Connector Guide - Databricks Unity Catalog¶
This guide provides instructions for integrating Databricks Unity Catalog with Privacera. Before proceeding, ensure that the connector has been properly installed and configured.
Pre Read
It is recommended to review the following resources to better understand how the connector works and how to set it up effectively.
Encryption Setup Overview¶
Privacera Encryption Gateway (PEG) supports two cluster types for Databricks Unity Catalog:
| Cluster Type | Description |
|---|---|
| Single-User Cluster | Uses Java UDFs and a cluster init script. No AWS Secrets Manager is required. Best for dedicated compute where you control the cluster lifecycle. |
| Shared Cluster | Uses Python UDFs and AWS Secrets Manager for credentials. No init script is required. Best for multi-user shared compute. |
Co-existence
Single-user and shared cluster encryption setups can co-exist in the same Databricks workspace. You can use Java UDFs on single-user clusters and Python UDFs on shared clusters independently. Each cluster type has its own UDFs and configuration.
For step-by-step setup, see Encryption and follow Prerequisites, then choose Setup - Single User Cluster or Setup - Shared Cluster.
Access Management¶
| Topic | Description |
|---|---|
| Permissions Resource Mapping | List of supported permissions and their mapping to Databricks Unity Catalog resources. |
| Datatypes Masking Mapping | List of supported datatypes and their default values in masking functions. |
| Role-level Policy Behavior | How UC evaluates user/group grants vs Snowflake role switching; recommended patterns. |
| Service Principle User | How to configure and use a Databricks Service Principal as a user in Ranger policies. |
- Prev topic: About Databricks Unity Catalog
- Next topic: Access Management