Enable access control

In Azure Databricks, you can use access control lists (ACLs) to configure permission to access data tables, clusters, pools, jobs, and workspace objects like notebooks, experiments, and folders.

All admin users can manage access control lists, as can users who have been given delegated permissions to manage access control lists.

This section describes the tasks that admin users perform to enable and disable access control.

An admin can also manage access to Azure Databricks REST APIs by giving or denying users the ability to generate access tokens.

An Azure administrator with the proper permissions can configure Azure Active Directory conditional access to control where and when users are permitted to sign in to Azure Databricks and enable Azure Data Lake Storage credential passthrough, which allows users to authenticate to Azure Data Lake Storage from Azure Databricks clusters using the same Azure Active Directory identity that they use to log into Azure Databricks.

This section covers: