cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

S3 bucket mount

Go to solution
Digan_Parikh
Valued Contributor

‎06-11-2021 01:24 PM

If you mount an S3 bucket using an AWS instance profile, does that mounted bucket become accessible to just that 1 cluster or to other clusters in that workspace as well?

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Digan_Parikh
Valued Contributor

‎06-17-2021 03:08 PM

Mounts are global to all clusters but as a best practice, you can use IAM roles to prevent access tot he underlying data.

To take this one step further, you can use IAM credential passthrough rather than instance profile because instance profile can be associated with only one IAM role so all users on the clusters have to share that role and the data policies of that role.

doc -https://docs.databricks.com/security/credential-passthrough/iam-passthrough.html

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
Digan_Parikh
Valued Contributor

‎06-17-2021 03:08 PM

Mounts are global to all clusters but as a best practice, you can use IAM roles to prevent access tot he underlying data.

To take this one step further, you can use IAM credential passthrough rather than instance profile because instance profile can be associated with only one IAM role so all users on the clusters have to share that role and the data policies of that role.

doc -https://docs.databricks.com/security/credential-passthrough/iam-passthrough.html

0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local community—sign up today to get started!

Sign Up Now
Announcements
Top