Pool access control


This feature is in Public Preview.


Access control is available only in the Premium plan (or, for customers who subscribed to Databricks before March 3, 2020, the Operational Security package).

By default, all users can create and modify pools unless an administrator enables pool access control. With pool access control, permissions determine a user’s abilities. This article describes the individual permissions and how to configure pool access control.

Before you can use pool access control, a Databricks admin must enable it for the workspace. See Enable pool access control for your workspace.

Pool permissions

There are three permission levels for a pool: No Permissions, Can Attach To, and Can Manage. The table lists the abilities for each permission.

Ability No Permissions Can Attach To Can Manage
Attach cluster to pool   x x
Delete pool     x
Edit pool     x
Modify pool permissions     x

Configure pool permissions

To give a user or group permission to manage pools or attach a cluster to a pool using the UI, at the bottom of the pool configuration page, select the Permissions tab. You can:

  • Select users and groups from the Select User or Group drop-down and assign permission levels for them.
  • Update pool permissions for users and groups that have already been added, using the drop-down menu beside a user or group name.
Assign pool permissions


You can also give a user or group permission to manage pools or attach a cluster to a pool using the Permissions API.

The only way to grant a user or group permission to create a pool is through the SCIM API. Follow the SCIM API documentation and grant the user the allow-instance-pool-create entitlement.