Databricks on the AWS Cloud

Quick Start Reference Deployment

QS

September 2020
Denis Dubeau, Databricks
Shivansh Singh, AWS Quick Start team

Visit our GitHub repository for source files and to post feedback, report bugs, or submit feature ideas for this Quick Start.

This Quick Start was created by Databricks in collaboration with Amazon Web Services (AWS). Quick Starts are automated reference deployments that use AWS CloudFormation templates to deploy key technologies on AWS, following AWS best practices.

Overview

This Quick Start reference deployment guide provides step-by-step instructions for deploying Databricks workspaces on the AWS Cloud.

Databricks is a unified data-analytics platform for data engineering, machine learning, and collaborative data science. A Data Science & Engineering workspace is a software as a service (SaaS) environment for accessing all your Databricks assets. The workspace organizes objects (that is, notebooks, libraries, and experiments) in directories and provides access to data and computational resources, such as clusters and jobs.

This Quick Start is for IT infrastructure architects, administrators, and DevOps professionals who want to use the Databricks API to create Databricks workspaces on the AWS Cloud. This Quick Start creates a new workspace in your AWS account and sets up the environment for deploying future workspaces.

Amazon may share user-deployment information with the AWS Partner that collaborated with AWS on the Quick Start.

Databricks on AWS

The Databricks platform helps cross-functional teams communicate securely. You can stay focused on data science, data analytics, and data engineering tasks while Databricks manages many of the backend services.

All Databricks architectures have two planes: * The control plane includes backend services that Databricks manages in its AWS account. * The data plane, which your AWS account manages, is where your data resides and is processed. You can ingest data from external data sources (that is, sources outside of your AWS account), such as events, streaming, and Internet of Things (IoT). You can also connect to external data sources for storage by using Databricks connectors. Because your data resides in your AWS account in the data plane, you control it.

Databricks AWS control plane

This section describes the overall network architecture and details about control-plane security.

Network access

The Databricks platform follows best practices for securing network access to cloud applications.

Network Flow
Figure 1. AWS network flow with Databricks

The AWS network flow with Databricks, as shown in Figure 1, includes the following:

  • Restricted port access to the control plane.

    • Port 443 is the main port for data connections to the control plane. Connections on this port are protected by Transport Layer Security (TLS). The TLS certificate is stored in Hashicorp Vault in the control plane. The TLS certificate is installed as a Kubernetes secret.

    • Port 80 is open only for redirects to HTTPS on port 443.

    • Except for the inbound ports to the load balancer, a security group protects individual control-plane hosts from the external internet and invokes web-application and API requests to the appropriate services.

    • Port 3306 is open for access to the table metastore (on a separate IP address) and may be deployed in a separate, peered virtual private cloud (VPC). Customers may deploy their own table metastores, in which case they would not use the provided table metastore. For more information, see Metastores.

  • (Optional) IP access limits for web application and REST API. You can limit access to the Databricks web application and REST API by requiring specific IP addresses or ranges. For example, specify the IP addresses for the customer’s corporate intranet and VPN. This feature requires the Enterprise tier and reduces the risk of malicious attacks.

Databricks AWS data plane

Apache Spark clusters and their data stores deploy in a customer-controlled AWS account. A Databricks customer deployment is generally isolated at the AWS account level, but you can deploy multiple workspaces in a single AWS account. No other Databricks customers can access your data plane on AWS.

By default, clusters are created in a single VPC that Databricks creates and configures. This means that the Databricks platform requires AWS permissions in the control plane to create a new VPC in your account for the data plane. This includes creating new security groups and configuring subnets.

If you use the customer managed VPC feature, you can specify your own VPC in your customer account, and Databricks launches clusters in that VPC. This feature requires the premium or higher tier.

S3 bucket in the customer account

An Amazon Simple Storage Service (Amazon S3) bucket is created in the customer account with default encryption and bucket-versioning enabled. Amazon S3 blocks all public access and, using a lifecycle management rule, permanently deletes versions after five days.

Customers are responsible for backing up, securing, and encrypting customer data in the S3 bucket. Databricks is not responsible for data backups or any other customer data. This prevents Databricks from providing copies of data to unauthorized customers.

The Databricks workspace uses the S3 bucket to store some input and output data. It accesses this data in two ways:

  • Databricks-managed directories. These directories are inaccessible to customers using Databricks File System (DBFS). Some data (for example, Spark driver log initial storage and job output) is stored or read by Databricks in hidden directories. This data cannot be accessed directly by customer notebooks through a DBFS path or AWS administrator interface.

