cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Azure Databricks unable to connect to private DNS KeyVault in createScope, showing "DNS invalid"

Go to solution
Nilave
New Contributor III

โ€Ž05-08-2022 03:38 AM

I have an Azure KeyVault with private endpoint created in the same Vnet as Azure Databricks. While trying to add it as a scope using the private DNS Zone ie <KVname>.privatelink.vaultcore.azure.net

getting error "DNS  is invalid and cannot be reached."

If I try to ping it from Azure Databricks using as below

%sh ping <KVName>.privatelink.vaultcore.azure.net , it does resolves to its private IP address.

What could be the issue

Labels:
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
mark_362882
New Contributor III

โ€Ž01-10-2023 02:40 AM

I got it working by creating the KV backed scope via UI. I used the the dns without the private part: <KVName>.vault.azure.net

The private dns will resolve it to the right IP.

You do have to check the "Allow trusted Microsoft services to bypass this firewall" in the Firewalls and virtual tab if you have set Allow access from to disable public access or Allow public access from specific virtual networks and IP addresses.

View solution in original post

3 REPLIES 3

Go to solution
mark_362882
New Contributor III
In response to Retired_mod

โ€Ž01-10-2023 02:08 AM

This is not the answer.

I have the same question.

How can I connect an Azure Key Vault with private endpoint to the databricks vnet?

Go to solution
Soma
Valued Contributor

โ€Ž10-06-2022 10:28 PM

hi @Kaniz Fatmaโ€‹ @Nilave Chakrabortyโ€‹ still facing the same issue.

The solution you have provided is not working and in this case the key vault dns itself not getting resolved.

Can you please let me know how this got resolved

0 Kudos

Go to solution
mark_362882
New Contributor III

โ€Ž01-10-2023 02:40 AM

I got it working by creating the KV backed scope via UI. I used the the dns without the private part: <KVName>.vault.azure.net

The private dns will resolve it to the right IP.

You do have to check the "Allow trusted Microsoft services to bypass this firewall" in the Firewalls and virtual tab if you have set Allow access from to disable public access or Allow public access from specific virtual networks and IP addresses.

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโ€™t want to miss the chance to attend and share knowledge.

If there isnโ€™t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements