Databricks Community

mkieszek · ‎09-18-2024

Hello,

currently, we are using an init script that calls the DBW API to add "can_attach_to" permissions for a specific group to initialize the job cluster.

How can we set an access control list for job clusters? Is it possible to add it to a policy?

szymon_dybczak · ‎09-18-2024

Hi @mkieszek ,

You can use REST API to set access control list for job clusters. The endpoint is for doing that you can find below
/api/2.0/permissions/clusters/{cluster_id} (https://docs.databricks.com/api/workspace/clusters/setpermissions)

And it's not possible to use policy for setting ACL. Look at below snippet from documentation:

https://docs.databricks.com/en/admin/clusters/policy-definition.html

mkieszek · ‎09-18-2024

Thank for your response. This solution is currently in use.

It was done to be able access Spark UI and logs of jobs cluster. Maybe you know is it still needed?

Can I define access control list in job definition json?

szymon_dybczak · ‎09-18-2024

In job definition you can only define ACL for the job, not for the cluster. So you can define who is an owner of the job, who can manage a job, who can manage and run etc.