  • DBFS root storage. This is accessible to customers using DBFS. Other areas of storage can be accessed by customer notebooks through a DBFS path. For example, the FileStore area of DBFS root storage is where uploaded data files and code libraries are stored when imported using the web application. Other DBFS paths are available for customer usage.

The DBFS root storage is available for nonproduction customer data, such as uploads for testing. DBFS root storage is not intended as a storage location for production data. For production storage, use additional customer managed data sources of various types. Optionally, customers can use Databricks API operations to create more DBFS mount points for additional S3 buckets.

The data plane uses the AWS Security Token Service (AWS STS) to manage DBFS credentials on Amazon S3.

Workspace configurations

For both deployment options, this Quick Start creates one of the following configurations:

  • A workspace configured with a Databricks-managed VPC.

  • A workspace configured with a Databricks-managed VPC with an optional customer managed key for notebooks.

  • A workspace configured with a customer managed VPC with an optional customer managed key for notebooks.

AWS costs

You are responsible for the cost of the AWS services and any third-party licenses used while running this Quick Start. There is no additional cost for using the Quick Start.

The AWS CloudFormation templates for Quick Starts include configuration parameters that you can customize. Some of the settings, such as the instance type, affect the cost of deployment. For cost estimates, see the pricing pages for each AWS service you use. Prices are subject to change.

After you deploy the Quick Start, create AWS Cost and Usage Reports to deliver billing metrics to an Amazon Simple Storage Service (Amazon S3) bucket in your account. These reports provide cost estimates based on usage throughout each month and aggregate the data at the end of the month. For more information, see What are AWS Cost and Usage Reports?

Software licenses

For cost estimates, see the Databricks AWS Pricing page for product tiers and features.

To launch the Quick Start, you need the following:

Determine if your workspace has the following features enabled. Enabling them requires an account for the E2 version of the platform. If you have questions about availability, Contact your Databricks representative:

Architecture

Deploying this Quick Start for a new virtual private cloud (VPC) with default parameters builds the following Databricks environment in the AWS Cloud.

Architecture1
Figure 2. Quick Start architecture for Databricks on AWS

As shown in Figure 2, this deployment sets up the following:

  • A highly available architecture that spans at least three Availability Zones.

  • A VPC configured with public and private subnets, according to AWS best practices, to provide you with your own virtual network on AWS.*

  • In the private subnets:

    • Databricks clusters of Amazon Elastic Compute Cloud (Amazon EC2) instances.

    • One or more security groups for secure cluster connectivity.

  • In the public subnet:

    • A network address translation (NAT) gateway to allow outbound internet access.

  • Amazon CloudWatch for the Databricks workspace instance logs.

  • (Optional) A customer managed AWS KMS key to encrypt notebooks.

  • An Amazon Simple Storage Service (Amazon S3) bucket to store objects, such as cluster logs, notebook revisions, and job results.

  • AWS Security Token Service (AWS STS) for requesting temporary, least-privilege access for users.

  • A VPC endpoint for access to Amazon S3 artifacts and logs.

  • A cross-account AWS Identity and Access Management (IAM) role to deploy clusters in the VPC for the new workspace. Depending on the deployment option you choose, you either use an existing IAM role or create an IAM role during deployment.

Planning the deployment

Specialized knowledge

This deployment requires a moderate level of familiarity with AWS services. If you’re new to AWS, see Getting Started Resource Center and AWS Training and Certification. These sites provide materials for learning how to design, deploy, and operate your infrastructure and applications on the AWS Cloud.

AWS account

If you don’t already have an AWS account, create one at https://aws.amazon.com by following the on-screen instructions. Part of the sign-up process involves receiving a phone call and entering a PIN using the phone keypad.

Your AWS account is automatically signed up for all AWS services. You are charged only for the services you use.

Technical requirements

Before you launch the Quick Start, review the following information and ensure that your account is properly configured. Otherwise, deployment might fail.

Resource quotas

If necessary, request service quota increases for the following resources. You might need to request increases if your existing deployment currently uses these resources and if this Quick Start deployment could result in exceeding the default quotas. The Service Quotas console displays your usage and quotas for some aspects of some services. For more information, see What is Service Quotas? and AWS service quotas.

