Hello,
I am trying to set up a user group for business users in our Azure Databricks that will only be able to query data. It looks like Databricks One is the solution to use. So I followed the documentation and granted the user group Consumer Access in the Workspace. I made sure the other entitlements were not checked. The user has use catalog access to the default catalog, the catalog where the data they're querying is, and select on the gold level schema under the catalog.
When I log in as a test user using the Databricks One URL I can log in and query data as the user. When I go to the switch applications menu I see Lakehouse as an option. I can access lake house and create jobs and do things our project owner would like to have restricted. I remember reading all permissions have to be removed from the workspace and only Consumer Access assigned. I've tried removing access to the catalog, gold level data, and compute from the user. When I do Databricks One queries no longer work.
Is there a step I'm missing to force the user into Databricks One and remove the Lakehouse from the Switch Apps Menu?
