Setting cluster settings through SCIM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-22-2021 06:14 PM
is there a way to set the following cluster settings through the SCIM? I am not seeing anything in the API docs that would suggest it is possible but I want to double check here.
- Enable credential passthrough
- Single User Access
- Permission settings
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2021 10:36 AM
Credential passthrough
This actually needs some setting up in AWS IAM to get started. Once you've created the right instance profiles, you'll need to add them to your Databricks workspace. There's pretty exhaustive guides here that has each of the steps.
AWS: https://docs.databricks.com/security/credential-passthrough/iam-passthrough.html
Azure: https://docs.microsoft.com/en-us/azure/databricks/security/credential-passthrough/adls-passthrough
Single user access
Do you mean restricting access to a cluster for a single user? You can't directly do this with only SCIM APIs. You'll need to utilize the permissions API to set which users can attach to/run/manage a cluster and simply restrict that to a single user or group.
The SCIM APIs allow you to set whether that user is part of a particular group or whether they can access the Databricks DE/DS or SQL analytics workspace in the first place. It also allows you to specify if someone has global cluster creation/editing privileges.
Permission settings
See above, you might want to look at the permissions API.
https://docs.databricks.com/dev-tools/api/latest/permissions.html
Heads up some of the advanced permissions settings also need to be enabled by logging in, going to the Admin console from the dropdown in the top right, and then 'Workspace Settings' tab at the top.