cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

I need a switch to turn off Data Apps in databricks workspaces

Go to solution
sparkplug
New Contributor III

โ€Ž10-08-2025 08:54 AM

Hi

How do I disable Data Apps on my workspace. This is really annoying that Databricks pushes new features without any option to disable them. At least you should have some tools to control access before rolling it out. It seems you only care about features that you think are worthy of disabling like Lakebase. As an admin I feel helpless that the users in my workspace can deploy an app and leave it running for weeks without anyone noticing anything. 

I know I can setup monitoring and alerts but I didn't want to have this problem in the first place.

Labels:
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Louis_Frolio
Databricks Employee
Databricks Employee

โ€Ž10-14-2025 06:42 AM

 

Hey @sparkplug โ€” there are a few options, though to be honest, none are super friendly to implement right now. The good news is that weโ€™re actively working on making this easier, and we should see more control in the near future. As of today, though, hereโ€™s whatโ€™s possible:

Strongest Option

  1. Contact Databricks Support and request to โ€œDisable Apps.โ€

    This has to be done by support. Itโ€™s the most robust approach and will completely disable Apps in the workspace.

 

Next Strongest

2. Disable serverless in specific workspaces where Apps shouldnโ€™t be allowed.

In preview-enabled workspaces, turning off serverless from the workspace Previews page disables all serverless products, including Apps.

โš ๏ธ Note: This will also disable other serverless features (Workflows, Notebooks, DLT, etc.).

 

Most Flexible (but More Admin Work)

3. Restrict who can create, use, and manage Apps via detailed permissions:

  • Limit app creation and management to trusted users or admin groups.

  • Remove CAN USE, CAN MANAGE, or IS OWNER permissions from general users and assign only to admins or service principals.

  • Use group-based permissions or service principals for easier management and to prevent individual users from deploying Apps unchecked.

  • Regularly audit permissions to ensure unauthorized users donโ€™t gain access.

Hope this helps,

โ€” Louis

View solution in original post

12 REPLIES 12

Go to solution
sparkplug
New Contributor III

โ€Ž10-08-2025 08:55 AM

And this website has really become sluggish, or is it just me

0 Kudos

Go to solution
Louis_Frolio
Databricks Employee
Databricks Employee

โ€Ž10-14-2025 06:42 AM

 

Hey @sparkplug โ€” there are a few options, though to be honest, none are super friendly to implement right now. The good news is that weโ€™re actively working on making this easier, and we should see more control in the near future. As of today, though, hereโ€™s whatโ€™s possible:

Strongest Option

  1. Contact Databricks Support and request to โ€œDisable Apps.โ€

    This has to be done by support. Itโ€™s the most robust approach and will completely disable Apps in the workspace.

 

Next Strongest

2. Disable serverless in specific workspaces where Apps shouldnโ€™t be allowed.

In preview-enabled workspaces, turning off serverless from the workspace Previews page disables all serverless products, including Apps.

โš ๏ธ Note: This will also disable other serverless features (Workflows, Notebooks, DLT, etc.).

 

Most Flexible (but More Admin Work)

3. Restrict who can create, use, and manage Apps via detailed permissions:

  • Limit app creation and management to trusted users or admin groups.

  • Remove CAN USE, CAN MANAGE, or IS OWNER permissions from general users and assign only to admins or service principals.

  • Use group-based permissions or service principals for easier management and to prevent individual users from deploying Apps unchecked.

  • Regularly audit permissions to ensure unauthorized users donโ€™t gain access.

Hope this helps,

โ€” Louis

Go to solution
SimonV
New Contributor
In response to Louis_Frolio

Tuesday - last edited Tuesday

Wanted to second this request, not great that users can just do this without the people administrating the system being able to control it.

@Louis_Frolio regarding your third suggestion:

> Limit app creation and management to trusted users or admin groups.

How and where can one do this?

> Remove CAN USE, CAN MANAGE, or IS OWNER permissions from general users and assign only to admins or service principals.

To which resource should this apply? There are no Apps listed in the ACL documentation https://docs.databricks.com/aws/en/security/auth/access-control/

 

Thanks

0 Kudos

Go to solution
Louis_Frolio
Databricks Employee
Databricks Employee
In response to SimonV

Tuesday

Regular users canโ€™t perform this action โ€” only admins or the owner of the object can. Databricks follows the principle of least privilege, so access is always scoped to the minimum required.

Hope this helps, Louis

0 Kudos

Go to solution
SimonV
New Contributor
In response to Louis_Frolio

Tuesday - last edited Tuesday

Hi @Louis_Frolio , Thanks for the quick reply

I'm sorry, but I don't understand. I am account admin and want to limit who can create apps via the third option you mentioned. How and where can one actually "Restrict who can create, use, and manage Apps via detailed permissions"?
Our regular users can definitely create apps even though they are not admins nor owner of the workspace.

Thanks,
Simon

0 Kudos

Go to solution
sparkplug
New Contributor III

โ€Ž10-15-2025 12:29 AM

Hi @Louis_Frolio Thanks for your reply. I have checked the previews regularly but never found an option on workspace level to disable server less. See screenshot for how it looks for me.

I can reach out to the account team if that's the best option. 

 

Preview file
186 KB
0 Kudos

Go to solution
Louis_Frolio
Databricks Employee
Databricks Employee
In response to sparkplug

โ€Ž10-15-2025 07:23 AM

@sparkplug , it cannot be turned off as a workspace administrator, you have to be a Databricks Account Administrator. The switch is at the account console, not in the workspace.

Hope this helps, Louis.

Go to solution
sparkplug
New Contributor III

3 weeks ago

Okay, this I already knew, but wanted more control on workspace level.

0 Kudos

Go to solution
Louis_Frolio
Databricks Employee
Databricks Employee

3 weeks ago

It is presently not an option at the Workspace level.  

Regards, Louis.

0 Kudos

Go to solution
Raman_Unifeye
Contributor III

Tuesday

Thanks @Louis_Frolio for the options. As you mentioned none of the options are straighforward ones, is it something can be added to product roadmap ?


RG #Driving Business Outcomes with Data Intelligence

Go to solution
Louis_Frolio
Databricks Employee
Databricks Employee

Tuesday

@Raman_Unifeye , I don't have visibility into the roadmap. However, if you are a customer you can always log a feature request. Cheers, Louis.

0 Kudos

Go to solution
Raman_Unifeye
Contributor III
In response to Louis_Frolio

Tuesday

Sure, I will be logging this request. Thanks.


RG #Driving Business Outcomes with Data Intelligence
0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local communityโ€”sign up today to get started!

Sign Up Now
Announcements