cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Data Governance
Join discussions on data governance practices, compliance, and security within the Databricks Community. Exchange strategies and insights to ensure data integrity and regulatory compliance.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Heads-up: collaborator with READ on Secret Scope could delete a key from my shared notebook

guidotognini
New Contributor

3 weeks ago

Hi Databricks team,

Quick heads-up and request for guidance. While collaborating on a notebook in my personal workspace, a colleague who had READ permission on a workspace-backed Secret Scope was able to delete a secret key via terminal/CLI from the shared notebookโ€™s attached cluster.

Iโ€™m not sure if this is expected or a misconfiguration, but it felt like a privilege escalation tied to sharing from a personal workspace.

What we saw (brief):

  • Scope: workspace-backed, colleague explicitly READ only

  • Context: notebook shared from my personal workspace

  • Action: databricks secrets delete --scope <scope> --key <key> by the colleague succeeded

Questions:

  1. Is this expected when sharing notebooks from personal workspaces, or is it a known issue?

  2. Any recommended mitigations (e.g., use shared folders, disable cluster terminal, use Key Vaultโ€“backed scopes, ensure CLI uses the callerโ€™s identity)?

Happy to share workspace/cluster IDs and timestamps privately if helpful. Thanks!

0 Kudos
1 REPLY 1

dkushari
Databricks Employee
Databricks Employee

3 weeks ago

Hi @guidotognini - This is not expected behavior if your colleague truly has only READ and their CLI was using their own identity; deletion requires WRITE/MANAGE on the scope. The most probable explanation is that the CLI call was authenticated as an identity with elevated permissions (either via a misconfigured token/profile or a broader ACL than intended), rather than privilege escalation due to sharing from a personal workspace.

Can you try the following and check the output? Your colleague should have only read permission, as you stated. It might happen that the group your colleague is in, has manage permission on the scope.

databricks secrets get-acl <scope> <principal> or 
databricks secrets list-acls <scope>

 

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local communityโ€”sign up today to get started!

Sign Up Now
Announcements