cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Data Engineering
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Azure Databricks unable to connect to private DNS KeyVault in createScope, showing "DNS invalid"

Go to solution
Nilave
New Contributor III

โ€Ž05-08-2022 03:38 AM

I have an Azure KeyVault with private endpoint created in the same Vnet as Azure Databricks. While trying to add it as a scope using the private DNS Zone ie <KVname>.privatelink.vaultcore.azure.net

getting error "DNS  is invalid and cannot be reached."

If I try to ping it from Azure Databricks using as below

%sh ping <KVName>.privatelink.vaultcore.azure.net , it does resolves to its private IP address.

What could be the issue

Labels:
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
mark_362882
New Contributor III

โ€Ž01-10-2023 02:40 AM

I got it working by creating the KV backed scope via UI. I used the the dns without the private part: <KVName>.vault.azure.net

The private dns will resolve it to the right IP.

You do have to check the "Allow trusted Microsoft services to bypass this firewall" in the Firewalls and virtual tab if you have set Allow access from to disable public access or Allow public access from specific virtual networks and IP addresses.

View solution in original post

6 REPLIES 6

Go to solution
Kaniz
Community Manager
Community Manager

โ€Ž05-19-2022 02:45 AM

Hi @Nilave Chakrabortyโ€‹ , You will find a similar issue in a similar thread here, which already has the best answer- https://community.databricks.com/s/question/0D53f00001HKHjtCAH/databricks-cannot-access-azure-key-va...

Do let us know if that helps.

0 Kudos

Go to solution
mark_362882
New Contributor III
In response to Kaniz

โ€Ž01-10-2023 02:08 AM

This is not the answer.

I have the same question.

How can I connect an Azure Key Vault with private endpoint to the databricks vnet?

Go to solution
Kaniz
Community Manager
Community Manager

โ€Ž06-14-2022 08:42 AM

Hi @Nilave Chakrabortyโ€‹ โ€‹, We havenโ€™t heard from you on the last response from me, and I was checking back to see if you have a resolution yet. If you have any solution, please share it with the community as it can be helpful to others. Otherwise, we will respond with more details and try to help.

0 Kudos

Go to solution
Soma
Valued Contributor

โ€Ž10-06-2022 10:28 PM

hi @Kaniz Fatmaโ€‹ @Nilave Chakrabortyโ€‹ still facing the same issue.

The solution you have provided is not working and in this case the key vault dns itself not getting resolved.

Can you please let me know how this got resolved

0 Kudos

Go to solution
mark_362882
New Contributor III

โ€Ž01-10-2023 02:40 AM

I got it working by creating the KV backed scope via UI. I used the the dns without the private part: <KVName>.vault.azure.net

The private dns will resolve it to the right IP.

You do have to check the "Allow trusted Microsoft services to bypass this firewall" in the Firewalls and virtual tab if you have set Allow access from to disable public access or Allow public access from specific virtual networks and IP addresses.

Go to solution
Kaniz
Community Manager
Community Manager
In response to mark_362882

โ€Ž01-10-2023 02:52 AM

Hi @mark van den bergโ€‹, Thank you for sharing your workaround to this question.

0 Kudos
Announcements
Welcome to Databricks Community: Lets learn, network and celebrate together

Join our fast-growing data practitioner and expert community of 80K+ members, ready to discover, help and collaborate together while making meaningful connections. 

Click here to register and join today! 

Engage in exciting technical discussions, join a group with your peers and meet our Featured Members.