Document toolboxDocument toolbox

Configure Managed Identity in Azure Databricks

Applies to: Kyvos Enterprise  Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace

Kyvos Azure Marketplace   Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)


To use Azure Active Directory (AAD) Token authentication for Managed Identity in Databricks, you need to assign a Managed Identity to a workspace using the account console.

Account admins or Workspace admins can add Managed Identity to Azure Databricks account using the Databricks Workspace Account console.

Note

Ensure that the Azure Databricks Workspace is a Premium Databricks Workspace with Unity Catalog enabled

To add a Managed Identity to a workspace using the workspace admin console, do the following:

  1. As a workspace admin, log in to the Azure Databricks workspace.

  2. Click the User icon displays at the right of the page.

    image-20240829-105343.png
  3. Click Settings from the list. The Settings pane is displayed.

  4. In the Management and Permissions section, click Manage for Service Principals and entitlements.

    image-20240829-104810.png
  5. On the Service principals tab, click Add service principal.

  6. Click Microsoft Entra ID Managed.

  7. Enter Microsoft Entra application ID to link with your service principal which is the client ID of the Managed Identity attached to deployed cluster resources..

  8. Enter Service principal name.

Assign cluster-level permissions to Managed Identity


Cluster access control must be enabled, and you must have Can Manage permission for the cluster.

  1. Click Compute in the sidebar.

  2. Click the name of the cluster you want to modify.

  3. Click Permissions at the top of the page. In the Permission settings for dialog, you can select Managed Identity (created in Step 5 above) from the Add Users and Groups drop-down and assign the Can Manage permission.

  4. Click Done.

Copyright Kyvos, Inc. All rights reserved.