Hello, i have been trying to get a pipeline in Azure DevOps to communicate with a Databricks Workspace that uses private link connection. I have tried setting up a service connection using a service principle that is also attached to the workspace, h...
I am facing an issue with securing root DBFS storage access from Databricks.As I understand, Azure Databricks creates a default blob storage (a.k.a root storage) during the deployment process which is used for storing logs and telemetry. This storage...
Hi @NadithK ,You need to create the private endpoint in the resource group where the workspace is deployed and not in the workspace-managed resource group. The workspace-managed resource group has the deny assignment which will not allow to create a ...
Hi,I want to prevent user from executing harmful commands like dbutils.fs.rm at cluster level/workspace level.Can we do this in databricks? Are there any classes/APIs that we can override?
Hi ,I got the similar kind of problem too.I followed this put chmod -x /bin/rm in init.sh in workspace and add it at cluster your cluster level init script or global init script.this restricts the users to use rm command.Regards,Nikhil Srivastava@Pal...
On Azure I added a service principal X to my databricks workspace. I therefore had the Service Prinicpal Manager role on that service principal X. I accidentally downgraded my rights to Service Principal User and now can's get my Managers role back. ...
I believe so because the described effect was also observed in another databricks workspace, where I did NOT make the accidental change
I have a Databricks account with the E2 version of the Databricks platform. The unified login is not enabled on the account because it was created before June 21, 2023.I configured SSO authentication for the account and for a given workspace (separat...
where you able to resolve this? we too face same error
Hi,I know that with single clusters, theres a single driver node and one driver per cluster. With shared clusters, multiple jobs can run concurrently. Does this still run on a single driver container or multiple driver containers run per application?...
I manage instance profiles assigned to specific user groups. For example, instance profile A provides access solely to group A. Currently, any user within group A has the ability to update the permissions of a cluster using instance profile A, which ...
Hi @Retired_mod,Thank you for your guidance. I am following the strategies outlined in steps 1 and 2, and I remain concerned about a specific scenario.Consider instance profile A, which is designed to grant access exclusively to group A. If user A, ...
I have numerous cluster policies varying that varies in sizes (Job - xsmall, Job - small, Job - medium...). However, when I create a new job and create a new job cluster the default policy selected from the drop down menu is on the bigger size. Is th...
I checked on our sorting, and there does not seem to be any logic in it.They are not sorted by ID or description for sure.
Use case and context:We have a databricks workspace in a specific region, reading and writing files from/to the same region.We also read from a Shared Catalog in a different company, a data provider, which is pointing to multi-region s3 buckets.The r...
Thanks @Retired_mod for all the suggestions.After some days of monitoring NAT cost, I realized that the implementation of the S3 Gateway Endpoint it was actually working, the problem was that I thought that this change would be reflected right away i...
Hola all, I'm experiencing a quite strange error. The problem is that and happens inside a GITLAB pipeline:$ databricks current-user meError: default auth: cannot configure default credentials, please check https://docs.databricks.com/en/dev-tools/au...
Hola Kaniz, the problem is not on Databricks CLI but is due to some interactions happening inside the Gitlab pipeline. According to the documentation reported here: Databricks personal access token authentication | Databricks on AWS ( at the bottom o...
Currently, we have 3 Unity Catalog enabled workspaces sharing the same metastore. Now, when we create an external location or storage credential in any of the workspaces, it gets reflected across all workspaces. We are looking for some best practices...
Hi @Debi-Moha Currently we do not have a mechanism to isolate the external locations and storage credentials based on workspaces, since the metastore is shared across the workspaces. Please check below document for recommendations on securing extern...
Hey,I am using Bitbucket Cloud and I want to connect my repository to Databricks. I am able to connect with my personal app password but what I am looking for is an authentication of a technical user.I need the integration to point to my dbt repo, wh...
Hi @Retired_mod,thank you for your response! With this link you provided, I was able to authenticate with Bitbucket Cloud. The solution was to use x-token-auth as a username. I have tried with the generated email address before which didn't work. Tha...
We want to build monitoring and Alerting solution for Azure Databricks that should capture Resource Utilization details (like Aggregated CPU%, Memory% etc.) and Cost consumption at the Account Level.We have Unity Catalog Enabled and there are multipl...
@smehta_0908 Greetings! You can utilize Datadog for monitoring CPU and memory of clusters. https://docs.datadoghq.com/integrations/databricks/?tab=driveronly For Cost consumption at accounts level you can make use of billable usage logs using the Acc...
When experimenting with LLMs on Databricks clusters, I have become interested in knowing if the LLM (Llama2 or otherwise), tries to make calls to the internet (i.e., the settings for use_remote_code=True in Huggingface models, as just one example).Mo...
When I`m trying to install xml package, I`m getting error PERMISSION_DENIED
Hey @FlavioSM The error message indicates that the library you're trying to install (com.databricks:spark-xml_2.13:0.17.0) is not on the allowlist for shared clusters in your Databricks workspace. Shared clusters are clusters that multiple users can ...
