added descriptions

data-platform-hq · Oct 28, 2024 · ff00e2c · ff00e2c
1 parent b5c1b21
commit ff00e2c
Show file tree

Hide file tree

Showing 7 changed files with 39 additions and 43 deletions.
diff --git a/README.md b/README.md
@@ -50,24 +50,39 @@ Terraform module for creation AWS Databricks Workspace
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_account_id"></a> [account\_id](#input\_account\_id) | Databricks Account ID | `string` | n/a | yes |
+<<<<<<< HEAD
 | <a name="input_iam_cross_account_workspace_role_config"></a> [iam\_cross\_account\_workspace\_role\_config](#input\_iam\_cross\_account\_workspace\_role\_config) | n/a | <pre>object({<br/>    role_name               = optional(string, null)<br/>    policy_name             = optional(string, null)<br/>    permission_boundary_arn = optional(string, null)<br/>    role_description        = optional(string, "Databricks IAM Role to launch clusters in your AWS account, you must create a cross-account IAM role that gives access to Databricks.")<br/>  })</pre> | `{}` | no |
 | <a name="input_iam_cross_account_workspace_role_enabled"></a> [iam\_cross\_account\_workspace\_role\_enabled](#input\_iam\_cross\_account\_workspace\_role\_enabled) | n/a | `bool` | `true` | no |
 | <a name="input_label"></a> [label](#input\_label) | AWS region | `string` | n/a | yes |
 | <a name="input_private_access_settings_config"></a> [private\_access\_settings\_config](#input\_private\_access\_settings\_config) | n/a | <pre>object({<br/>    name                     = optional(string, null)<br/>    allowed_vpc_endpoint_ids = optional(list(string), [])<br/>    public_access_enabled    = optional(bool, true)<br/>  })</pre> | `{}` | no |
 | <a name="input_private_access_settings_enabled"></a> [private\_access\_settings\_enabled](#input\_private\_access\_settings\_enabled) | ############################################################################### Workspace access config ############################################################################### | `bool` | `true` | no |
 | <a name="input_privatelink_dedicated_vpce_config"></a> [privatelink\_dedicated\_vpce\_config](#input\_privatelink\_dedicated\_vpce\_config) | n/a | <pre>object({<br/>    rest_vpc_endpoint_name    = optional(string, null)<br/>    relay_vpc_endpoint_name   = optional(string, null)<br/>    rest_aws_vpc_endpoint_id  = optional(string, null)<br/>    relay_aws_vpc_endpoint_id = optional(string, null)<br/>  })</pre> | `{}` | no |
 | <a name="input_privatelink_dedicated_vpce_enabled"></a> [privatelink\_dedicated\_vpce\_enabled](#input\_privatelink\_dedicated\_vpce\_enabled) | n/a | `bool` | `false` | no |
+=======
+| <a name="input_iam_cross_account_workspace_role_config"></a> [iam\_cross\_account\_workspace\_role\_config](#input\_iam\_cross\_account\_workspace\_role\_config) | Configuration object for setting the IAM cross-account role for the Databricks workspace | <pre>object({<br>    role_name               = optional(string, null)<br>    policy_name             = optional(string, null)<br>    permission_boundary_arn = optional(string, null)<br>    role_description        = optional(string, "Databricks IAM Role to launch clusters in your AWS account, you must create a cross-account IAM role that gives access to Databricks.")<br>  })</pre> | `{}` | no |
+| <a name="input_iam_cross_account_workspace_role_enabled"></a> [iam\_cross\_account\_workspace\_role\_enabled](#input\_iam\_cross\_account\_workspace\_role\_enabled) | A boolean flag to determine if the cross-account IAM role for Databricks workspace access should be created | `bool` | `true` | no |
+| <a name="input_label"></a> [label](#input\_label) | A customizable string used as a prefix for naming Databricks resources | `string` | n/a | yes |
+| <a name="input_private_access_settings_config"></a> [private\_access\_settings\_config](#input\_private\_access\_settings\_config) | Configuration for private access settings | <pre>object({<br>    name                     = optional(string, null)<br>    allowed_vpc_endpoint_ids = optional(list(string), [])<br>    public_access_enabled    = optional(bool, true)<br>  })</pre> | `{}` | no |
