cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Delta sharing gold layer data within organisation but outside of Vnet

Go to solution
mushroom_posse
New Contributor II

‎08-22-2024 09:45 AM

Hi all,

The organisation I’m working for has a data engineering team using medallion architecture and wants to share materialised views in the gold layer to members of the organisation who do not have access to the Vnet to be delivered in power BI reports.

Currently DBR is using ADLS v2 as its external storage. Security requirements demand that the storage public networking is disabled. We are able to add and transform data in the external storage using a managed identity, which has been added to the firewall exceptions.

I have tried creating a delta share however when ingesting to PBI there is an odbc error that is only fixed by enabled public access to the storage account.

I have also tried using partner connect to connect PBI directly however getting a similar issue.

Is there a way to achieve this goal?

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
szymon_dybczak
Contributor III

‎08-22-2024 09:53 AM - edited ‎08-22-2024 09:55 AM

Hi @mushroom_posse ,

If storage account has disabled public access then you basically have 3 options:

 - setup VPN Gateway ( and use VPN to connect to your VNET)
 - setup Express Route (similar to option 1, faster but pricier)
 - manually add IPs to storage account firewall 

If your organization using firewall you can also add rules that will allow incoming traffic to your storage account from certain pool of IP addresses/FQDNs etc.

View solution in original post

2 REPLIES 2

Go to solution
szymon_dybczak
Contributor III

‎08-22-2024 09:53 AM - edited ‎08-22-2024 09:55 AM

Hi @mushroom_posse ,

If storage account has disabled public access then you basically have 3 options:

 - setup VPN Gateway ( and use VPN to connect to your VNET)
 - setup Express Route (similar to option 1, faster but pricier)
 - manually add IPs to storage account firewall 

If your organization using firewall you can also add rules that will allow incoming traffic to your storage account from certain pool of IP addresses/FQDNs etc.

Go to solution
mushroom_posse
New Contributor II

‎08-23-2024 12:35 AM - edited ‎08-23-2024 12:36 AM

Thanks for that information will take it to the infrastructure team 😃

0 Kudos

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements