![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 48%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
Azure Databricks
An Apache Spark-based analytics platform optimized for Azure.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 65%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
The error you’re seeing is due to a system-defined deny assignment created by Azure Databricks. These deny assignments are automatically generated by Azure services (like Databricks) to protect their managed resources and ensure their security.
Why This Happens
System-Defined Deny Assignment - These are created and managed by Azure services (like Azure Databricks) and cannot be modified, deleted, or overridden by users, even with Owner permissions.
Security Control - They prevent changes to critical resources managed by the service.
For additional information, please refer: List Azure deny assignments
What You Can Do
Assign Permissions at the Workspace Level - Instead of assigning Reader access to the Databricks resource group, assign it directly to the Databricks workspace resource.
I hope this information helps. Please do let us know if you have any further queries.
Kindly consider upvoting the comment if the information provided is helpful. This can assist other community members in resolving similar issues.
Thank you.