Databricks administration guide

This article provides an overview of Databricks administrator privileges and responsibilities.

Note

For an overview that walks you through the primary tasks you can perform as an administrator, with a focus on getting your team up and running on Databricks, see Get started as a Databricks administrator.

There are two types of admins available in Databricks. Account admins handle general account management. Workspace admins manage the settings and features of individual workspaces in the account. The following table shows you privileges available to these admin types:

Admin Type

Description

Account admin

Admin for the entire Databricks account. Each account has one account owner (user who created the account) and can have multiple account admins. Account admins and account owners have the same privileges. They can:

  • Access the account console

  • Create and manage workspaces

  • Manage users and groups

  • Manage subscription and billing

  • Configure audit logging

  • View high-level usage data

  • Manage account metastores

Workspace admin

Admin for an individual workspace. Within their workspace, workspace admins can:

  • Access the admin console

  • Manage workspace users and groups

  • Manage workspace settings

  • Configure cluster policies

  • Configure access control

  • Manage workspace storage

You will also need users with administrative access to AWS to manage the networking and security for your Databricks instance and IAM credential passthrough.

Delegate workspace admin privileges

Databricks workspace admins are members of the admins group. To give a user admin privileges, add them to the admins group using the Admin Console, the Groups API 2.0, the SCIM API 2.0, or a SCIM-enabled Identity Provider.