SlideShare una empresa de Scribd logo

Databricks secure deployments and security baselines, doug march 2022

H
Henrik Brattlie

Databricks resources deployed to a pre-provisioned VNET Databricks traffic isolated from regular network traffic Prevent data exfiltration Internal traffic between cluster nodes internal and encrypted Access to Databricks control plane limited and controlled

Datos y análisis
1 de 25
Descargar para leer sin conexión
Databricks Oslo User Group MeetUp #5 March 16th 2022
©2019 Avanade Inc. All Rights Reserved • This is a group for anyone interested in Databricks. All skill levels are welcome. • Established in June 2019 • We are about 220 members • The user group aims to arrange 3-5 physical meetings per year in the Oslo area. • Avanade Norway started this group to meet other people excited about the possibilities in Databricks and to exchange knowledge and experiences. • This MeetUp group is not sponsored by (or affiliated with) Databricks. It is an unofficial community group. • The MeetUp group is part of Azure Tech Communities and sponsored by Microsoft Databricks Oslo User Group - DOUG 2
©2019 Avanade Inc. All Rights Reserved 17:00 - Doors open / mingling / coffee 17:30 – Welcome 17:40 – Databricks Enterprise Security Databricks secure deployments and security baselines Azure Data Factory and Databricks interaction - with security focus Vacuum of delta tables for GDPR compliance Antonio Abalos Castillo and Marino Grønseth (Avanade) 18:25 – Break – 15 minutes 18:40 - Experiences building an enterprise Data Lakehouse using Azure Databricks Halvar Trøyel Nerbø & Sindre Grindheim (Glitni) 19:25 - Wrap up / mingling Agenda 3
Databricks secure deployments and security baselines DOUG, March 2022 Antonio Abalos Castillo, @antonioabalos
©2019 Avanade Inc. All Rights Reserved The perfectly secure deployment is like travelling at light-speed, the more secure we want to be, the more energy it requires. Travelling at light-speed 5
©2019 Avanade Inc. All Rights Reserved Where is data stored? What kind of questions can we expect? 6 Is data protected while in-transit? Is data encrypted at-rest? What region is data stored on? Can data be transferred to another region?
©2019 Avanade Inc. All Rights Reserved 1. Databricks resources deployed to a pre-provisioned VNET 2. Databricks traffic isolated from regular network traffic • Prevent data exfiltration 3. Internal traffic between cluster nodes internal and encrypted 4. Access to Databricks control plane limited and controlled Goals for secure deployments 7
©2019 Avanade Inc. All Rights Reserved Databricks 8
©2019 Avanade Inc. All Rights Reserved Databricks 9 Databricks + Azure User subscription Isolated VNET At-rest encryption Access control Deploy Azure Databricks in your Azure virtual network (VNet injection) Service endpoint / private link
©2019 Avanade Inc. All Rights Reserved Most secure features require Premium (*) • Single sign-on • Role-based access control • Credentials passthrough • VNET injection • Secure cluster connectivity • IP access list • Customer-managed keys for control plane data encryption • Customer-managed keys for DBFS (data plane) data encryption Databricks pricing plan 10 (*) All but SSO require the Premium plan. Enterprise security for Azure Databricks - Azure Databricks 1 VM x 1 DBU x 1 hour Standard kr6,97 Premium kr8,31 (+19%)
©2019 Avanade Inc. All Rights Reserved - Service Endpoints - No extra cost - Private Link - Inbound traffic: kr0,0909/GB - Outbound traffic: kr0,0909/GB Other price considerations 11 Pricing - Azure Private Link | Microsoft Azure Azure virtual network service endpoints | Microsoft Docs
©2019 Avanade Inc. All Rights Reserved Default Azure Databricks deployment - VNET created by Databricks - Resources created in locked resource group - Subnets created and managed by Databricks VNET injection 12 Deploy Azure Databricks in your Azure virtual network (VNet injection) VNET injection - VNET managed by user - Subnets created and managed by the user - Custom DNS settings - Custom route tables - On-premises data connection available (*) You cannot replace the VNet for an existing workspace
