Databricks
Privacera provides two types of plugin solutions for access control in Databricks clusters:
-
Databricks Spark Fine-Grained Access Control (FGAC) Plugin
- Recommended for SQL, Python, R language notebooks.
- Provides FGAC on databases with row filtering and column masking features.
- Uses privacera_hive, privacera_s3, privacera_adls, privacera_files services for resource-based access control, and privacera_tag service for tag-based access control.
- Uses the plugin implementation from Privacera
-
Databricks Spark Object Level Access Control (OLAC) Plugin
- Recommended for Scala language notebooks.
- Provides OLAC on S3 locations which you are trying to access via Spark.
- Uses privacera_s3 service for resource-based access control and privacera_tag service for tag-based access control.
- Uses the signed-authorization implementation from Privacera
Note
- Both methods are mutually exclusive and cannot be enabled on the same cluster.
- OLAC plugin was introduced to provide an alternative solution for Scala language clusters, since using Scala language on Databricks Spark has some security concerns.