cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Is there a setting which restricts users from Creating Job and Pipeline?

Avvar2022
Contributor

‎03-25-2024 11:49 AM

as far i know currently ((as of 03-25-2024) databricks don't any workspace admin settings option to restrict users from creating a workflow/job or delta pipelines. 

Here is the use case for it Example: you have 3 tier landscape Dev, Qa and Prod.

It is ok for users to create workflows/jobs and pipelines in dev but there is no need for them to create in QA and production but as an admin we can't restrict users from creating.

If anyone else out there feels same. Unbale to restrict could have below disadvantages.

1. There could lot unnecessary jobs and if user base large there could be many workflows.

2. Let's assume user has read access to data and access to all purpose cluster/SQL warehouse, user can schedule a workflow. as admin we expect user not to do it but admin won't be able to restrict. This could incur cost.

There could workarounds like scheduling a job to delete workflows which are created by users, but it would be good to have this feature.

3 REPLIES 3

Avvar2022
Contributor

‎06-07-2024 12:41 PM

@Retired_mod - How can I initiate a product enhancement request?

0 Kudos

camilo_s
Contributor

‎06-18-2024 01:23 AM

We face the same situation as the OP and are likewise missing such a feature. In my opinion this limits Databricks' platform capabilities (speaking from the perspective of a platform team that intends to provide Databricks workspaces as a service to internal consumers).

A great solution would be the possibility to define workspace-wide policies, and one example directed to the OPs and my situation could be defining a policy that restrict the possible owners of workflows, as in "Only this or that principal (user/ group/ service principal) may create/own workflows". While we're at that, why not also a policy to restrict the possible "run as" principals for a workflow?

camilo_s
Contributor

‎06-18-2024 01:29 AM

 I notice that a separate discussion overlaps with the OPs issue: https://community.databricks.com/t5/data-engineering/restricting-workflow-creation-and-implementing-...

@Retired_mod do you have a mechanism for clustering discussions for contributors to have a better view of existing topics and Databricks to know which major topics its customers occupy with?

I'm thinking about issue tracking in GitHub, where moderators often track topics in a single GitHub issue, closing related ones and referring them to the single issue.

0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local community—sign up today to get started!

Sign Up Now
Announcements
Top