©2019 Avanade Inc. All Rights Reserved - Workspace and VNET must reside in the same region - Workspace and VNET must reside in the same subscription - Address space for VNET: between CIDR /16 and /24 (65k and 256 respectively) - Several workspaces can share the same VNET - 2 dedicated subnets exclusive for each workspace: - Public/host subnet - Private/container subnet - 5 IP addresses reserved for Azure in each subnet VNET injection requirements 13
©2019 Avanade Inc. All Rights Reserved VNET injection example 14 VNET Databricks Container/private subnet Host/public subnet Cluster VMs VNET Hub Azure Firewall VNET peering Service connections Credentials passthrough Service Principal TLS inter-node communications Storage Blob ADLS Route tables Key Vault Enterprise App VNET VMs How to Deploy Databricks Clusters in Your Own Custom VNET Deploy Azure Databricks in your Azure virtual network (VNet injection)
©2019 Avanade Inc. All Rights Reserved Service connections 15 Azure virtual network service endpoints Securely Accessing Azure Data Sources from Azure Databricks No additional price Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Traffic from your VNet to the Azure service always remains on the Microsoft Azure network backbone.
©2019 Avanade Inc. All Rights Reserved Data exfiltration protection Private-endpoints 16 Securely Accessing Azure Data Sources from Azure Databricks Pricing - Azure Private Link | Microsoft Azure Extends your private network address space to Azure Data services, i.e. the Azure data service effectively gets a private IP in one of your VNETs and could be treated as part of your larger private network.
©2019 Avanade Inc. All Rights Reserved Secure Cluster Connectivity (No Public-IP) 17 Secure cluster connectivity (No Public IP / NPIP) * You cannot add secure cluster connectivity to an existing workspace * Using Secure Cluster Connectivity with default (managed) VNET creates a NAT gateway, incurring in extra costs
©2019 Avanade Inc. All Rights Reserved Data exfiltration full overview 18 How to protect Data Exfiltration with Azure Databricks to help ensure Cloud Security
©2019 Avanade Inc. All Rights Reserved Other secure characteristics 19
©2019 Avanade Inc. All Rights Reserved Restrict access to Azure Databricks Control Plane by using Conditional Access. Authenticated connections allowed only from pre-defined IP addresses. - Requires Azure AD Premium P1 Azure AD Conditional access 20 What is Conditional Access in Azure Active Directory?
©2019 Avanade Inc. All Rights Reserved Access control • Workspace object access control: folder and notebook access • Cluster access control: access to changing clusters (attach, restart, manage) • Pool access control: changing access to pools (attach, manage) • Jobs access control: job results (view, manage run, owner, manage) • Table access control (premium): table access (deny) • Secret access control: create, view, delete Databricks Access Control 21 Security guide - Azure Databricks | Microsoft Docs
©2019 Avanade Inc. All Rights Reserved DBFS encryption 22 Configure customer-managed keys for DBFS root Key vault in the same region and same Azure Active Directory (Azure AD) tenant as your Azure Databricks workspace. They can be in different subscriptions. Key identifier Encryption Keys can be rotated without re-encrypting storage account content. Databricks workspace needs key permissions in Key Vault to perform wrap and unwrap key operations.
©2019 Avanade Inc. All Rights Reserved 1. Network Security 2. Logging and Monitoring 3. Identity and Access Control 4. Data Protection 5. Vulnerability Management 6. Inventory and Asset Management 7. Secure Configuration 8. Malware Defense 9. Data Recovery 10. Incident Response 11. Penetration Tests and Red Team Exercises Azure Databricks security baseline (34 pages) https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/databricks-security-baseline
Vacuum of delta tables for GDPR compliance - Demo DOUG, March 2022 Marino Bråthen Grønseth, LinkedIn
©2019 Avanade Inc. All Rights Reserved We hope to see you next time! The DOUG crew Henrik Brattlie, LinkedIn

Recomendados

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Snowflake Datawarehouse Architecturing
Snowflake Datawarehouse ArchitecturingSnowflake Datawarehouse Architecturing
Snowflake Datawarehouse ArchitecturingIshan Bhawantha Hewanayake
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 
Pipelines and Data Flows: Introduction to Data Integration in Azure Synapse A...
Pipelines and Data Flows: Introduction to Data Integration in Azure Synapse A...Pipelines and Data Flows: Introduction to Data Integration in Azure Synapse A...
Pipelines and Data Flows: Introduction to Data Integration in Azure Synapse A...Cathrine Wilhelmsen
 
Databricks Fundamentals
Databricks FundamentalsDatabricks Fundamentals
Databricks FundamentalsDalibor Wijas
 
Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)James Serra
 
Moving to the cloud: cloud strategies and roadmaps
Moving to the cloud: cloud strategies and roadmapsMoving to the cloud: cloud strategies and roadmaps
Moving to the cloud: cloud strategies and roadmapsJisc
 
Building Modern Data Platform with Microsoft Azure
Building Modern Data Platform with Microsoft AzureBuilding Modern Data Platform with Microsoft Azure
Building Modern Data Platform with Microsoft AzureDmitry Anoshin
 

Recomendados

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Snowflake Datawarehouse Architecturing
Snowflake Datawarehouse ArchitecturingSnowflake Datawarehouse Architecturing
Snowflake Datawarehouse ArchitecturingIshan Bhawantha Hewanayake
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 
Pipelines and Data Flows: Introduction to Data Integration in Azure Synapse A...
Pipelines and Data Flows: Introduction to Data Integration in Azure Synapse A...Pipelines and Data Flows: Introduction to Data Integration in Azure Synapse A...
Pipelines and Data Flows: Introduction to Data Integration in Azure Synapse A...Cathrine Wilhelmsen
 
Databricks Fundamentals
Databricks FundamentalsDatabricks Fundamentals
Databricks FundamentalsDalibor Wijas
 
Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)James Serra
 
Moving to the cloud: cloud strategies and roadmaps
Moving to the cloud: cloud strategies and roadmapsMoving to the cloud: cloud strategies and roadmaps
Moving to the cloud: cloud strategies and roadmapsJisc
 
Building Modern Data Platform with Microsoft Azure
Building Modern Data Platform with Microsoft AzureBuilding Modern Data Platform with Microsoft Azure
Building Modern Data Platform with Microsoft AzureDmitry Anoshin
 
Microsoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas AzureMicrosoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas AzureAlert Logic
 
Actionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceActionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceHarald Erb
 
Data Mesh
Data MeshData Mesh
Data MeshPiethein Strengholt
 
Learn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceLearn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceDatabricks
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Snowflake Architecture.pptx
Snowflake Architecture.pptxSnowflake Architecture.pptx
Snowflake Architecture.pptxchennakesava44
 
Building Lakehouses on Delta Lake with SQL Analytics Primer
Building Lakehouses on Delta Lake with SQL Analytics PrimerBuilding Lakehouses on Delta Lake with SQL Analytics Primer
Building Lakehouses on Delta Lake with SQL Analytics PrimerDatabricks
 
Getting Started with Data Stewardship
Getting Started with Data StewardshipGetting Started with Data Stewardship
Getting Started with Data StewardshipDATAVERSITY
 
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...Databricks
 
Azure Data Engineering.pptx
Azure Data Engineering.pptxAzure Data Engineering.pptx
Azure Data Engineering.pptxpriyadharshini626440
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYMaganathin Veeraragaloo
 
warner-DP-203-slides.pptx
warner-DP-203-slides.pptxwarner-DP-203-slides.pptx
warner-DP-203-slides.pptxHibaB2
 