Resource This deployment uses

VPCs

1

Subnets

3

Security groups

1

NAT gateways

1

Internet gateways

1

S3 buckets

2

IAM roles

3

Supported Regions

  • ap-northeast-1 (Tokyo)

  • ap-south-1 (Mumbai)

  • ap-southeast-2 (Sydney)

  • ca-central-1 (Canada Central)

  • eu-central-1 (Frankfurt)

  • eu-west-1 (Ireland)

  • us-east-1 (N. Virginia)

  • us-east-2 (Ohio)

  • us-west-1 (N. California)

  • us-west-2 (Oregon)

Certain Regions are available on an opt-in basis. For more information, see Managing AWS Regions.

IAM permissions

Before launching the Quick Start, you must sign in to the AWS Management Console with IAM permissions for the resources that the templates deploy. The AdministratorAccess managed policy within IAM provides sufficient permissions, although your organization may choose to use a custom policy with more restrictions. For more information, see AWS managed policies for job functions.

Prepare your Databricks account

You must have a Databricks E2 account ID to launch this Quick Start. For more information, Contact your Databricks representative.

Deployment options

To launch clusters into the VPC workspace, Databricks must have access to a cross-account IAM role in your AWS account. This Quick Start provides two deployment options:

Choose the first option if you can create an IAM role in your account, otherwise choose the second option. Note that the second option requires you to configure IAM roles before launching the deployment.
  • Deploy a Databricks workspace, and create a new cross-account IAM role. You must have sufficient permissions to create a new IAM role.

  • Deploy a Databricks workspace, and use an existing cross-account IAM role. For more information, see Create a cross-account role and an access policy. For this option, create an additional IAM role with the following permissions:

    1. Embed the AWSLambdaBasicExecutionRole policy.

    2. Configure the inline policy to access to the Quick Start S3 location:

             {
                  "Sid": "S3SourceBucket",
                  "Effect": "Allow",
                  "Action": [
                      "s3:Get*",
                      "s3:List*"
                  ],
                  "Resource": [
                      "arn:aws:s3:::aws-quickstart/*",
                      "arn:aws:s3:::aws-quickstart"
                  ]
              }
    3. Configure the inline policy to allow for managing the S3 buckets:

             {
                  "Sid": "S3Buckets",
                  "Effect": "Allow",
                  "Action": [
                      "s3:GetBucket*",
                      "s3:PutBucket*",
                      "s3:CreateBucket",
                      "s3:ListBucket",
                      "s3:Delete*"
                  ],
                  "Resource": "arn:aws:s3:::<S3 prefix optional or *>"
              }
    4. If you choose the optional customer managed key feature, configure the AWS KMS permissions:

             {
                  "Sid": "KMS",
                  "Effect": "Allow",
                  "Action": [
                      "kms:Get*",
                      "kms:PutKeyPolicy"
                  ],
                  "Resource": "*"
              }

Deployment steps

Sign in to your AWS account

  1. Sign in to your AWS account at https://aws.amazon.com with an IAM user role that has the necessary permissions. For details, see Planning the deployment, earlier in this guide.

  2. Ensure that your AWS account is configured correctly, as discussed in the Technical requirements section.

Launch the Quick Start

You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using this Quick Start. For more information, see the pricing pages for each AWS service you use. Prices are subject to change.
  1. Sign in to your AWS account, and launch the AWS CloudFormation template of your choice. Each deployment takes about 15 minutes to complete.

Deploy a Databricks workspace, and create a new cross-account IAM role

Deploy a Databricks workspace, and use an existing cross-account IAM role

  1. Check the AWS Region that’s displayed in the upper-right corner of the navigation bar, and change it if necessary. This is where the network infrastructure for Databricks is built. The template launches in the us-east-1 Region by default.

  2. On the Create stack page, keep the default setting for the template URL, and then choose Next.

  3. On the Specify stack details page, change the stack name if needed. Review the parameters for the template. Provide values for the parameters that require input. For all other parameters, review the default settings, and customize them as necessary.

  4. On the Configure stack options page, you can specify tags (key-value pairs) for resources in your stack and set advanced options. When you’re finished, choose Next.

  5. On the Review page, review and confirm the template settings. Under Capabilities, select the two check boxes to acknowledge that the template creates IAM resources and might require the ability to automatically expand macros.

