cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Can I disable the workspace directory for specific user groups?

Go to solution
Chris_Shehu
Valued Contributor III

โ€Ž11-12-2021 11:01 AM

We want to use the REPO directory in our production environment only and have a dev environment with less restrictions. If I use the checkbox on the group admin screen to disable workspace access, it locks out the entire Data Engineering section.

1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Chris_Shehu
Valued Contributor III

โ€Ž11-24-2021 09:04 AM

So I found a way to get 85% of the way there:

1) Disable workspace access for the users group.

2) Create a new group or use another group that you created for the next step.

3) Go to the workspace and right click on whitespace in the root directory.

4) Add the new group/existing group with Read access.

image 

This locks it so that new files can't be created or edited but the exception is the user's personal folder.

The permissions for that are greyed out and can't be changed.

image 

So I proposed an idea to either have the ability to turn off personal folders or to modify the permissions.

see: https://feedback.azure.com/d365community/idea/70547d9f-464d-ec11-a819-0022484e8090

View solution in original post

Preview file
76 KB
Preview file
102 KB
7 REPLIES 7

Go to solution
Anonymous
Not applicable

โ€Ž11-13-2021 11:52 AM

@Christopher Shehuโ€‹ - Hello again! Thank you for this question. It sounds like an interesting one!

0 Kudos

Go to solution
Prabakar
Databricks Employee
Databricks Employee

โ€Ž11-15-2021 06:01 AM

Hi @Christopher Shehuโ€‹  Could you please check the below doc and let me know if it helps?

https://docs.databricks.com/repos.html#control-access-to-databricks-repos

0 Kudos

Go to solution
User16871418122
Contributor III

โ€Ž11-23-2021 10:53 PM

You can allow specific git URLs by for commits and push by whitelisting in workspace settings in admin console

Screenshot 2021-11-24 at 12.21.27 PM

Preview file
204 KB
0 Kudos

Go to solution
Chris_Shehu
Valued Contributor III

โ€Ž11-24-2021 05:23 AM

Thanks for the answers but I'm looking more for something where you can disable the folder structure and ONLY have a git repo in the databricks PRD environment. That way someone can't bypass the github process to create something in prod.

0 Kudos

Go to solution
-werners-
Esteemed Contributor III
In response to Chris_Shehu

โ€Ž11-24-2021 05:27 AM

I don't think that is possible as a user has always access to his own home folder.

Maybe you can think in another direction, like no access at all on production or user groups or restriction in cluster permissions?

0 Kudos

Go to solution
Chris_Shehu
Valued Contributor III
In response to -werners-

โ€Ž11-24-2021 05:30 AM

Yeah, that's the conclusion I came to but was hoping I was wrong. Thanks!

0 Kudos

Go to solution
Chris_Shehu
Valued Contributor III

โ€Ž11-24-2021 09:04 AM

So I found a way to get 85% of the way there:

1) Disable workspace access for the users group.

2) Create a new group or use another group that you created for the next step.

3) Go to the workspace and right click on whitespace in the root directory.

4) Add the new group/existing group with Read access.

image 

This locks it so that new files can't be created or edited but the exception is the user's personal folder.

The permissions for that are greyed out and can't be changed.

image 

So I proposed an idea to either have the ability to turn off personal folders or to modify the permissions.

see: https://feedback.azure.com/d365community/idea/70547d9f-464d-ec11-a819-0022484e8090

Preview file
76 KB
Preview file
102 KB

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโ€™t want to miss the chance to attend and share knowledge.

If there isnโ€™t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements