Encryption for Databricks all-purpose compute clusters with Fine-Grained Access Control (FGAC)¶

Overview¶

Privacera Encryption enables comprehensive data protection for Databricks clusters with Fine-Grained Access Control (FGAC). Supported capabilities include:

• File-level encryption and decryption
• Data protect and unprotect operations
• Data masking using Privacera UDFs

For detailed information regarding Privacera Encryption Gateway(PEG), refer to the Privacera Encryption User Guide.

Prerequisite¶

• Before using encryption and masking features in Databricks Clusters FGAC, ensure that Privacera Encryption Gateway (PEG) is configured and enabled.
• For setup instructions, please refer the PEG Setup Guide.
• Ensure the necessary encryption, presentation, and masking schemes are created. To create these schemes, refer to the documentation below:
  • Encryption Scheme
  • Presentation Scheme
  • Masking

Setup¶

• Create a Databricks all-purpose compute clusters with Fine-Grained Access Control (FGAC).
• For setup instructions Please refer the Databricks Cluster Setup Guide.

Connector Guide¶

To implement encryption, decryption, and masking on Databricks FGAC clusters, follow the Encryption section in the Connector Guide.

The guide provides examples and usage patterns for:

• Encrypting and decrypting files using Scala input/output streams
• Protecting, unprotecting, and masking data using Privacera UDFs in SQL

Troubleshooting¶

For troubleshooting steps for Privacera Encryption Gateway (PEG) integration with Databricks, see Databricks PEG Integration Troubleshooting.