Summary

• Datahub recommends using AD Credential Pass-through feature of Databricks to ensure the access from Databricks to the Storage Accounts is secure
• AD Credential Passthrough is a feature available in databricks to configure access control using the user’s AD identify and permissions
• AD credential of the Databricks user is passed through to the Azure Datalake Gen 2 Storage and evaluated against the files and folder ACL
• It is recommended to use AD Groups to segregate the responsibilities of group with the same access
• Any user using the cluster with AD Credential enabled will be evaluated to if that user has appropriate permission to perform the action against the file/folder

Databricks AD Credential Passthrough