  6. Choose Create stack to deploy the stack.

  7. Monitor the status of the stack. When the status is CREATE_COMPLETE, the Databricks deployment is ready.

  8. To view the created resources, see the values displayed in the Outputs tab for the stack.

Post-deployment steps

  1. When the status is CREATE_COMPLETE for the AWS CloudFormation stack, check the WorkspaceStatus output key value. It should be RUNNING. For any other value, see Troubleshoot a workspace that failed to deploy.

  2. Navigate to the workspace URL (for example, deployment-name.cloud.databricks.com), and log in to the web application.

FAQ

Q. I encountered a CREATE_FAILED error when I launched the Quick Start.

A. If AWS CloudFormation fails to create the stack, we recommend that you relaunch the template with Rollback on failure set to Disabled. (This setting is under Advanced in the AWS CloudFormation console, Options page.) With this setting, the stack’s state is retained, and the instance remains running so you can troubleshoot the issue. (For Windows, look at the log files in %ProgramFiles%\Amazon\EC2ConfigService and C:\cfn\log.)

When you set Rollback on failure to Disabled, you continue to incur AWS charges for the stack. Ensure that you delete the stack when you finish troubleshooting. For more information, see Troubleshooting AWS CloudFormation.

Q. I encountered a size-limitation error when I deployed the AWS CloudFormation templates.

A. We recommend that you launch the Quick Start templates from the links in this guide or from another S3 bucket. If you deploy the templates from a local copy on your computer, or from a location other than an S3 bucket, you might encounter template-size limitations. For more information, see AWS CloudFormation quotas.

Customer responsibility

After you successfully deploy this Quick Start, confirm that your resources and services are updated and configured — including any required patches — to meet your security and other needs. For more information, see the AWS Shared Responsibility Model.

Parameter reference

Unless you are customizing the Quick Start templates for your own deployment projects, keep the default settings for the parameters labeled Quick Start S3 bucket name, Quick Start S3 bucket Region, and Quick Start S3 key prefix. Changing these parameter settings automatically updates code references to point to a new Quick Start location. For more information, see the AWS Quick Start Contributor’s Guide.

Parameters for deploying a workspace and creating a cross-account IAM role

Table 1. Workspace configuration
Parameter label (name) Default value Description

Databricks account ID (AccountId)

aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee

Account must use the E2 version of the platform. For more information, see https://docs.databricks.com/getting-started/overview.html#e2-architecture.

Workspace account email (Username)

Requires input

Account email for authenticating the REST API. Note that this value is case sensitive.

Workspace account password (Password)

Requires input

Account password for authenticating the REST API. The minimum length is 8 alphanumeric characters.

Pricing tier of the workspace (PricingTier)

Blank string

If you do not provide this, the API defaults to the highest pricing tier. For more information, see https://databricks.com/product/aws-pricing.

Workspace deployment name (DeploymentName)

Requires input

Choose this value carefully. The deployment name defines part of the workspace subdomain (e.g., workspace-deployment-name.cloud.databricks.com). This value must be unique across all deployments in all AWS Regions. It cannot start or end with a hyphen. If your account has a deployment-name prefix, add the prefix followed by a hyphen. For more information, see https://docs.databricks.com/administration-guide/account-api/new-workspace.html#step-5-create-the-workspace.

AWS Region of the Databricks workspace (AWSRegion)

Requires input

AWS Region where the workspace is created. Note that customer managed keys to encrypt notebooks are not supported in the us-west-1 Region.

HIPAA tier account (HIPAAparm)

No

Entering "Yes" creates a template for creating clusters in the HIPAA account.

Table 2. IAM role and S3 bucket configuration
Parameter label (name) Default value Description

IAM role tag (TagValue)

databricks-quickstart-cloud-formation

All new AWS objects get a tag with the key name. Enter a value to identify all new AWS objects that this template creates. For more information, see https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html.

Cross-account IAM role name (IAMRole)

Requires input

Enter a unique cross-account IAM role name. For more information, see https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html.

Root S3 bucket name (BucketName)

Requires input

Name of your S3 root bucket. Enter only alphanumeric characters. For more information, see https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html.

Table 3. (Optional) Customer managed VPC configuration (requires the premium tier)
Parameter label (name) Default value Description

VPC ID (VPCID)

Blank string

ID of your VPC in which to create the new workspace. Only enter a value if you use the customer managed VPC feature. The format is vpc-xxxxxxxxxxxxxxxx. If unspecified, Databricks creates a new workspace in a new VPC. For more information, see https://docs.databricks.com/administration-guide/cloud-configurations/aws/customer-managed-vpc.html.

