FedRAMP Moderate
This page describes FedRAMP Moderate compliance controls in Databricks.
FedRAMP Moderate overview
FedRAMP Moderate is a U.S. federal program that standardizes security assessment, authorization, and continuous monitoring for cloud products and services at the moderate impact level. It enables federal agencies to use cloud technologies while ensuring the protection of federal data.
Key points
- Applies to cloud services handling Controlled Unclassified Information (CUI).
- Requires compliance with NIST 800-53 moderate baseline controls.
- Emphasizes access control, incident response, continuous monitoring, and encryption.
- Databricks is a FedRAMP® Authorized Cloud Service Offering (CSO) at the moderate impact level in the AWS US East-1, US-East-2, US-West-1, US West-2 (commercial) regions.
- US Government agencies can access the Databricks on AWS FedRAMP® package on OMB Max by submitting a Package Access Request Form and submitting it to
package-access@fedramp.gov. - Additional information regarding Databricks and FedRAMP® compliance is located on the Databricks Security and Trust Center.
Enable FedRAMP Moderate compliance controls
To configure your workspace to support processing of data regulated by the FedRAMP Moderate standard, the workspace must have the compliance security profile enabled. Only specific preview features are supported for processing regulated data. For details on the compliance security profile, supported preview features, and supported regions see Compliance security profile.
You are solely responsible for verifying that sensitive information is never entered in customer-defined input fields, such as workspace names, compute resource names, tags, job names, job run names, network names, credential names, storage account names, and Git repository IDs or URLs. These fields might be stored, processed, or accessed outside the compliance boundary.
To enable FedRAMP Moderate compliance controls, see Configure enhanced security and compliance settings.
Serverless compute base environment version 5 or higher will soon be required for FedRAMP Moderate workloads on AWS. Databricks recommends upgrading to base environment version 5 now. To select a base environment for notebooks, see Select a base environment. To configure the environment for jobs, see Configure environment for job tasks.
Regional support for features
Feature |
|
|
|
|
|---|---|---|---|---|
AI Functions - Classification | ✓ | ✓ | ||
AI Functions - Document Parsing | ✓ | ✓ | ✓ | ✓ |
AI Functions - Information Extraction | ✓ | ✓ | ||
Anomaly Detection | ✓ | ✓ | ||
Classic Compute | ✓ | ✓ | ✓ | ✓ |
Clean Rooms | ✓ | ✓ | ||
Data Classification | ✓ | ✓ | ||
Databricks Apps | ✓ | ✓ | ✓ | ✓ |
Databricks One | ✓ | ✓ | ✓ | ✓ |
Default Storage | ✓ | ✓ | ✓ | ✓ |
Genie Agent Mode | ✓ | ✓ | ||
Genie Code | ✓ | ✓ | ✓ | ✓ |
Genie Code Agent Mode | ✓ | ✓ | ✓ | ✓ |
Genie Code Dashboard Agent | ✓ | ✓ | ✓ | ✓ |
Genie Spaces | ✓ | ✓ | ✓ | ✓ |
Knowledge Assistant | ✓ | ✓ | ✓ | ✓ |
Lakebase Autoscaling | ||||
Lakeflow Connect - Confluence | ✓ | ✓ | ||
Lakeflow Connect - Dynamics 365 | ✓ | ✓ | ✓ | ✓ |
Lakeflow Connect - GA4 | ||||
Lakeflow Connect - Google Ads | ✓ | ✓ | ||
Lakeflow Connect - HubSpot | ✓ | ✓ | ||
Lakeflow Connect - Meta Ads | ✓ | ✓ | ||
Lakeflow Connect - MySQL | ✓ | ✓ | ✓ | ✓ |
Lakeflow Connect - NetSuite | ||||
Lakeflow Connect - PostgreSQL | ✓ | ✓ | ✓ | ✓ |
Lakeflow Connect - SFTP | ||||
Lakeflow Connect - Salesforce | ||||
Lakeflow Connect - ServiceNow | ||||
Lakeflow Connect - SharePoint | ✓ | ✓ | ✓ | ✓ |
Lakeflow Connect - TikTok Ads | ✓ | ✓ | ||
Lakeflow Connect - Workday HCM | ||||
Lakeflow Connect - Workday Reports (RaaS) | ||||
Lakeflow Connect - Zendesk Support | ✓ | ✓ | ||
Lakeflow Connect - Zerobus Ingest | ||||
Lakeflow Jobs | ✓ | ✓ | ✓ | ✓ |
Lakeflow Pipelines Editor | ✓ | ✓ | ||
Lakehouse Monitoring | ✓ | ✓ | ||
MLflow on Databricks | ✓ | ✓ | ✓ | ✓ |
Managed MCP Servers | ✓ | ✓ | ✓ | ✓ |
Model Serving - AI Gateway | ✓ | ✓ | ✓ | ✓ |
Model Serving - AI Guardrail | ✓ | ✓ | ✓ | ✓ |
Model Serving - AI Playground | ✓ | ✓ | ✓ | ✓ |
Model Serving - Custom Models | ✓ | ✓ | ✓ | ✓ |
Model Serving - External Models | ✓ | ✓ | ✓ | ✓ |
Model Serving - Foundation Models AI Function (ai_query) | ✓ | ✓ | ✓ | ✓ |
Model Serving - Foundation Models Pay-Per-Token | ✓ | ✓ | ✓ | ✓ |
Predictive Optimization | ✓ | ✓ | ||
Serverless Jobs/Workflows/Notebooks | ✓ | ✓ | ||
Serverless Lakeflow Pipelines | ✓ | ✓ | ||
Serverless SQL warehouses | ✓ | ✓ | ||
Serverless Workspace | ✓ | ✓ | ||
Supervisor Agent | ✓ | ✓ | ||
Vector Search (Standard) | ✓ | ✓ | ||
Vector Search (Storage Optimized) |
:::