+| <a name="input_private_access_settings_enabled"></a> [private\_access\_settings\_enabled](#input\_private\_access\_settings\_enabled) | Indicates whether private access settings should be enabled for the Databricks workspace. Set to true to activate these settings | `bool` | `true` | no |
+| <a name="input_privatelink_dedicated_vpce_config"></a> [privatelink\_dedicated\_vpce\_config](#input\_privatelink\_dedicated\_vpce\_config) | Configuration object for AWS PrivateLink dedicated VPC Endpoints (VPCe) | <pre>object({<br>    rest_vpc_endpoint_name    = optional(string, null)<br>    relay_vpc_endpoint_name   = optional(string, null)<br>    rest_aws_vpc_endpoint_id  = optional(string, null)<br>    relay_aws_vpc_endpoint_id = optional(string, null)<br>  })</pre> | `{}` | no |
+| <a name="input_privatelink_dedicated_vpce_enabled"></a> [privatelink\_dedicated\_vpce\_enabled](#input\_privatelink\_dedicated\_vpce\_enabled) | Boolean flag to enable or disable the creation of dedicated AWS VPC Endpoints (VPCe) for Databricks PrivateLink | `bool` | `false` | no |
+>>>>>>> 6e612d1 (added descriptions)
 | <a name="input_privatelink_enabled"></a> [privatelink\_enabled](#input\_privatelink\_enabled) | Boolean flag to enabled registration of Privatelink VPC Endpoints (REST API and SCC Relay) in target Databricks Network Config | `bool` | `false` | no |
-| <a name="input_privatelink_relay_vpce_id"></a> [privatelink\_relay\_vpce\_id](#input\_privatelink\_relay\_vpce\_id) | n/a | `string` | `null` | no |
-| <a name="input_privatelink_rest_vpce_id"></a> [privatelink\_rest\_vpce\_id](#input\_privatelink\_rest\_vpce\_id) | n/a | `string` | `null` | no |
+| <a name="input_privatelink_relay_vpce_id"></a> [privatelink\_relay\_vpce\_id](#input\_privatelink\_relay\_vpce\_id) | AWS VPC Endpoint ID used for Databricks SCC Relay when PrivateLink is enabled | `string` | `null` | no |
+| <a name="input_privatelink_rest_vpce_id"></a> [privatelink\_rest\_vpce\_id](#input\_privatelink\_rest\_vpce\_id) | AWS VPC Endpoint ID used for Databricks REST API if PrivateLink is enabled | `string` | `null` | no |
 | <a name="input_region"></a> [region](#input\_region) | AWS region | `string` | n/a | yes |
 | <a name="input_security_group_ids"></a> [security\_group\_ids](#input\_security\_group\_ids) | Set of AWS security group IDs for Databricks Account network configuration | `set(string)` | n/a | yes |
+<<<<<<< HEAD
 | <a name="input_storage_dbfs_config"></a> [storage\_dbfs\_config](#input\_storage\_dbfs\_config) | n/a | <pre>object({<br/>    bucket_name = optional(string)<br/>  })</pre> | `{}` | no |
 | <a name="input_storage_dbfs_enabled"></a> [storage\_dbfs\_enabled](#input\_storage\_dbfs\_enabled) | ############################################################################### Storage root bucket config ############################################################################### | `bool` | `true` | no |
+=======
+| <a name="input_storage_dbfs_config"></a> [storage\_dbfs\_config](#input\_storage\_dbfs\_config) | Configuration for the Databricks File System (DBFS) storage | <pre>object({<br>    bucket_name = optional(string)<br>  })</pre> | `{}` | no |
+| <a name="input_storage_dbfs_enabled"></a> [storage\_dbfs\_enabled](#input\_storage\_dbfs\_enabled) | Flag to enable or disable the use of DBFS (Databricks File System) storage in the Databricks workspace | `bool` | `true` | no |
+>>>>>>> 6e612d1 (added descriptions)
 | <a name="input_subnet_ids"></a> [subnet\_ids](#input\_subnet\_ids) | Set of AWS subnet IDs for Databricks Account network configuration | `set(string)` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | Assigned tags to AWS services | `map(string)` | `{}` | no |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | AWS VPC ID | `string` | n/a | yes |
-| <a name="input_workspace_creator_token_enabled"></a> [workspace\_creator\_token\_enabled](#input\_workspace\_creator\_token\_enabled) | n/a | `bool` | `false` | no |
+| <a name="input_workspace_creator_token_enabled"></a> [workspace\_creator\_token\_enabled](#input\_workspace\_creator\_token\_enabled) | Indicates whether to enable the creation of a token for workspace creators in Databricks | `bool` | `false` | no |
 
