cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

Databricks sql warehouse has Serverless compute as a public preview.

Ruby8376
Valued Contributor

There is a risk form infosec as it is processed in the control plane shared with other azure clients. s there any control to mitigate the risk?

1 REPLY 1

PL_db
Databricks Employee
Databricks Employee

You can find more information on that topic here.

"With Databricks, your serverless workloads are protected by multiple layers of security. These security layers form the foundation of Databricksโ€™ commitment to providing a secure and reliable environment for even the most sensitive workloads.

They include but are not limited to:

  1. Dedicated compute resources
    1. Each workload runs on compute and encrypted storage that is dedicated to that workload
    2. Storage cannot be reallocated or reassigned after use 
    3. Both the compute and the storage are securely wiped as soon as the workload completes
  2. Network segmentation
    1. Each workload operates within a private network with no public IP addresses assigned
    2. That network is isolated logically from other workloads
    3. Lateral movement or communication between workloads is blocked
    4. All traffic between the user, the control plane, the compute plane and cloud services is routed over the cloud providerโ€™s global network, not the public internet
  3. Encryption at rest and in transit
    1. All attached storage is protected by industry-standard AES-256 encryption
    2. All traffic between the user, the control plane, the compute plane and cloud services is encrypted with at least TLS 1.2
  4. Principle of least privilege
    1. Workloads have no privileges or credentials for systems outside the scope of that workload
    2. Access to the data is via short-lived (1-hour) tokens
    3. These tokens are passed securely to each specific workload"

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโ€™t want to miss the chance to attend and share knowledge.

If there isnโ€™t a group near you, start one and help create a community that brings people together.

Request a New Group