Manage Unity Catalog storage credentials in Data Explorer

You can use Data Explorer to create and view storage credentials in Unity Catalog-enabled Azure Databricks workspaces. .. note:: In the Databricks SQL Data Explorer, you can create storage credentials and view their details, but you cannot modify, rotate, or delete them. For those operations, you can use the Databricks SQL editor or a notebook.

Create storage credentials

  1. At the bottom of the screen, click Storage Credentials.
  2. Click Create credential.
  3. Enter a name for the credential.
  4. Enter the directory ID, application ID, and client secret of a service principal that has been granted the Azure Blob Contributor role on the relevant storage container.
  5. Optionally, enter a comment for the storage credential.
  6. Click Save.

Manage privileges for storage credentials

You can grant permissions directly on the storage credential, but Databricks recommends that you reference it in an external location and grant permissions to that instead. An external location combines a storage credential with a specific path, and authorizes access only to that path and its contents.

  1. At the bottom of the screen, click Storage Credentials.
  2. Click the name of a storage credential to open its properties.
  3. Click Permissions.
  4. To grant permission to users or groups, select each identity, then click Grant.
  5. To revoke permissions from users or groups, select each identity, then click Revoke.