the wrong IP address (outbound nat gateway IP )
Also Enforce IP access list on Compute Plane Requests toggle on . Now no one can access the workspace and there is no way I can toggle off.

Is there a solution for that?

Best regards,

Azure Databricks
Azure Databricks
An Apache Spark-based analytics platform optimized for Azure.
2,015 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Inna Mednyk 1 Reputation point
    2024-06-04T21:35:36.5733333+00:00

    Hi, thank you for the answer. ACL was located in databricks, cannot be accessible from portal. We found the solution: created a VM, made sure it has static Public IP address specified on databricks IP ACL. And from there, we removed the list and "Enforce IP access list on Compute Plane Requests" toggle "False" by using Databricks CLI. everyone can access workspace now.

    I think there should be another way to fix it. The feature is in public preview ... we will write a feedback


  2. BhargavaGunnam-MSFT 28,111 Reputation points Microsoft Employee
    2024-06-04T22:54:43.7533333+00:00

    Hello Inna Mednyk,

    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

    Issue:

    How to Enabled IP Access Control on Compute Plane in Databricks workspace when no one can connect to the workspace due toan entry of the wrong IP address (outbound nat gateway IP )

    Solution:

    This was resolved by creating a VM and ensuring it had a static public IP address specified in the Databricks IP ACL. From there, we removed the IP access list and set the 'Enforce IP access list on Compute Plane Requests' toggle to 'False' using the Databricks CLI. Now, everyone can access the workspace

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments No comments