Private subnet IDs (SubnetIDs)

Blank string

Enter at least two private subnet IDs. Only enter a value if you set VPCID. Subnets cannot be shared with other workspaces or non-Databricks resources. Each subnet must be private, have outbound access, and a netmask between /17 and /25. The NAT gateway must have its own subnet that routes 0.0.0.0/0 traffic to an internet gateway. For more information, see https://docs.databricks.com/administration-guide/cloud-configurations/aws/customer-managed-vpc.html.

Security group IDs (SecurityGroupIDs)

Blank string

Name of one or more VPC security groups. Only enter a value if you set VPCID. The format is sg-xxxxxxxxxxxxxxxxx. Use commas to separate multiple IDs. Databricks must have access to at least one security group but no more than five. You can reuse existing security groups. For more information, see https://docs.databricks.com/administration-guide/cloud-configurations/aws/customer-managed-vpc.html.

Table 4. (Optional) Customer managed key configuration for notebooks (requires the enterprise tier)
Parameter label (name) Default value Description

ARN for the customer managed AWS KMS key (KeyArn)

Blank string

AWS KMS key ARN to encrypt and decrypt workspace notebooks in the control plane. Only enter a value if you use the customer managed key for notebooks. For more information, see https://docs.databricks.com/security/keys/customer-managed-keys-notebook-aws.html.

Alias for the customer managed AWS KMS key (KeyAlias)

Blank string

(Optional) AWS KMS key alias.

Use case for which to use the key (KeyUseCases)

Requires input

Configures customer managed encryption keys. Acceptable values are MANAGED_SERVICES, STORAGE, or BOTH. For more information, see https://docs.databricks.com/administration-guide/account-api/new-workspace.html#step-5-configure-customer-managed-keys-optional.

Encrypt cluster EBS volumes (KeyReuseForClusterVolumes)

Requires input

Only enter a value if the use case is STORAGE or BOTH. Acceptable values are "True" and "False."

Table 5. Quick Start configuration
Parameter label (name) Default value Description

Quick Start S3 bucket name (QSS3BucketName)

aws-quickstart

S3 bucket for Quick Start assets. Use this if you want to customize the Quick Start. The bucket name can include numbers, lowercase letters, uppercase letters, and hyphens, but it cannot start or end with a hyphen (-).

Quick Start S3 key prefix (QSS3KeyPrefix)

quickstart-databricks-unified-data-analytics-platform/

S3 key prefix to simulate a directory for your Quick Start assets. Use this if you want to customize the Quick Start. The prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). For more information, see https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html.

Parameters for deploying a workspace and using an existing cross-account IAM role

Table 6. Workspace configuration
Parameter label (name) Default value Description

Databricks account ID (AccountId)

aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee

Account must use the E2 version of the platform. For more information, see https://docs.databricks.com/getting-started/overview.html#e2-architecture.

Workspace account email (Username)

Requires input

Account email for authenticating the REST API. Note that this value is case sensitive.

Workspace account password (Password)

Requires input

Account password for authenticating the REST API. The minimum length is 8 alphanumeric characters.

Pricing tier of the workspace (PricingTier)

Blank string

If you do not provide this, the API defaults to the highest pricing tier. For more information, see https://databricks.com/product/aws-pricing.

Workspace deployment name (DeploymentName)

Requires input

Choose this value carefully. The deployment name defines part of the workspace subdomain (e.g., workspace-deployment-name.cloud.databricks.com). This value must be unique across all deployments in all AWS Regions. It cannot start or end with a hyphen. If your account has a deployment-name prefix, add the prefix followed by a hyphen. For more information, see https://docs.databricks.com/administration-guide/account-api/new-workspace.html#step-5-create-the-workspace.

AWS Region of the Databricks workspace (AWSRegion)

Requires input

AWS Region where the workspace is created. Note that customer managed keys to encrypt notebooks are not supported in the us-west-1 Region.

HIPAA tier account (HIPAAparm)

No

Entering "Yes" creates a template for creating clusters in the HIPAA account.

Table 7. Required IAM role and S3 bucket configuration
Parameter label (name) Default value Description

ARN of the existing cross-account IAM role (IAMArn)

arn:aws:iam::111111111111:role/your-role-name

Enter an existing IAM role ARN. For more information, see https://docs.databricks.com/administration-guide/multiworkspace/iam-role.html.

