Manage Access Control

In Azure Databricks, you can use access control lists (ACLs) to configure permission to access data tables, clusters, pools, jobs, and workspace objects like notebooks, experiments, and folders. All admin users can manage access control lists, as can users who have been given delegated permissions to manage access control lists.

Note

Table, cluster, pool, job, and workspace access control are available only in the Azure Databricks Premium Plan.

As an Azure Databricks admin, you can also manage access to Azure Databricks REST APIs by giving or denying your users the ability to generate access tokens.

As an Azure administrator with the proper permissions, you can configure Azure Active Directory conditional access to control where and when users are permitted to sign in to Azure Databricks. You can also enable Azure Data Lake Storage credential passthrough, which allows users to authenticate to Azure Data Lake Storage from Azure Databricks clusters using the same Azure Active Directory identity that they use to log into Azure Databricks.

This section covers: