Using subnets for Databricks connectivity is the correct thing to do. This way you ensure the resources (clusters) can connect to the SQL Database. We also recommend using NPIP (No Public IPs) so that there won't be any public ip associated with the cluster nodes. This wouldn't matter for the SQL Database but it is more for the peace of mind.
It may be better to have something like an Azure fire wall in front have the Databricks vnet and then allow this firewall on the Azure SQL Database, rather than the subnets which allows you to control egress from Databricks subnets and restricts who gets to talk to Azure SQL from the Databricks perspective.
There are a lot of options here. Feel free to reach out to sales@databricks.com to get connect to an architect.