Access control settings are disabled by default on workspaces that are upgraded from the Standard plan to the Premium plan. Once an access control setting is enabled, it can not be disabled. For more information, see Access controls lists can be enabled on upgraded workspaces.
Access control lists overview
In Azure Databricks, you can use access control lists (ACLs) to configure permission to access workspace level objects. Workspace admins have the CAN MANAGE permission on all objects in their workspace, which gives them the ability to manage permissions on all objects in their workspaces. Users automatically have the CAN MANAGE permission for objects that they create.
You can manage workspace object permissions by adding objects to folders. Objects in a folder inherit all permissions settings of that folder. For example, a user that has the CAN RUN permission on a folder has CAN RUN permission on the alerts in that folder. To learn about organizing objects into folders, see Workspace browser.
Alerts ACLs
Ability
NO PERMISSIONS
CAN RUN
CAN MANAGE
See in alert list
x
x
View alert and result
x
x
Manually trigger alert run
x
x
Subscribe to notifications
x
x
Edit alert
x
Modify permissions
x
Delete alert
x
Compute ACLs
Ability
NO PERMISSIONS
CAN ATTACH TO
CAN RESTART
CAN MANAGE
Attach notebook to cluster
x
x
x
View Spark UI
x
x
x
View cluster metrics
x
x
x
View driver logs
x
x
x
Terminate cluster
x
x
Start and restart cluster
x
x
Edit cluster
x
Attach library to cluster
x
Resize cluster
x
Modify permissions
x
Legacy dashboard ACLs
Ability
NO PERMISSIONS
CAN VIEW
CAN RUN
CAN EDIT
CAN MANAGE
See in dashboard list
x
x
x
x
View dashboard and results
x
x
x
x
Refresh query results in the dashboard (or choose different parameters)
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.