topic Privileged Identity Management for Databricks with Microsoft Entra ID in Administration & Architecture

Privileged Identity Management for Databricks with Microsoft Entra ID

HariSelvarajan — Thu, 07 Nov 2024 09:30:08 GMT

Privileged Identity Management (PIM) can be used to secure access to critical Databricks roles with Just-in-Time (JIT) access. This approach helps organizations enforce time-bound permissions, approval workflows, and centralized auditing for sensitive resources.
In my latest blog, I walk through the process of setting up PIM for Azure Databricks, demonstrating how to grant temporary account admin access via SCIM integration with Microsoft Entra ID.
With PIM, Databricks users can request access only when needed, with full oversight on who accesses what and for how long.

https://lnkd.in/e5iYEVZp

Re: Privileged Identity Management for Databricks with Microsoft Entra ID

jasonkhaihoang — Wed, 13 Nov 2024 06:50:38 GMT

Thanks. However, as what I know, Azure PIM does not work for Service Principals. It's only applied to human user access 🙂

Re: Privileged Identity Management for Databricks with Microsoft Entra ID

sugidwan — Fri, 07 Mar 2025 05:02:28 GMT

Thanks for sharing this, it is helpful. However, onboarding the AAD group as an account admin under the Databricks account is not straightforward and is also not clearly explained in the blog.

Re: Privileged Identity Management for Databricks with Microsoft Entra ID

HariSelvarajan — Fri, 07 Mar 2025 07:02:23 GMT

You can use the instructions here for adding group to account as account admin

https://learn.microsoft.com/en-us/azure/databricks/admin/users-groups/groups#account-admin

Re: Privileged Identity Management for Databricks with Microsoft Entra ID

AnitPatelADB — Wed, 09 Jul 2025 18:18:36 GMT

Is this possible without SCIM?