Databricks Platform.pptx
Databricks Platform.pptxDatabricks Platform.pptx
Databricks Platform.pptxAlex Ivy
 
Modernizing to a Cloud Data Architecture
Modernizing to a Cloud Data ArchitectureModernizing to a Cloud Data Architecture
Modernizing to a Cloud Data ArchitectureDatabricks
 
DW Migration Webinar-March 2022.pptx
DW Migration Webinar-March 2022.pptxDW Migration Webinar-March 2022.pptx
DW Migration Webinar-March 2022.pptxDatabricks
 
Introduction to Azure Blueprints
Introduction to Azure BlueprintsIntroduction to Azure Blueprints
Introduction to Azure BlueprintsCheah Eng Soon
 
Data Platform Architecture Principles and Evaluation Criteria
Data Platform Architecture Principles and Evaluation CriteriaData Platform Architecture Principles and Evaluation Criteria
Data Platform Architecture Principles and Evaluation CriteriaScyllaDB
 
Introducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseIntroducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseSnowflake Computing
 
The Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data AnalyticsThe Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data AnalyticsStephanie Locke
 
Snowflake for Data Engineering
Snowflake for Data EngineeringSnowflake for Data Engineering
Snowflake for Data EngineeringHarald Erb
 
Multiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on KubernetesMultiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on KubernetesJanos Matyas
 
Az 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAz 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAzureEzy1
 

Más contenido relacionado

La actualidad más candente

Microsoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas AzureMicrosoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas AzureAlert Logic
 
Actionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceActionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceHarald Erb
 
Learn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceLearn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceDatabricks
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Snowflake Architecture.pptx
Snowflake Architecture.pptxSnowflake Architecture.pptx
Snowflake Architecture.pptxchennakesava44
 
Building Lakehouses on Delta Lake with SQL Analytics Primer
Building Lakehouses on Delta Lake with SQL Analytics PrimerBuilding Lakehouses on Delta Lake with SQL Analytics Primer
Building Lakehouses on Delta Lake with SQL Analytics PrimerDatabricks
 
Getting Started with Data Stewardship
Getting Started with Data StewardshipGetting Started with Data Stewardship
Getting Started with Data StewardshipDATAVERSITY
 
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...Databricks
 
warner-DP-203-slides.pptx
warner-DP-203-slides.pptxwarner-DP-203-slides.pptx
warner-DP-203-slides.pptxHibaB2
 
Databricks Platform.pptx
Databricks Platform.pptxDatabricks Platform.pptx
Databricks Platform.pptxAlex Ivy
 
Modernizing to a Cloud Data Architecture
Modernizing to a Cloud Data ArchitectureModernizing to a Cloud Data Architecture
Modernizing to a Cloud Data ArchitectureDatabricks
 
DW Migration Webinar-March 2022.pptx
DW Migration Webinar-March 2022.pptxDW Migration Webinar-March 2022.pptx
DW Migration Webinar-March 2022.pptxDatabricks
 
Introduction to Azure Blueprints
Introduction to Azure BlueprintsIntroduction to Azure Blueprints
Introduction to Azure BlueprintsCheah Eng Soon
 
Data Platform Architecture Principles and Evaluation Criteria
Data Platform Architecture Principles and Evaluation CriteriaData Platform Architecture Principles and Evaluation Criteria
Data Platform Architecture Principles and Evaluation CriteriaScyllaDB
 
Introducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseIntroducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseSnowflake Computing
 
The Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data AnalyticsThe Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data AnalyticsStephanie Locke
 
Snowflake for Data Engineering
Snowflake for Data EngineeringSnowflake for Data Engineering
Snowflake for Data EngineeringHarald Erb
 

La actualidad más candente (20)

Microsoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas AzureMicrosoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas Azure
 
Actionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceActionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data Science
 
Data Mesh
Data MeshData Mesh
Data Mesh
 
Learn to Use Databricks for Data Science
Learn to Use Databricks for Data ScienceLearn to Use Databricks for Data Science
Learn to Use Databricks for Data Science
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
 
Snowflake Architecture.pptx
Snowflake Architecture.pptxSnowflake Architecture.pptx
Snowflake Architecture.pptx
 
Building Lakehouses on Delta Lake with SQL Analytics Primer
Building Lakehouses on Delta Lake with SQL Analytics PrimerBuilding Lakehouses on Delta Lake with SQL Analytics Primer
Building Lakehouses on Delta Lake with SQL Analytics Primer
 
Getting Started with Data Stewardship
Getting Started with Data StewardshipGetting Started with Data Stewardship
Getting Started with Data Stewardship
 
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
 
Azure Data Engineering.pptx
Azure Data Engineering.pptxAzure Data Engineering.pptx
Azure Data Engineering.pptx
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
warner-DP-203-slides.pptx
warner-DP-203-slides.pptxwarner-DP-203-slides.pptx
warner-DP-203-slides.pptx
 
Databricks Platform.pptx
Databricks Platform.pptxDatabricks Platform.pptx
Databricks Platform.pptx
 
Modernizing to a Cloud Data Architecture
Modernizing to a Cloud Data ArchitectureModernizing to a Cloud Data Architecture
Modernizing to a Cloud Data Architecture
 
DW Migration Webinar-March 2022.pptx
DW Migration Webinar-March 2022.pptxDW Migration Webinar-March 2022.pptx
DW Migration Webinar-March 2022.pptx
 
Introduction to Azure Blueprints
Introduction to Azure BlueprintsIntroduction to Azure Blueprints
Introduction to Azure Blueprints
 
Data Platform Architecture Principles and Evaluation Criteria
Data Platform Architecture Principles and Evaluation CriteriaData Platform Architecture Principles and Evaluation Criteria
Data Platform Architecture Principles and Evaluation Criteria
 
Introducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseIntroducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data Warehouse
 
The Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data AnalyticsThe Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data Analytics
 
Snowflake for Data Engineering
Snowflake for Data EngineeringSnowflake for Data Engineering
Snowflake for Data Engineering
 

Similar a Databricks secure deployments and security baselines, doug march 2022

Multiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on KubernetesMultiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on KubernetesJanos Matyas
 
Az 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAz 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAzureEzy1
 
Big data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartchBig data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartchCloudera, Inc.
 
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarSecuring APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarCodit
 
Az 104 session 2 implement and manage azure webapps and container
Az 104 session 2 implement and manage azure webapps and containerAz 104 session 2 implement and manage azure webapps and container
Az 104 session 2 implement and manage azure webapps and containerAzureEzy1
 
Securely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
Securely Connecting Your Customers to Their Cloud-Hosted App – In MinutesSecurely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
Securely Connecting Your Customers to Their Cloud-Hosted App – In MinutesKhash Nakhostin
 
ENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSAmazon Web Services
 
Presentation building and running your private cloud
Presentation building and running your private cloudPresentation building and running your private cloud
Presentation building and running your private cloudsolarisyourep
 
Presentation building and running your private cloud
Presentation building and running your private cloudPresentation building and running your private cloud
Presentation building and running your private cloudxKinAnx
 
VMware vCloud Air: Networking
VMware vCloud Air: NetworkingVMware vCloud Air: Networking
VMware vCloud Air: NetworkingVMware
 
AZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
AZ-204: Monitor, Troubleshoot & Optimize Azure SolutionsAZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
AZ-204: Monitor, Troubleshoot & Optimize Azure SolutionsAzureEzy1
 
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdf
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdfData & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdf
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdfChris Bingham
 
Data platform modernization with Databricks.pptx
Data platform modernization with Databricks.pptxData platform modernization with Databricks.pptx
Data platform modernization with Databricks.pptxCalvinSim10
 
Az 104 session 5: Azure networking
Az 104 session 5: Azure networkingAz 104 session 5: Azure networking
Az 104 session 5: Azure networkingAzureEzy1
 
