cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Governance
Join discussions on data governance practices, compliance, and security within the Databricks Community. Exchange strategies and insights to ensure data integrity and regulatory compliance.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Roles in Databricks

sdheepak
New Contributor II

‎08-19-2024 08:15 AM

 

Currently, Databricks allows us to grant access to catalogs, schemas, and objects individually, but this process can be repetitive and time-consuming when managing access for multiple applications across different schemas. A feature that enables the creation of roles that encapsulate a set of permissions (e.g., read, write, manage) at the catalog or schema level would greatly simplify the access management process.

For instance, creating a role such as Application_Admin with permissions to multiple schemas or objects within a catalog and assigning this role to AD groups or service accounts would significantly reduce administrative overhead. This would not only streamline user onboarding and access management but also improve security by providing a standardized method of managing access.

Feature Request:

  • Ability to create custom roles with predefined permissions.
  • The ability to assign these roles to AD groups, service accounts, or individual users.
  • Support for role inheritance where a higher-level role can inherit permissions from lower-level roles.

This feature would help large organizations manage access control in a more efficient and secure manner.

0 Kudos
3 REPLIES 3

sdheepak
New Contributor II

‎08-19-2024 08:47 AM

Just now i saw the video  , I think this will get resolve the issue 

https://www.databricks.com/dataaisummit/session/attribute-based-access-controls-unity-catalog-buildi...

Retired_mod
Esteemed Contributor III
In response to Retired_mod

‎08-21-2024 02:03 AM

Hi @sdheepakI think you can just use Databricks groups. You can assign permissions to Databricks groups and add AAD groups, service accounts, or users into these groups. Inheritance is supported on Databricks groups.

0 Kudos

Retired_mod
Esteemed Contributor III

‎08-21-2024 02:00 AM

Hi @sdheepak, Thanks for reaching out! Please review the response and let us know which best addresses your question. Your feedback is valuable to us and the community.

If the response resolves your issue, kindly mark it as the accepted solution. This will help close the thread and assist others with similar queries.

We appreciate your participation and are here if you need further assistance!

0 Kudos

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements