I would like to control from which IP addresses can users access a Databricks instance running on our company Azure.
To do this I have set IP access list policy using Databricks REST API documented here https://docs.databricks.com/security/network/ip-access-list.html
This goes smoothy and I end up with the following access list with only one IP
{
"ip_access_lists": [
{
"list_id": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxx",
"label": "my_ip",
"ip_addresses": [
"X.X.X.X"
],
"address_count": 1,
"list_type": "ALLOW",
"created_at": 1610538434413,
"created_by": AAAAAAAAAAAAAA,
"updated_at": 1610538434413,
"updated_by": AAAAAAAAAAAAAA,
"enabled": true
}
]
}
Databricks however does not follow this instructions at all and I can access my instance from all IP addresses.
Why is that? What does one have to setup in additional to allow Databricks respect this list?
There is no option like this in the admin console.
The feature was not enabled! Of cource I noticed a minute after sending the question.
If anyone is wondering look here: https://docs.databricks.com/security/network/ip-access-list.html#check-if-your-workspace-has-the-ip-access-list-feature-enabled
This was enough
curl -X PATCH -n \
https://<databricks-instance>/api/2.0/workspace-conf \
-d '{
"enableIpAccessLists": "true"
}'