Private cloud 201 cr
Private cloud 201 crPrivate cloud 201 cr
Private cloud 201 crChris Avis
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupNetCraftsmen
 
Private cloud 201 how to build a private cloud
Private cloud 201 how to build a private cloud Private cloud 201 how to build a private cloud
Private cloud 201 how to build a private cloud Harold Wong
 
Five Connectivity and Security Use Cases for Azure VNets
Five Connectivity and Security Use Cases for Azure VNetsFive Connectivity and Security Use Cases for Azure VNets
Five Connectivity and Security Use Cases for Azure VNetsKhash Nakhostin
 

Similar a Databricks secure deployments and security baselines, doug march 2022 (20)

Multiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on KubernetesMultiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on Kubernetes
 
Az 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAz 104 session 8 azure monitoring
Az 104 session 8 azure monitoring
 
Big data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartchBig data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartch
 
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarSecuring APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
 
Preparing for Multi-Cloud
Preparing for Multi-CloudPreparing for Multi-Cloud
Preparing for Multi-Cloud
 
Az 104 session 2 implement and manage azure webapps and container
Az 104 session 2 implement and manage azure webapps and containerAz 104 session 2 implement and manage azure webapps and container
Az 104 session 2 implement and manage azure webapps and container
 
Azure privatelink
Azure privatelinkAzure privatelink
Azure privatelink
 
Securely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
Securely Connecting Your Customers to Their Cloud-Hosted App – In MinutesSecurely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
Securely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
 
ENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWS
 
Presentation building and running your private cloud
Presentation building and running your private cloudPresentation building and running your private cloud
Presentation building and running your private cloud
 
Presentation building and running your private cloud
Presentation building and running your private cloudPresentation building and running your private cloud
Presentation building and running your private cloud
 
VMware vCloud Air: Networking
VMware vCloud Air: NetworkingVMware vCloud Air: Networking
VMware vCloud Air: Networking
 
AZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
AZ-204: Monitor, Troubleshoot & Optimize Azure SolutionsAZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
AZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
 
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdf
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdfData & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdf
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdf
 
Data platform modernization with Databricks.pptx
Data platform modernization with Databricks.pptxData platform modernization with Databricks.pptx
Data platform modernization with Databricks.pptx
 
Az 104 session 5: Azure networking
Az 104 session 5: Azure networkingAz 104 session 5: Azure networking
Az 104 session 5: Azure networking
 
Private cloud 201 cr
Private cloud 201 crPrivate cloud 201 cr
Private cloud 201 cr
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
 
Private cloud 201 how to build a private cloud
Private cloud 201 how to build a private cloud Private cloud 201 how to build a private cloud
Private cloud 201 how to build a private cloud
 
Five Connectivity and Security Use Cases for Azure VNets
Five Connectivity and Security Use Cases for Azure VNetsFive Connectivity and Security Use Cases for Azure VNets
Five Connectivity and Security Use Cases for Azure VNets
 

Último

Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxolyaivanovalion
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecurePooja Nehwal
 
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightCheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightDelhi Call girls
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxolyaivanovalion
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfadriantubila
 
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Delhi Call girls
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxolyaivanovalion
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxolyaivanovalion
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptxAnupama Kate
 
Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023ymrp368
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAroojKhan71
 
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceBDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceDelhi Call girls
 
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...shivangimorya083
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxolyaivanovalion
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfLars Albertsson
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Researchmichael115558
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxolyaivanovalion
 

Último (20)

(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
 
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in KishangarhDelhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
 
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightCheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFx
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
 
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
 
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFx
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptx
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx
 
Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
 
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceBDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
 
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptx
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdf
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptx
 

