cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Disable Machine Learning and Job Creation

valjas
New Contributor III

‎02-19-2024 07:21 PM

We are working on creating a new databricks workspace for external entities. We have disabled Cluster and Warehouse creation permission but the external users are still able to create Jobs and job clusters. Is there a way to revoke Job creation permissions on a user or group level?

Is there a way to disable Machine Learning section?

0 Kudos
3 REPLIES 3

Ayushi_Suthar
Databricks Employee
Databricks Employee

‎02-19-2024 10:16 PM

Hi @valjas , Good Day!

Currently, we do have an open feature request for this but as a workaround we would suggest that you to restrict non-admin users from the job creation and allow them to view required jobs, in this case is the following:

  1. Proceed with step A).
  2. Create a job(s) and add its tags as required.
  3. At job ACL level, assign "Can View". 

The above will allow these users to interact with the required jobs, but not edit them or create new ones.

A) It is not possible at job ACL level. However, this can be worked around by removing the permissions to create clusters to the users you do not want to create jobs. Also please check the following steps:

  • Remove/adjust user from clusters with the Control access to clusters where they have "Can Manage" permissions.
  • Remove the required user from any cluster policy they have access to.

Please let me know if this helps and leave a like if this information is useful, followups are appreciated.
Kudos
Ayushi

0 Kudos

valjas
New Contributor III
In response to Ayushi_Suthar

‎02-20-2024 04:26 AM - edited ‎02-20-2024 04:28 AM

> "However, this can be worked around by removing the permissions to create clusters to the users you do not want to create jobs."

I have already removed Cluster creation permissions for the users, but they can still create a job from the UI and create a job cluster while creating the job. Is there a way to create a policy where I can restrict creating a job cluster and if there is one, can I enforce it on a specific user/group?

> "Remove the required user from any cluster policy they have access to"

Can you pls guide me on how to do this? How do I check which policy an user has access to and then revoke that?

0 Kudos

Venk1599
New Contributor II

‎02-20-2024 08:56 PM

It permits cluster creation during Workflow/Job/DLT pipeline creation. However, when attempting to start any of these, it fails with a 'Not authorized to create compute' error. Please try it and inform me of the outcome

0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local community—sign up today to get started!

Sign Up Now
Announcements
Top