An Apache Spark-based analytics platform optimized for Azure.
Hello David Nagy,
Welcome to the Microsoft Q&A and thank you for posting your questions here.
I understand that you cannot enumerate blobs in Databricks-managed storage account (11.68 TiB) - 403 AuthorizationPermissionDenied.
The 403 AuthorizationPermissionDenied should not be treated as a simple missing-role issue.
To fix, you will need to clean only Databricks-exposed data through Databricks-supported interfaces:
Clean visible DBFS files with dbutils.fs or databricks fs, clean Delta tables using VACUUM, remove MLflow/job artifacts through Databricks, migrate production data out of DBFS root to Unity Catalog volumes or external locations, and raise Azure Databricks support if Azure Monitor capacity remains higher than the Databricks-visible data. For immediate savings, change workspace storage redundancy from Standard_GRS to Standard_LRS if your resilience requirements allow it. Finally, Do not directly delete unknown blobs or containers from the managed storage account, because workspace storage can contain DBFS root data, MLflow artifacts, model artifacts, job outputs, Lakeflow defaults, Cloud Fetch data, and internally generated platform data. You can use the following official resources for more details:
- https://learn.microsoft.com/en-us/azure/databricks/dbfs/dbfs-root
- https://learn.microsoft.com/en-us/azure/databricks/admin/workspace/workspace-storage-redundancy,
- https://learn.microsoft.com/en-us/azure/databricks/dev-tools/cli/reference/fs-commands,
- https://learn.microsoft.com/en-us/azure/databricks/dev-tools/databricks-utils,
- https://learn.microsoft.com/en-us/azure/databricks/tables/operations/vacuum
I hope this is helpful. Please! Do not hesitate to let me know if you have any other questions, steps or clarifications.
Please do not close the thread by upvoting and accepting the answer if any part of it is helpful.