https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61179#M31732 <P>Hi&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/93239">@valjas</a>&nbsp;, Good Day!</P> <P>Currently, we do have an open feature request for this but as a workaround we would suggest that<SPAN>&nbsp;you to restrict non-admin users from the job creation and allow them to view required jobs, in this case is the following:</SPAN></P> <OL> <LI>Proceed with step&nbsp;<STRONG>A).</STRONG></LI> <LI>Create a job(s) and add its tags as required.</LI> <LI>At&nbsp;<A href="https://docs.databricks.com/en/security/auth-authz/access-control/jobs-acl.html" target="_blank" rel="noopener noreferrer">job ACL</A>&nbsp;level, assign "Can View".&nbsp;</LI> </OL> <P>The above will allow these users to interact with the required jobs, but not edit them or create new ones.</P> <P>A) It is not possible at job ACL level. However, this can be worked around by removing the permissions to create clusters to the users you do not want to create jobs. Also please check the following steps:</P> <UL> <LI>Remove/adjust user from clusters with the Control access to clusters where they have "Can Manage" permissions.</LI> <LI>Remove the required user from any cluster policy they have access to.</LI> </UL> <P>Please let me know if this helps and leave a like if this information is useful, followups are appreciated.<BR />Kudos<BR />Ayushi</P> Tue, 20 Feb 2024 06:16:51 GMT Ayushi_Suthar 2024-02-20T06:16:51Z https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61176#M31730 <P>We are working on creating a new databricks workspace for external entities. We have disabled Cluster and Warehouse creation permission but the external users are still able to create Jobs and job clusters. Is there a way to revoke Job creation permissions on a user or group level?</P><P>Is there a way to disable Machine Learning section?</P> Tue, 20 Feb 2024 03:21:02 GMT https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61176#M31730 valjas 2024-02-20T03:21:02Z https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61179#M31732 <P>Hi&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/93239">@valjas</a>&nbsp;, Good Day!</P> <P>Currently, we do have an open feature request for this but as a workaround we would suggest that<SPAN>&nbsp;you to restrict non-admin users from the job creation and allow them to view required jobs, in this case is the following:</SPAN></P> <OL> <LI>Proceed with step&nbsp;<STRONG>A).</STRONG></LI> <LI>Create a job(s) and add its tags as required.</LI> <LI>At&nbsp;<A href="https://docs.databricks.com/en/security/auth-authz/access-control/jobs-acl.html" target="_blank" rel="noopener noreferrer">job ACL</A>&nbsp;level, assign "Can View".&nbsp;</LI> </OL> <P>The above will allow these users to interact with the required jobs, but not edit them or create new ones.</P> <P>A) It is not possible at job ACL level. However, this can be worked around by removing the permissions to create clusters to the users you do not want to create jobs. Also please check the following steps:</P> <UL> <LI>Remove/adjust user from clusters with the Control access to clusters where they have "Can Manage" permissions.</LI> <LI>Remove the required user from any cluster policy they have access to.</LI> </UL> <P>Please let me know if this helps and leave a like if this information is useful, followups are appreciated.<BR />Kudos<BR />Ayushi</P> Tue, 20 Feb 2024 06:16:51 GMT https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61179#M31732 Ayushi_Suthar 2024-02-20T06:16:51Z https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61253#M31744 <P>&gt; "<SPAN>However, this can be worked around by removing the permissions to create clusters to the users you do not want to create jobs."</SPAN></P><P>I have already removed Cluster creation permissions for the users, but they can still create a job from the UI and create a job cluster while creating the job. Is there a way to create a policy where I can restrict creating a job cluster and if there is one, can I enforce it on a specific user/group?</P><P>&gt; "<SPAN>Remove the required user from any cluster policy they have access to"</SPAN></P><P><SPAN>Can you pls guide me on how to do this? How do I check which policy an user has access to and then revoke that?</SPAN></P> Tue, 20 Feb 2024 12:28:31 GMT https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61253#M31744 valjas 2024-02-20T12:28:31Z https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61306#M31760 <P><SPAN>It permits cluster creation during Workflow/Job/DLT pipeline creation. However, when attempting to start any of these, it fails with a 'Not authorized to create compute' error. Please try it and inform me of the outcome</SPAN></P> Wed, 21 Feb 2024 04:56:11 GMT https://community.databricks.com/t5/data-engineering/disable-machine-learning-and-job-creation/m-p/61306#M31760 Venk1599 2024-02-21T04:56:11Z