Azure Databricks Workspaces should use private link
HIGH
Ensures Azure Databricks workspaces are accessible only through private endpoints.
What does this mean?
This recommendation ensures that Azure Databricks workspaces are configured with Private Link, restricting access to private endpoints within your virtual network rather than over the public internet.
Benefits of implementation
- Eliminates public internet exposure of the Databricks workspace
- Network traffic stays within the Azure backbone
- Protects sensitive data processing from network-based attacks
Drawbacks and considerations
- Requires Private Link/Private Endpoint configuration
- Users need VPN or ExpressRoute for access
- Additional costs for private endpoints
Implementation
Implementation guidance coming soon.
Related recommendations
Related recommendations will be linked here.
Frameworks
Details
- Risk Level
- HIGH
- Category
- Databricks
- Azure Resource
- Frameworks
- 1 frameworks
- Last updated
- 2026-02-12