Data sharing guide

This guide shows how you can use Delta Sharing to share data in Databricks with recipients outside your organization.

Delta Sharing is an open protocol developed by Databricks for secure data sharing with other organizations regardless of which computing platforms they use. Delta Sharing is available for data in a Unity Catalog metastore.

Unity Catalog (Preview) is a secure metastore developed by Databricks. Unity Catalog centralizes metadata and governance of an organization’s data. With Unity Catalog, data governance rules scale with your needs, regardless of the number of workspaces or the business intelligence tools your organization uses. See Get started using Unity Catalog.

To share data using Delta Sharing:

  1. You load the data into a Unity Catalog metastore.

    You can create new tables and insert records into them, or you can import existing tables into Unity Catalog from a workspace’s local Hive metastore.

  2. You enable Delta Sharing on the metastore.

  3. You create shares and recipients. Shares and recipients are Delta Sharing objects.

    • A share is a read-only collection of tables and table partitions to be shared with one or more recipients. A metastore can have multiple shares, and you can control which recipients have access to each share. A single metastore can contain multiple shares, but each share can belong to only one metastore. If you remove a share, all recipients of that share lose the ability to access it.

    • A recipient is an object that associates an organization with a credential that allows organization to access one or more shares. When you create a recipient, a downloadable credential is generated for that recipient. Each metastore can have multiple recipients, but each recipient can belong to only one metastore. A recipient can have access to multiple shares. If you remove a recipient, that recipient loses access to all shares it could previously access.

  4. After creating a recipient and granting the recipient access to shares, use a secure channel to communicate with the recipient, and share with them the unique URL where they can download the credential.

    A credential can be downloaded only one time. Databricks recommends the use of a password manager for storing and sharing a downloaded credential.

    Also share with them the documentation for Delta Sharing data recipients. They can use this documentation to access the data you share with them.

  5. At any time, you can modify the contents of a share, modify the shares to which a recipient has access, or drop a share or a recipient.

  6. Data recipients have immediate read-only access to the live, up-to-date data you share with them.

  7. A data provider can enable audit logs for Delta Sharing to understand who is creating shares and recipients and which recipients are accessing which shares.

  8. A data recipient who uses Databricks to access Delta Sharing data can also enable audit logs to understand who is accessing which Delta Sharing data.

In this guide: