cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Cannot create vnet peering on Azure Databricks

zerodarkzone
New Contributor III

‎04-05-2024 02:53 PM

Hi,

I'm trying to create a VNET peering using to SAP hana using the default VNET created by databricks but it is not possible.

I'm getting the following error

No se pudo agregar el emparejamiento de red virtual "PeeringSAP" a "workers-vnet". Error: El cliente "" con el id. de objeto "" tiene permiso para realizar la acción "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write" en el ámbito "RG-DATADEM-BRICKS/providers/Microsoft.Network/virtualNetworks/workers-vnet/virtualNetworkPeerings/PeeringSAP'>workers-vnet/PeeringSAP"; sin embargo, se ha denegado el acceso debido a la asignación de denegación con el nombre "System deny assignment created by Azure Databricks /subscriptions/c267dfb6-05fb-/resourceGroups/RG-DATADEM/providers/Microsoft.Databricks/workspaces/DATADEM-WORKSPACE" y el id. "53b5b7cc6c2e4" en el ámbito "/subscriptions/c267dfb6-05fb-4e7e-8c16/resourceGroups/RG-DATADEM-BRICKS"

 

It lookks like the user doesn't have permissions to create a VNET peering on the databricks created resource group. But according to the documentation. This should be possible.

 

0 Kudos
1 REPLY 1

zerodarkzone
New Contributor III
In response to Retired_mod

‎04-08-2024 06:55 AM

The the user who is trying to do the peering is an Owner in the Azure account so he should have all the necessary permisions. It looks like the problem is because a deny assigment created by Azure databricks on the managed VNet.

Is it possible to do a VNet peering when the databricks Vnet is created inside the Databricks Managed resource group?

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements