Hi @thiagoawstest, Yes, you can definitely manage roles and permissions in your Databricks environment on AWS to fit your needs. Start by creating custom IAM roles with specific permissions. For instance, you can set up a role that only allows read access and restricts actions like creating jobs or clusters. Next, use Databricks groups to assign these roles, so all members of a group automatically inherit the role's permissions. This approach simplifies managing permissions, especially if you have multiple users needing similar access.
Additionally, leverage identity federation and SCIM provisioning to keep your access controls synchronized with your identity provider. This way, you can centrally manage users and groups, ensuring that your permissions remain up-to-date. Assign workspace permissions to groups rather than individual users for easier management and consistency. By following these practices, you can maintain a well-structured and secure Databricks environment where users in the "Reader" group have the appropriate level of access. If you need further details or specific commands, feel free to ask!