 ## Outputs
 

diff --git a/main.tf b/main.tf
@@ -38,7 +38,7 @@ resource "databricks_mws_private_access_settings" "this" {
 ################################################################################
 resource "databricks_mws_networks" "this" {
   account_id         = var.account_id
-  network_name       = var.label #var.network_name
+  network_name       = var.label
   security_group_ids = var.security_group_ids
   subnet_ids         = var.subnet_ids
   vpc_id             = var.vpc_id
@@ -146,7 +146,6 @@ module "storage_configuration_dbfs_bucket" {
     status = "Disabled"
   }
 
-  #tags = merge(var.tags, { Name = coalesce(var.storage_dbfs_config.bucket_name, "dbfs-${var.label}") })
 }
 
 resource "aws_s3_bucket_policy" "databricks_aws_bucket_policy" {

diff --git a/modules/privatelink/outputs.tf b/modules/privatelink/outputs.tf
@@ -1,9 +1,9 @@
 output "rest_vpce_id" {
   value       = databricks_mws_vpc_endpoint.rest.vpc_endpoint_id
-  description = ""
+  description = "The ID of the AWS VPC endpoint associated with the Databricks REST API"
 }
 
 output "relay_vpce_id" {
   value       = databricks_mws_vpc_endpoint.relay.vpc_endpoint_id
-  description = ""
+  description = "The ID of the AWS VPC endpoint associated with the Databricks Relay service"
 }
diff --git a/modules/privatelink/variables.tf b/modules/privatelink/variables.tf
@@ -5,21 +5,21 @@ variable "region" {
 
 variable "rest_vpc_endpoint_name" {
   type        = string
-  description = "AWS region"
+  description = "The name to assign to the AWS VPC endpoint for the Databricks REST API"
 }
 variable "rest_aws_vpc_endpoint_id" {
   type        = string
-  description = "AWS region"
+  description = "The AWS VPC endpoint ID for the Databricks REST API"
 }
 
 variable "relay_vpc_endpoint_name" {
   type        = string
-  description = "AWS region"
+  description = "The name to assign to the AWS VPC endpoint for the Databricks Relay service"
 }
 
 variable "relay_aws_vpc_endpoint_id" {
   type        = string
-  description = "AWS region"
+  description = "The AWS VPC endpoint ID for the Databricks Relay service"
 }
 
 variable "account_id" {

diff --git a/modules/privatelink/versions.tf b/modules/privatelink/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     databricks = {
       source  = "databricks/databricks"
-      version = ">= 1.48"
+      version = ">= 1.55"
     }
   }
 }
diff --git a/outputs.tf b/outputs.tf
@@ -10,14 +10,6 @@ output "iam_role" {
   value = try(module.iam_cross_account_workspace_role[0], null)
 }
 
-#output "workspace_uuid" {
-#  value = databricks_mws_workspaces.this.id
-#}
-
 output "workspace_url" {
   value = databricks_mws_workspaces.this.workspace_url
 }
-#
-#output "workspace_id" {
-#  value = databricks_mws_workspaces.this.workspace_id
-#}
diff --git a/variables.tf b/variables.tf
@@ -2,7 +2,7 @@
 # General 
 ################################################################################
 variable "label" {
-  description = "AWS region"
+  description = "A customizable string used as a prefix for naming Databricks resources"
   type        = string
 }
 
