Skip to content

Databricks

Privacera provides two types of plugin solutions for access control in Databricks clusters:

  • Databricks Spark Fine-Grained Access Control (FGAC) Plugin

    • Recommended for SQL, Python, R language notebooks.
    • Provides FGAC on databases with row filtering and column masking features.
    • Uses privacera_hive, privacera_s3, privacera_adls, privacera_files services for resource-based access control, and privacera_tag service for tag-based access control.
    • Uses the plugin implementation from Privacera

  • Databricks Spark Object Level Access Control (OLAC) Plugin

    • Recommended for Scala language notebooks.
    • Provides OLAC on S3 locations which you are trying to access via Spark.
    • Uses privacera_s3 service for resource-based access control and privacera_tag service for tag-based access control.
    • Uses the signed-authorization implementation from Privacera

Note

  • Both methods are mutually exclusive and cannot be enabled on the same cluster.
  • OLAC plugin was introduced to provide an alternative solution for Scala language clusters, since using Scala language on Databricks Spark has some security concerns.