Automatic cluster update
Automatic cluster update ensures that all the clusters in a workspace are periodically updated to the latest host OS image and security updates. Account admins can schedule the maintenance window frequency, start date, and start time.
If there are no updates for images for running compute resources, by default they are not restarted but you can configure the feature to force restart during the maintenance window.
This applies to all compute resources that run in the classic compute plane: clusters, pools, classic SQL warehouses, and legacy Model Serving. It does not apply to serverless compute resources.
Enabling this feature on a workspace requires that you add the Enhanced Security and Compliance add-on as described on the pricing page. This feature also requires the Enterprise pricing tier.
By default, automatic cluster update is scheduled for the first Sunday of every month at 1:00 AM UTC. Account admins can use the Databricks account console to change the maintenance window frequency, start date, and start time. See Configure automatic cluster update.
Enable automatic cluster update on a workspace
Note
If the compliance security profile is enabled in your account, this feature is enabled by default in all your workspaces. Workspace admins can still configure the setting at the workspace level.
You must be an account admin to configure automatic cluster update. Although this setting is configured for each workspace, the controls for this feature are part of the account console UI, not the workspace admin console.
If you enable the compliance security profile, this feature is automatically enabled. To separately enable automatic cluster update on a workspace, see Enable enhanced security and compliance features on an existing workspace.
You can also set an account-level default for new workspaces to enable automatic cluster update initially. Alternatively, you can set an account-level default to enable the compliance security profile, which automatically enables automatic cluster update. See Set account-level defaults for all new workspaces.
Updates may take up to six hours to propagate to all environments and to downstream systems like billing. Workloads that are actively running continue with the settings that were active at the time of starting the cluster or other compute resource, and new settings will start applying the next time these workloads are started. This means that if a change is made late in the day or on the last day of the month, you might still see usage reported with the old settings early the next day or month.
Restart any compute resources to ensure they immediately get the latest updates.
Set default for new workspaces to enable automatic cluster update
Account admins can set account-level defaults for new workspaces for the compliance security profile with optional compliance standards. See Set account-level defaults for all new workspaces.
Configure automatic cluster update
Go to the Databricks account console.
Navigate directly to https://accounts.cloud.databricks.com.
In the sidebar, click Workspaces.
Click the name of your workspace.
Click Security.
Next to Automatic cluster update, click the Configure button.
Set the maintenance frequency.
For monthly schedules, choose which numbered week such as 1st or 3rd.
For twice-monthly schedules, choose 1st and 3rd or 2nd and 4th.
Set the day and time for your maintenance window.
By default, compute resources only restart if updates are available. To force clusters and other compute resources to restart during this maintenance window regardless of the availability of a new update, select Always restart.
Click Save.