@@ -40,11 +40,6 @@ variable "subnet_ids" {
   type        = set(string)
 }
 
-#variable "network_name" {
-#  type        = string
-#  description = "Databricks Account network configuration name"
-#}
-
 ################################################################################
 # Privatelink configuration
 ################################################################################
@@ -56,7 +51,7 @@ variable "privatelink_enabled" {
 
 variable "privatelink_rest_vpce_id" {
   type        = string
-  description = ""
+  description = "AWS VPC Endpoint ID used for Databricks REST API if PrivateLink is enabled"
   default     = null
 
   validation {
@@ -66,7 +61,7 @@ variable "privatelink_rest_vpce_id" {
 }
 
 variable "privatelink_relay_vpce_id" {
-  description = ""
+  description = "AWS VPC Endpoint ID used for Databricks SCC Relay when PrivateLink is enabled"
   type        = string
   default     = null
 
@@ -77,13 +72,13 @@ variable "privatelink_relay_vpce_id" {
 }
 
 variable "privatelink_dedicated_vpce_enabled" {
-  description = ""
+  description = "Boolean flag to enable or disable the creation of dedicated AWS VPC Endpoints (VPCe) for Databricks PrivateLink"
   type        = bool
   default     = false
 }
 
 variable "privatelink_dedicated_vpce_config" {
-  description = ""
+  description = "Configuration object for AWS PrivateLink dedicated VPC Endpoints (VPCe)"
   type = object({
     rest_vpc_endpoint_name    = optional(string, null)
     relay_vpc_endpoint_name   = optional(string, null)
@@ -96,15 +91,14 @@ variable "privatelink_dedicated_vpce_config" {
 ################################################################################
 # Databricks Workspace
 ################################################################################
-
 variable "iam_cross_account_workspace_role_enabled" {
-  description = ""
+  description = "A boolean flag to determine if the cross-account IAM role for Databricks workspace access should be created"
   type        = bool
   default     = true
 }
 
 variable "iam_cross_account_workspace_role_config" {
-  description = ""
+  description = "Configuration object for setting the IAM cross-account role for the Databricks workspace"
   type = object({
     role_name               = optional(string, null)
     policy_name             = optional(string, null)
@@ -113,17 +107,18 @@ variable "iam_cross_account_workspace_role_config" {
   })
   default = {}
 }
+
 ################################################################################
 # Storage root bucket config
 ################################################################################
 variable "storage_dbfs_enabled" {
-  description = ""
+  description = "Flag to enable or disable the use of DBFS (Databricks File System) storage in the Databricks workspace"
   type        = bool
   default     = true
 }
 
 variable "storage_dbfs_config" {
-  description = ""
+  description = "Configuration for the Databricks File System (DBFS) storage"
   type = object({
     bucket_name = optional(string)
   })
@@ -133,13 +128,8 @@ variable "storage_dbfs_config" {
 ################################################################################
 # Workspace
 ################################################################################
-#variable "workspace_name" {
-#  type        = string
-#  description = "Databricks workspace name"
-#}
-
 variable "workspace_creator_token_enabled" {
-  description = ""
+  description = "Indicates whether to enable the creation of a token for workspace creators in Databricks"
   type        = bool
   default     = false
 }
@@ -148,13 +138,13 @@ variable "workspace_creator_token_enabled" {
 # Workspace access config
 ################################################################################
 variable "private_access_settings_enabled" {
-  description = ""
+  description = "Indicates whether private access settings should be enabled for the Databricks workspace. Set to true to activate these settings"
   type        = bool
   default     = true
 }
 
 variable "private_access_settings_config" {
-  description = ""
+  description = "Configuration for private access settings"
   type = object({
     name                     = optional(string, null)
     allowed_vpc_endpoint_ids = optional(list(string), [])