HomeTerraform Modulemlops-azure-infrastructure-with-sp-creation

mlops-azure-infrastructure-with-sp-creation

databricks/mlops-azure-infrastructure-with-sp-creation/databricks

Terraform Module HCL DATABRICKS ✓ Verified

This module sets up multi-workspace model registry between an Azure Databricks development (dev) workspace, staging workspace, and production (prod) workspace, allowing READ access from dev/staging workspaces to staging & prod model registries. It also creates the relevant Azure Active Directory (AAD) applications for the service principals.

Install
module "mlops-azure-infrastructure-with-sp-creation" {
source = "databricks/mlops-azure-infrastructure-with-sp-creation/databricks"
version = "0.0.3"
}
plain text: /constructs/tfmod-databricks-mlops-azure-infrastructure-with-sp-creation-databricks/install.txt
⭐ Source on GitHub 📦 Registry page
README

MLOps Azure Infrastructure Module with Service Principal Creation This module sets up multi-workspace model registry between a development (dev) workspace, a staging workspace, and a production (prod) workspace, allowing READ access from dev/staging workspaces to staging & prod model registries. The module performs this setup by creating AAD applications and associating them with newly created Azure Databricks service principals in the staging and prod workspaces, then giving them READ-only access to their respective model registries. It will also create secret scopes and store the necessary secrets in the dev and staging workspaces, and only give READ access to this secret scope to the "users" group and the generated service principals group. The output of this module will be the secret s

Inputs (4)
NameTypeDescriptionDefault
azure_tenant_idstringThe Azure tenant ID of the AAD subscription. Must match the one used for the Azu required
staging_workspace_idstringWorkspace ID of the staging workspace (can be often found in the URL) used for r required
prod_workspace_idstringWorkspace ID of the prod workspace (can be often found in the URL) used for remo required
additional_token_usage_groupslist(string)List of groups that should have token usage permissions in the staging and prod []
Outputs (7)
dev_secret_scope_name_for_staging — The name of the secret scope created in the dev workspace that is used for remote model registry acc
dev_secret_scope_name_for_prod — The name of the secret scope created in the dev workspace that is used for remote model registry acc
staging_secret_scope_name_for_prod — The name of the secret scope created in the staging workspace that is used for remote model registry
dev_secret_scope_prefix_for_staging — The prefix used in the dev workspace secret scope for remote model registry access to the staging wo
dev_secret_scope_prefix_for_prod — The prefix used in the dev workspace secret scope for remote model registry access to the prod works
staging_secret_scope_prefix_for_prod — The prefix used in the staging workspace secret scope for remote model registry access to the prod w
service_principal_group_name — The name of the service principal group created in the staging and prod workspace.
Resources (3)
databricks_groupdatabricks_permissionsdatabricks_token
Details
FrameworkTerraform Module
LanguageHCL
Version0.0.3
Cloud DATABRICKS
★ Stars1
Forks0
Total downloads226
Inputs4
Outputs7
Resources3
Submodules2
LicenseApache-2.0
Namespacedatabricks
Updated
Tools
⚖ Compare with another construct → 📋 View data schema