Shine a light on shadow apps

ConductorOne Docs

๐Ÿ” Databricks integration

ConductorOne provides identity governance and just-in-time provisioning for Databricks. Integrate your Databricks instance with ConductorOne to run user access reviews (UARs) and enable just-in-time access requests.

Availability

๐Ÿ” Early access. The Databricks integration is currently in early access as we gather more feedback from users. Reach out to support@conductorone.com to add Databricks to your Integrations page.

Capabilities

  • Sync user identities from Databricks to ConductorOne

  • Resources supported:

    • Accounts
    • Groups
    • Roles
    • Service principals
    • Workspaces

  • Provisioning supported:

    • Accounts
    • Groups
    • Roles
    • Service principals
    • Workspaces

Set up the Databricks integration in ConductorOne

This task requires either the Integration Administrator or Super Administrator role in ConductorOne.

  1. In ConductorOne, open Admin and click Integrations > Databricks.

  2. If this is your first Databricks integration, the integration form opens automatically. Otherwise, click Add connector.

  3. Choose whether to add the new Databricks connector as a data source to an existing application (and select the app of your choice) or to create a new application.

    Do you SSO into Databricks using your identity provider (IdP)? If so, make sure to add the connector to the Databricks app that was created automatically when you integrated your IdP with ConductorOne, rather than creating a new app.

  1. Set the integration owner for this connector. You can manage the integration yourself, or choose someone else. Setting multiple integration owners is allowed.

    A Databricks integration owner must have the following permissions:

    • Integration Administrator or Super Administrator role in ConductorOne
    • Account admin role in Databricks
  1. Click Create and add details.

Next steps

  • If you are the integration owner, proceed to Integrate your Databricks instance.

  • If someone else is the integration owner, ConductorOne will notify them by email that their help is needed to complete the integration.

Integrate your Databricks instance

A user with the Integration Administrator or Super Administrator role in ConductorOne and the Account admin role in Databricks must perform this task.

Step 1: Look up your Databricks account ID

  1. Ensure that your Databricks user account has the Account admin role and is assigned to each Databricks workspace you want to sync to ConductorOne.

  2. In the Databricks account console, open the menu that appears next to your username in the upper right corner.

  3. Carefully and copy and save account ID. We’ll use it in Step 2.

Step 2: Add your Databricks credentials to ConductorOne

  1. In ConductorOne, open Admin and click Integrations > Databricks.

  2. In the list of connectors, locate and click on the name of the connector with the Not connected label.

  3. Find the Settings area of the page and click Edit.

  4. Paste the account ID you looked up in Step 1 into the Account ID field.

  5. Enter your Databricks account credentials into the Username and Password fields.

  6. Click Save.

  7. The connector’s label changes to Syncing, followed by Connected. View the logs to ensure that information is syncing.

That’s it! Your Databricks instance is now integrated with ConductorOne.