How to restrict Azure users to use launch workspace to login to ADB workspace as admin when user has owner or contributor role

SailajaB
Databricks Partner

‎01-17-2022 06:05 AM

HI,

Is there any way to disable launch workspace option in Azure portal for ADB.

We have user accesses at resource group, so we need to restrict users who are part of owner or contributor role to launch ADB worksapce as admin.

Thank you

Labels:

Hubert-Dudek
Databricks MVP

‎01-17-2022 07:23 AM

You can use DenyAssignments in Azure but it is possible only with PowerShell

https://docs.microsoft.com/en-us/azure/role-based-access-control/deny-assignments


My blog: https://databrickster.medium.com/

View solution in original post

none_ranjeet
New Contributor III

‎08-20-2022 07:20 PM

Deny Assignments don't block subscription contributor to launch workspace and become admin. Actually I haven't find any way to block that after many tries of different methods.

0 Kudos