Do you require for a Service Principal or a Group to have admin rights to allow automation or reduce the efforts in the process of adding the permission to each user.
Solution
For Service Principals:
- You need to be at least Workspace Admin
- You can either create a Service Principal in the workspace (any workspace) or assign an Account Console Service Principal (Unity Catalog workspace only). You can refer to Manage Service Principals for the creation process.
- Once you have your existing or newly created SP assigned to your workspace navigate to Settings > Identity and Access > Groups.
- Search for a group called admins and add your SP as a member of this group.
- This will automatically inherit permissions on SP.
For Groups:
- You need to be Account Console admin
- Your workspace needs to be Unity Catalog enabled.
- Go to the Account Console URL:
- AWS: accounts.cloud.databricks.com
- AZURE: accounts.azuredatabricks.net
- GCP: accounts.gcp.databricks.com
- Go to User Management > Groups and create or sync your desired group.
- Go to Workspaces and search for the workspace you want to add, click on the name to see workspace details.
- Under Permissions click add permission, look for the desired group and add the admin role.
- This will add your group on the admins group on your workspace and will inherit the workspace admin permissions.
