Pool access control

Preview

This feature is in Public Preview.

Note

Access control is available only in the Premium plan (or, for customers who subscribed to Databricks before March 3, 2020, the Operational Security package).

By default, all users can create and modify pools unless an administrator enables pool access control. With pool access control, permissions determine a user’s abilities. This article describes the individual permissions and how configure pool access control.

Before you can use pool access control, a Databricks admin must enable it for the workspace. See Enable pool access control for your workspace.

Pool permissions

There are three permission levels for a pool: No Permissions, Can Attach To, and Can Manage. The table lists the abilities for each permission.

Ability No Permissions Can Attach To Can Manage
Attach cluster to pool   x x
Delete pool     x
Edit pool     x
Modify pool permissions     x

Configure pool permissions

To give a user or group permission to manage pools or attach a cluster to a pool using the UI, at the bottom of the pool configuration page, select the Permissions tab. You can:

  • Select users and groups from the Select User or Group drop-down and assign permission levels for them.
  • Update pool permissions for users and groups that have already been added, using the drop-down menu beside a user or group name.
Assign pool permissions

The only way to grant a user or group permission to create a pool is through the API. Follow the SCIM API documentation and grant the user the allow-instance-pool-create entitlement.

Preview

To give a user or group permission to manage pools or attach a cluster to a pool using an API, you must request access to a Private Preview API. Contact Databricks for more information.