Can I create workspace local groups using the WORKSPACEADMIN?

Question

To specify, I'd like to know if it's possible to create user groups in the workspace using WORKSPACEADMIN.

I'm aware this is doable with Terraform/API, but this does not seem to be recommended practice.

So, my question is: How can I provide privileges to groups I created in AzureAD (synced to Databricks using SCIM) to the schemas/catalogs?

I read all Databricks documentation and haven't been able to find anything so far.

Answer 1

Create User Groups in the workspace using workspace Admin. Below are the steps:

• The user must be part of the Azure active directory.
• You can add any user who belongs to the Azure Active Directory tenant of your Azure Databricks workspace.

If the User is not part of the AAD. You will receive following warning.

• Here is how you can [Add users using Azure Active Directory]

Below are the Steps to Create User Groups:

Create New Group

Once after you create user group, you can add user to that Group.

• After you create the users and Groups. you can limit the access for any users.

• Theses are the below steps:

• Navigate your workspace and at the root level you will see 1 Shared folder and 1 Users folder.

• Shared is the folder where we can put our code and can be seen by all the developers.(suitable for collaboration)

Workspace Object Access Control can be Folder level or notebook Level. Click on the user and click on permissions By selecting the user you can provide the permission.

• If at all you want to do it for notebooks, Click on the Notebook you want and same permission settings tab would open. And if you want to manage privileges in Unity Catalog.
• You can set access controls using Data Explorer, SQL statements in notebooks or Databricks SQL queries, using the Unity Catalog REST API, or using Terraform.

Here is how yo can do it. Assign a metastore admin