Hello,
I've deployed Azure Databricks with a standard Private Link setup (no public IP). Everything works as expectedโI can log in via the private/internal network, create clusters, and manage workloads without any issues.
When I create a Databricks App, it generates a URL like: <name>.azure.databricksapps.com
Since I didnโt initially have a Private DNS Zone for azure.databricksapps.com, my system resolved this address to a public IP. To fix this, I:
- Created a Private DNS Zone for azure.databricksapps.com.
- Added an A record pointing <name>.azure.databricksapps.com to my Databricks workspace private IP endpoint (same as used in privatelink.azuredatabricks.net for this workspace).
Behavior Before Adding the Private DNS Zone:
nslookup <app-name>.azure.databricksapps.com โ Resolved to a public IP.
curl or accessing via a browser resulted in:
{"X-Databricks-Reason-Phrase":"Public access is not allowed for workspace: xyz"}
Behavior After Adding the Private DNS Zone:
nslookup <app-name>.azure.databricksapps.com โ Now resolves to the private IP (as expected).
However, curl and browser requests still go through the public IP and return the same error:
{"X-Databricks-Reason-Phrase":"Public access is not allowed for workspace: xyz"}
Is additional configuration needed to ensure Databricks Apps work over Private Link?
Does this feature require a Public IP, or should it work fully within a private network?