cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

S3 bucket mount

Digan_Parikh
Valued Contributor

If you mount an S3 bucket using an AWS instance profile, does that mounted bucket become accessible to just that 1 cluster or to other clusters in that workspace as well?

1 ACCEPTED SOLUTION

Accepted Solutions

Digan_Parikh
Valued Contributor

Mounts are global to all clusters but as a best practice, you can use IAM roles to prevent access tot he underlying data.

To take this one step further, you can use IAM credential passthrough rather than instance profile because instance profile can be associated with only one IAM role so all users on the clusters have to share that role and the data policies of that role.

doc -https://docs.databricks.com/security/credential-passthrough/iam-passthrough.html

View solution in original post

1 REPLY 1

Digan_Parikh
Valued Contributor

Mounts are global to all clusters but as a best practice, you can use IAM roles to prevent access tot he underlying data.

To take this one step further, you can use IAM credential passthrough rather than instance profile because instance profile can be associated with only one IAM role so all users on the clusters have to share that role and the data policies of that role.

doc -https://docs.databricks.com/security/credential-passthrough/iam-passthrough.html

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโ€™t want to miss the chance to attend and share knowledge.

If there isnโ€™t a group near you, start one and help create a community that brings people together.

Request a New Group