https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29839#M21540 <P>Thanks for the quick answer Hubert.</P><P>We currently have workspace object access control enabled on our workspace. Although, we can use it to add ACL on workspaces ACL folders that store notebooks, we haven't seen anyway to secure DBFS root itself.</P><P></P><P>Are there any options available in the portal to add ACLs on dbfs folders or do we need to use something else such as the command line do to it?</P><P></P><P>Thanks</P><P></P> Wed, 02 Feb 2022 22:37:25 GMT RicksDB 2022-02-02T22:37:25Z https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29837#M21538 <P>Hi,</P><P></P><P>Is it possible to restrict upload files to dfbs root (Since everyone has access) ? The idea is to force users to use an ADLS2 mnt with credential passthrough for security reasons.</P><P></P><P>Also, right now users use azure blob explorer to interact with ADLS2. Is it possible to use the native databricks upload feature to send data to the mnt instead of the DBFS root? This would be the ideal solution for us.</P><P></P><P>Thanks</P> Wed, 02 Feb 2022 19:00:45 GMT https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29837#M21538 RicksDB 2022-02-02T19:00:45Z https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29838#M21539 <P>Enable workspace object access control will allow to set permissions on folders (so user can have no permission to root and only to mnt).</P><P></P><P>Regarding native upload feature I don't think there is much can be done about it. I think azure explorer with correctly specify access rights is better. Some non technical users can prefer some simple cloud storage like folder on OneDrive so then we can set trigger in Azure logic apps when file is created and then set to copy it to ADLS2.</P> Wed, 02 Feb 2022 20:00:22 GMT https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29838#M21539 Hubert-Dudek 2022-02-02T20:00:22Z https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29839#M21540 <P>Thanks for the quick answer Hubert.</P><P>We currently have workspace object access control enabled on our workspace. Although, we can use it to add ACL on workspaces ACL folders that store notebooks, we haven't seen anyway to secure DBFS root itself.</P><P></P><P>Are there any options available in the portal to add ACLs on dbfs folders or do we need to use something else such as the command line do to it?</P><P></P><P>Thanks</P><P></P> Wed, 02 Feb 2022 22:37:25 GMT https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29839#M21540 RicksDB 2022-02-02T22:37:25Z https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29840#M21541 <P>Hello @E H​&nbsp;</P><P></P><P>You can disable DBFS file browser in the workspace, if users directly upload from there. This will prevent uploads to DBFS.</P><P></P><P><A href="https://docs.databricks.com/administration-guide/workspace/dbfs-browser.html" target="test_blank">https://docs.databricks.com/administration-guide/workspace/dbfs-browser.html</A></P><P><span class="lia-inline-image-display-wrapper" image-alt="image"><img src="https://community.databricks.com/t5/image/serverpage/image-id/2131i7AD0A21E20107975/image-size/large?v=v2&amp;px=999" role="button" title="image" alt="image" /></span>&nbsp;</P><P>Please let us know if this solution works.</P><P></P> Fri, 18 Mar 2022 15:49:27 GMT https://community.databricks.com/t5/data-engineering/restricting-file-upload-to-dbfs/m-p/29840#M21541 User16764241763 2022-03-18T15:49:27Z