- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2021 07:27 AM
This document (https://docs.databricks.com/security/keys/customer-managed-keys-managed-services-aws.html) describes how to use a customer managed key to encrypt notebooks in the control plane.
We would please like to verify: if no CMK is provided, are notebooks still encrypted using a key provided by Databricks or the cloud provider?
- Labels:
-
CMK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-12-2021 08:47 AM
Hello @Nathan Buesgens - My name is Piper and I'm one of the moderators for Databricks. Thanks for your question and it's great to meet you myself.
Let's give the community a bit longer to respond. If nothing comes our way, we'll circle back to you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-12-2021 12:03 PM
Hello @Nathan Buesgens , from a high level point of view, by default, notebooks source code and metadata in the control plane are encrypted at rest in AWS RDS using AWS KMS with a Databricks-managed Key.
But there is other data related to notebooks and things change depending on what kind of data you are referring to and how you use notebooks (interactive vs. jobs).
I would recommend to reach out to your account team and request a copy of the enterprise security guide which provides an in-depth description of Databricks' security posture.
Cheers,
Filippo