ARN of the existing IAM role with Lambda- and S3-access permissions (IAMArnLambda)

arn:aws:iam::111111111111:role/your-role-name

Enter an existing IAM role ARN with AWSLambdaBasicExecutionRole. For more information, see the deployment guide.

Root S3 bucket name (BucketName)

Requires input

Name of your S3 root bucket. Use only alphanumeric characters. For more information, see https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html.

Table 8. (Optional) Customer managed VPC configuration (premium tier required)
Parameter label (name) Default value Description

VPC ID (VPCID)

Blank string

VPC ID for creating your workspace. Only enter a value if you use the customer managed VPC feature. The format is vpc-xxxxxxxxxxxxxxxx. For more information, see https://docs.databricks.com/administration-guide/cloud-configurations/aws/customer-managed-vpc.html. If unspecified, Databricks creates a new workspace in a new VPC.

Private subnet IDs (SubnetIDs)

Blank string

Enter at least two private subnet IDs. Only enter a value if you set VPCID. Subnets cannot be shared with other workspaces or non-Databricks resources. Each subnet must be private, have outbound access, and a netmask between /17 and /25. The NAT gateway must have its own subnet that routes 0.0.0.0/0 traffic to an internet gateway. For more information, see https://docs.databricks.com/administration-guide/cloud-configurations/aws/customer-managed-vpc.html.

Security group IDs (SecurityGroupIDs)

Blank string

Security-group names in your VPC. Only enter a value if you set VPCID. The format is sg-xxxxxxxxxxxxxxxxx. Use commas to separate multiple IDs. Databricks must have access to at least one security group but no more than five. You can reuse existing security groups. For more information, see https://docs.databricks.com/administration-guide/cloud-configurations/aws/customer-managed-vpc.html.

Table 9. (Optional) Customer managed key configuration for notebooks (enterprise tier required)
Parameter label (name) Default value Description

ARN for customer managed AWS KMS key (KeyArn)

Blank string

AWS KMS key ARN to encrypt and decrypt workspace notebooks in the control plane. Only enter a value if you use the customer managed key for notebooks. For more information, see https://docs.databricks.com/security/keys/customer-managed-keys-notebook-aws.html.

Alias for customer managed AWS KMS key (KeyAlias)

Blank string

(Optional) AWS KMS key alias.

Use case for the key (KeyUseCases)

Requires input

Configures customer managed encryption keys. Acceptable values are MANAGED_SERVICES, STORAGE, or BOTH. For more information, see https://docs.databricks.com/administration-guide/account-api/new-workspace.html#step-5-configure-customer-managed-keys-optional.

Encrypt cluster Amazon EBS volumes (KeyReuseForClusterVolumes)

Requires input

Only enter a value if the use case is STORAGE or BOTH. Acceptable values are "True" and "False."

Table 10. Quick Start configuration
Parameter label (name) Default value Description

Quick Start S3 bucket name (QSS3BucketName)

aws-quickstart

S3 bucket for Quick Start assets. Use this if you want to customize the Quick Start. The bucket name can include numbers, lowercase letters, uppercase letters, and hyphens, but it cannot start or end with a hyphen (-).

Quick Start S3 key prefix (QSS3KeyPrefix)

quickstart-databricks-unified-data-analytics-platform/

S3 key prefix to simulate a directory for your Quick Start assets. Use this if you want to customize the Quick Start. The prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). For more information, see https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html.

Send us feedback

To post feedback, submit feature ideas, or report bugs, use the Issues section of the GitHub repository for this Quick Start. To submit code, see the Quick Start Contributor’s Guide.

Quick Start reference deployments

GitHub repository

Visit our GitHub repository to download the templates and scripts for this Quick Start, to post your comments, and to share your customizations with others.


Notices

This document is provided for informational purposes only. It represents AWS’s current product offerings and practices as of the date of issue of this document, which are subject to change without notice. Customers are responsible for making their own independent assessment of the information in this document and any use of AWS’s products or services, each of which is provided “as is” without warranty of any kind, whether expressed or implied. This document does not create any warranties, representations, contractual commitments, conditions, or assurances from AWS, its affiliates, suppliers, or licensors. The responsibilities and liabilities of AWS to its customers are controlled by AWS agreements, and this document is not part of, nor does it modify, any agreement between AWS and its customers.

The software included with this paper is licensed under the Apache License, version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at http://aws.amazon.com/apache2.0/ or in the accompanying "license" file. This code is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either expressed or implied. See the License for specific language governing permissions and limitations.