Using Databricks Native Public Group¶

This property controls whether PolicySync should use the native public group in Databricks for access grants.

True (Default): Grants access to all users via the Databricks public group.
False: Disables the public group, and all access must be explicitly assigned to specific users or groups. However, Privacera groups with specified prefixes will still be granted access.

Self Managed and Data PlanePrivaceraCloud

SSH to the instance where Privacera Manager is installed.
Run the following command to open the .yml file to be edited.

If you have multiple connectors, then replace instance1 with the appropriate connector instance name.
Bash
1
vi ~/privacera/privacera-manager/config/custom-vars/connectors/databricks-unity-catalog/instance1/vars.connector.databricks.unity.catalog.yml
Set the following property to control whether PolicySync should use the native public group in Databricks for access grants.
Bash
1
CONNECTOR_DATABRICKS_UNITY_CATALOG_USE_NATIVE_PUBLIC_GROUP: "true"
Once the properties are configured, run the following commands to update your Privacera Manager platform instance:

Step 1 - Setup which generates the helm charts. This step usually takes few minutes.
Bash
1 2
cd ~/privacera/privacera-manager ./privacera-manager.sh setup
Step 2 - Apply the Privacera Manager helm charts.
Bash
1 2
cd ~/privacera/privacera-manager ./pm_with_helm.sh upgrade
Step 3 - Post-installation step which generates Plugin tar ball, updates Route 53 DNS and so on.
Bash
1 2
cd ~/privacera/privacera-manager ./privacera-manager.sh post-install

In PrivaceraCloud portal, navigate to Settings -> Applications.
On the Connected Applications screen, select Databricks Unity Catalog.
Click the pen icon or the Account Name to modify the settings.
On the Edit Application screen, go to Access Management -> ADVANCED tab.
Enable the Use Databricks Unity Catalog native public group for public group access policies option with the toggle button.
Click SAVE to apply the changes.

Comments