Databricks secure deployments and security baselines, doug march 2022

  • 1. Databricks Oslo User Group MeetUp #5 March 16th 2022
  • 2. ©2019 Avanade Inc. All Rights Reserved • This is a group for anyone interested in Databricks. All skill levels are welcome. • Established in June 2019 • We are about 220 members • The user group aims to arrange 3-5 physical meetings per year in the Oslo area. • Avanade Norway started this group to meet other people excited about the possibilities in Databricks and to exchange knowledge and experiences. • This MeetUp group is not sponsored by (or affiliated with) Databricks. It is an unofficial community group. • The MeetUp group is part of Azure Tech Communities and sponsored by Microsoft Databricks Oslo User Group - DOUG 2
  • 3. ©2019 Avanade Inc. All Rights Reserved 17:00 - Doors open / mingling / coffee 17:30 – Welcome 17:40 – Databricks Enterprise Security Databricks secure deployments and security baselines Azure Data Factory and Databricks interaction - with security focus Vacuum of delta tables for GDPR compliance Antonio Abalos Castillo and Marino Grønseth (Avanade) 18:25 – Break – 15 minutes 18:40 - Experiences building an enterprise Data Lakehouse using Azure Databricks Halvar Trøyel Nerbø & Sindre Grindheim (Glitni) 19:25 - Wrap up / mingling Agenda 3
  • 4. Databricks secure deployments and security baselines DOUG, March 2022 Antonio Abalos Castillo, @antonioabalos
  • 5. ©2019 Avanade Inc. All Rights Reserved The perfectly secure deployment is like travelling at light-speed, the more secure we want to be, the more energy it requires. Travelling at light-speed 5
  • 6. ©2019 Avanade Inc. All Rights Reserved Where is data stored? What kind of questions can we expect? 6 Is data protected while in-transit? Is data encrypted at-rest? What region is data stored on? Can data be transferred to another region?
  • 7. ©2019 Avanade Inc. All Rights Reserved 1. Databricks resources deployed to a pre-provisioned VNET 2. Databricks traffic isolated from regular network traffic • Prevent data exfiltration 3. Internal traffic between cluster nodes internal and encrypted 4. Access to Databricks control plane limited and controlled Goals for secure deployments 7
  • 8. ©2019 Avanade Inc. All Rights Reserved Databricks 8
  • 9. ©2019 Avanade Inc. All Rights Reserved Databricks 9 Databricks + Azure User subscription Isolated VNET At-rest encryption Access control Deploy Azure Databricks in your Azure virtual network (VNet injection) Service endpoint / private link
  • 10. ©2019 Avanade Inc. All Rights Reserved Most secure features require Premium (*) • Single sign-on • Role-based access control • Credentials passthrough • VNET injection • Secure cluster connectivity • IP access list • Customer-managed keys for control plane data encryption • Customer-managed keys for DBFS (data plane) data encryption Databricks pricing plan 10 (*) All but SSO require the Premium plan. Enterprise security for Azure Databricks - Azure Databricks 1 VM x 1 DBU x 1 hour Standard kr6,97 Premium kr8,31 (+19%)
  • 11. ©2019 Avanade Inc. All Rights Reserved - Service Endpoints - No extra cost - Private Link - Inbound traffic: kr0,0909/GB - Outbound traffic: kr0,0909/GB Other price considerations 11 Pricing - Azure Private Link | Microsoft Azure Azure virtual network service endpoints | Microsoft Docs
  • 12. ©2019 Avanade Inc. All Rights Reserved Default Azure Databricks deployment - VNET created by Databricks - Resources created in locked resource group - Subnets created and managed by Databricks VNET injection 12 Deploy Azure Databricks in your Azure virtual network (VNet injection) VNET injection - VNET managed by user - Subnets created and managed by the user - Custom DNS settings - Custom route tables - On-premises data connection available (*) You cannot replace the VNet for an existing workspace
