...
(3) Select Access control (IAM)
...
(4) Add Role Assignment
...
Depending on your configuration, you can either add a Custom Role or a generic Default Reader Role
Lakehouse Optimizer requires only read permission to list Databricks Workspaces. Therefore, in order to limit the rights only to this permission, create a custom role named BplmDatabricksReader
(for example).
For example, BplmDatabricksReader
is a custom role configured to provide only “List workspaces” rights for Databricks, while Reader
role is a prebuilt role to provide read-only rights.. The prebuilt Reader
role provide access to too many resources which are not required by LHO to function properly.
For how to create this custom role, please see How to create a custom Role in Azure for LHO to use
(5) Select Role BplmDatabricksReader
...