Azure Databricks - Access via Credentials Passthrough

Gopinath Rajee 656 Reputation points
2022-06-10T19:24:41.377+00:00

All,

When Clusters in the Workspace are configured to for "Credentials Passthrough", the users of the cluster can access the ADLS GenV2 Storage Account he has access to. Which is good since we dont have to provision anything else for him/her to access datalake data but at the same time it is a problem since the user can access any Storage Accounts that the user has access to.

So, given a cluster, how do we ensure that the user has access to only certain Storage Accounts via the cluster even though the user might have access to lot of other storage accounts as well?

Thanks,
grajee

Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,538 questions
Azure Databricks
Azure Databricks
An Apache Spark-based analytics platform optimized for Azure.
2,325 questions
{count} votes

Accepted answer
  1. PRADEEPCHEEKATLA 90,536 Reputation points
    2022-06-13T11:12:16.16+00:00

    Hello @Gopinath Rajee ,

    Thanks for the question and using MS Q&A platform.

    You'd have to block access to those storage accounts via networking rules.

    If I have permissions to storage, and a machine that can access it. I guess I'm not even sure this is a problem, what's the point of being able to access storage only through certain machines?

    Hope this will help. Please let us know if any further queries.

    ------------------------------

    • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
    • Want a reminder to come back and check responses? Here is how to subscribe to a notification
    • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.