mlops-azure-project-with-sp-linking
databricks/mlops-azure-project-with-sp-linking/databricks
This module creates and configures service principals with appropriate permissions and entitlements to run CI/CD for a project, and creates a workspace directory as a container for project-specific resources for the Azure Databricks staging and prod workspaces. It also links pre-existing Azure Active Directory (AAD) applications to the service principals.
MLOps Azure Project Module with Service Principal Linking In both of the specified staging and prod workspaces, this module: Links a pre-existing AAD applications and associates it with a newly created Azure Databricks service principal, configuring appropriate permissions and entitlements to run CI/CD for a project. Creates a workspace directory as a container for project-specific resources The service principals are granted CAN_MANAGE permissions on the created workspace directories. _NOTE:_ 1. This module is in preview so it is still experimental and subject to change. Feedback is welcome! 2. The Databricks providers that are passed into the module should be configured with workspace admin permissions. 3. The module assumes that one of the two Azure Infrastructure Modules (with Creation
| Name | Type | Description | Default |
|---|---|---|---|
| azure_prod_client_id | string | The client ID of the AAD service principal in the prod workspace that will be us | |
| service_principal_name | string | The display name for the service principals. | |
| project_directory_path | string | Path/Name of Azure Databricks workspace directory to be created for the project. | |
| azure_staging_client_id | string | The client ID of the AAD service principal in the staging workspace that will be | |
| azure_staging_aad_token | string | The AAD token of the service principal in the staging workspace. This will need | null |
| azure_prod_client_secret | string | The client secret of the AAD service principal in the prod workspace. NOTE: If a | null |
| azure_prod_tenant_id | string | The tenant ID of the AAD service principal in the prod workspace. NOTE: If azure | null |
| azure_prod_aad_token | string | The AAD token of the service principal in the prod workspace. This will need to | null |
| service_principal_group_name | string | The name of the service principal group in the staging and prod workspace. The c | "mlops-service-principals" |
| azure_staging_client_secret | string | The client secret of the AAD service principal in the staging workspace. NOTE: I | null |
| azure_staging_tenant_id | string | The tenant ID of the AAD service principal in the staging workspace. NOTE: If az | null |
prod_service_principal_application_id — Application ID of the created Azure Databricks service principal in the prod workspace. Identical toprod_service_principal_aad_token — Sensitive AAD token value of the created Azure Databricks service principal in the prod workspace.project_directory_path — Path/Name of Azure Databricks workspace directory created for the project.staging_service_principal_application_id — Application ID of the created Azure Databricks service principal in the staging workspace. Identicalstaging_service_principal_aad_token — Sensitive AAD token value of the created Azure Databricks service principal in the staging workspace