Databricks Clusters - Fine-Grained Access Control (FGAC)¶
Overview¶
Databricks all-purpose compute clusters are designed for interactive use cases where multiple users can connect to the same cluster to run ad hoc queries. For this clusters, Fine-Grained Access Controls (FGAC) are supported only when SQL, Python, and R are enabled on these clusters. Fine-Grained Access Control (FGAC) includes the following features:
- Table-level access control
- Column-level access control
- Row-level access control
- Dynamic column masking
- Dynamic column encryption
- Centralized access audit
- Granular access audit record
The policies can be defined using object-level policies, tag-based policies, and attribute-based policies (ABAC).
Scala is not supported with FGAC
When FGAC is enabled on the cluster, enabling Scala on the same cluster allows user-written Scala code to potentially bypass the guardrails and directly access data. This issue stems from a limitation within the Databricks platform itself, rather than Privacera.
For Databricks all-purpose compute clusters, Privacera supports:
| Feature | Supported |
|---|---|
 Access Management | Yes |
| Discovery | Yes |
| Encryption | Yes |