  • 13. ©2019 Avanade Inc. All Rights Reserved - Workspace and VNET must reside in the same region - Workspace and VNET must reside in the same subscription - Address space for VNET: between CIDR /16 and /24 (65k and 256 respectively) - Several workspaces can share the same VNET - 2 dedicated subnets exclusive for each workspace: - Public/host subnet - Private/container subnet - 5 IP addresses reserved for Azure in each subnet VNET injection requirements 13
  • 14. ©2019 Avanade Inc. All Rights Reserved VNET injection example 14 VNET Databricks Container/private subnet Host/public subnet Cluster VMs VNET Hub Azure Firewall VNET peering Service connections Credentials passthrough Service Principal TLS inter-node communications Storage Blob ADLS Route tables Key Vault Enterprise App VNET VMs How to Deploy Databricks Clusters in Your Own Custom VNET Deploy Azure Databricks in your Azure virtual network (VNet injection)
  • 15. ©2019 Avanade Inc. All Rights Reserved Service connections 15 Azure virtual network service endpoints Securely Accessing Azure Data Sources from Azure Databricks No additional price Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Traffic from your VNet to the Azure service always remains on the Microsoft Azure network backbone.
  • 16. ©2019 Avanade Inc. All Rights Reserved Data exfiltration protection Private-endpoints 16 Securely Accessing Azure Data Sources from Azure Databricks Pricing - Azure Private Link | Microsoft Azure Extends your private network address space to Azure Data services, i.e. the Azure data service effectively gets a private IP in one of your VNETs and could be treated as part of your larger private network.
  • 17. ©2019 Avanade Inc. All Rights Reserved Secure Cluster Connectivity (No Public-IP) 17 Secure cluster connectivity (No Public IP / NPIP) * You cannot add secure cluster connectivity to an existing workspace * Using Secure Cluster Connectivity with default (managed) VNET creates a NAT gateway, incurring in extra costs
  • 18. ©2019 Avanade Inc. All Rights Reserved Data exfiltration full overview 18 How to protect Data Exfiltration with Azure Databricks to help ensure Cloud Security
  • 19. ©2019 Avanade Inc. All Rights Reserved Other secure characteristics 19
  • 20. ©2019 Avanade Inc. All Rights Reserved Restrict access to Azure Databricks Control Plane by using Conditional Access. Authenticated connections allowed only from pre-defined IP addresses. - Requires Azure AD Premium P1 Azure AD Conditional access 20 What is Conditional Access in Azure Active Directory?
  • 21. ©2019 Avanade Inc. All Rights Reserved Access control • Workspace object access control: folder and notebook access • Cluster access control: access to changing clusters (attach, restart, manage) • Pool access control: changing access to pools (attach, manage) • Jobs access control: job results (view, manage run, owner, manage) • Table access control (premium): table access (deny) • Secret access control: create, view, delete Databricks Access Control 21 Security guide - Azure Databricks | Microsoft Docs
  • 22. ©2019 Avanade Inc. All Rights Reserved DBFS encryption 22 Configure customer-managed keys for DBFS root Key vault in the same region and same Azure Active Directory (Azure AD) tenant as your Azure Databricks workspace. They can be in different subscriptions. Key identifier Encryption Keys can be rotated without re-encrypting storage account content. Databricks workspace needs key permissions in Key Vault to perform wrap and unwrap key operations.
  • 23. ©2019 Avanade Inc. All Rights Reserved 1. Network Security 2. Logging and Monitoring 3. Identity and Access Control 4. Data Protection 5. Vulnerability Management 6. Inventory and Asset Management 7. Secure Configuration 8. Malware Defense 9. Data Recovery 10. Incident Response 11. Penetration Tests and Red Team Exercises Azure Databricks security baseline (34 pages) https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/databricks-security-baseline
  • 24. Vacuum of delta tables for GDPR compliance - Demo DOUG, March 2022 Marino Bråthen Grønseth, LinkedIn
  • 25. ©2019 Avanade Inc. All Rights Reserved We hope to see you next time! The DOUG crew Henrik Brattlie, LinkedIn