What is Databricks Apps?

Preview

Databricks Apps is in Public Preview.

Databricks Apps lets developers create secure data and AI applications on the Databricks platform and share those apps with users.

Previously, creating data and AI applications that use data managed by a Databricks workspace and the data analytics features of the Databricks platform required deploying separate infrastructure to host applications, ensuring compliance with data governance controls, managing application security, including authentication and authorization, and so forth. With Databricks Apps, Databricks hosts your apps, so you don’t need to configure or deploy additional infrastructure.

Your apps can use the resources and features of the Databricks platform, including Unity Catalog for governance, Databricks SQL to query data, AI features such as model serving, Databricks Jobs for ETL, and the already configured security rules in the workspace, including the rules that control access to the data used by your app. Authentication and authorization use existing Databricks functionality, including OAuth and service principals.

Databricks designed Databricks Apps for developers. You develop your apps in Python using any framework such as Dash, Streamlit, or Gradio. Because your apps are portable, you can create and debug them locally, deploy them to a Databricks workspace, and then move them to another workspace.

Where do I develop a Databricks app?

You can write and test apps in any IDE that supports Python, such as PyCharm, IntelliJ IDEA, or Visual Studio Code. Databricks recommends developing your apps using Visual Studio Code and the Databricks extension for Visual Studio Code, but you can also use the Databricks notebook and file editor to edit your code directly in your Databricks workspace.

How do I develop and deploy a Databricks app?

The minimum requirements to create an app in your local environment are:

  • A Python file containing the code for your app.

  • The Databricks command-line interface (Databricks CLI).

  • The Databricks libraries required to develop and run your apps.

To set up your local development environment, see Requirements.

To develop an app locally, the following is a typical workflow:

  • Develop your app in your preferred IDE such as Visual Studio Code.

  • Run your app locally at the command line and view it in your browser.

  • When the code is complete and tested, move the code and required artifacts to your Databricks workspace.

See Write and deploy your first Databricks app.

Can I use Python frameworks with my Databricks app?

You can use your favorite Python frameworks, such as Dash, Streamlit, or Gradio, to develop your app.

How does Databricks Apps manage authorization?

The Databricks Apps authorization model includes the user accessing the app and a Databricks service principal assigned to the app:

  • To access an app, a user must have CAN_USE or CAN_MANAGE permissions on the app. To learn more about assigning permissions to an app, see Configure permissions for your Databricks app.

  • When an app is created, Databricks Apps automatically creates a Databricks service principal and assigns that service principal to the app. This service principal has access to only the workspace that the app is created in and is used to authenticate and authorize access to resources in the workspace, such as SQL warehouses, model serving endpoints, or securable objects in Unity Catalog. All access by an app to data or other workspace resources is performed on behalf of the service principal, not the app owner or user.

    Databricks Apps automatically grants the service principal permissions to any resources assigned to the app if the user deploying the app has CAN MANAGE permission on those resources. If access by the service principal to other resources is required, for example, tables or workspace files, an account or workspace admin must grant the service principal access to those resources. When granting access to resources, Databricks recommends following the principle of least privilege and granting the service principal only the minimal permissions required. See Manage service principals.

    The service principal name can be found on the app details page in the App resources card. The service principal includes the app name, for example, for an app named my-hello-world-app, the service principal name is app-22ixod my-hello-world-app.

Who can create Databricks apps?

Any user in a workspace can create apps. However, to manage the permissions of the service principal assigned to an app, you must be an account or workspace admin.

How do I configure my Databricks app?

Databricks Apps automatically sets several environment variables your app can access, such as the Databricks host on which your app is running. You can also set custom parameters using a YAML file. See Databricks Apps configuration.

How do I integrate my Databricks app with Databricks services?

Your apps can use Databricks platform features such as Databricks SQL to query data, Databricks Jobs for data ingestion and processing, Mosaic AI Model Serving to access generative AI models, and Databricks secrets to manage sensitive information. When configuring your app, these Databricks platform features are referred to as resources.

However, because apps are designed to be portable, Databricks recommends that apps do not depend on specific resources. For example, your app should not be hardcoded to use a particular SQL warehouse. Instead, configure the SQL warehouse in the Databricks Apps UI when creating or updating an app.

Additionally, because apps are configured to run with the least required privileges, they should not create new resources. Instead, they must rely on the Databricks platform to resolve existing dependent services. Each app has a Databricks service principal assigned. During app creation or update, the service principal is granted required permissions on defined resource dependencies.

To learn more about adding Databricks platform features as app resources, see Assign Databricks platform features to a Databricks app.

Where can I find audit logs for my Databricks apps?

To find audit events for apps, use the Databricks system tables. You can use the system tables to query:

What is the cost for Databricks Apps?

For now, you’re only billed for any services called by apps, such as SQL warehouses, serving endpoints, or Databricks jobs. The final pricing model for Databricks Apps will include additional charges and will be announced in the future.

The Databricks Apps system environment

The following describes the system environment your apps run in, resources available to your app, and versions of the installed applications and libraries.

  • Operating System: Ubuntu 22.04 LTS

  • Python: 3.11.0. Your apps run in a Python virtual environment. All dependencies are installed in this virtual environment, including automatically installed libraries and any libraries you install, for example, with a requirements.txt file.

  • System resources: Your apps can use up to two virtual CPUs (vCPU) and 6 GB of memory. Your app might be restarted if it exceeds the allocated resources.

Installed Python libraries

Library

Version

databricks-sql-connector

3.4.0

databricks-sdk

0.33.0

mlflow-skinny

2.16.2

gradio

4.44.0

streamlit

1.38.0

shiny

1.1.0

dash

2.18.1

flask

3.0.3

fastapi

0.115.0

uvicorn[standard]

0.30.6

gunicorn

23.0.0

dash-ag-grid

31.2.0

dash-mantine-components

0.14.4

dash-bootstrap-components

1.6.0

plotly

5.24.1

plotly-resampler

0.10.0

Limitations

  • There is a limit of 10 apps in a Databricks workspace.

  • Files used by an app cannot exceed 25 MB in size. If a file in your app’s directory exceeds this limit, app deployment fails with an error.

  • Databricks Apps does not meet HIPAA, PCI, or FedRAMP compliance standards.

  • Logs created by an app are not persisted when the Databricks compute hosting the app is terminated. See Logging from your Databricks app.