• how to run the script to grant rights

• script is run recurrently to automatically add rights to new assets (workflows, clusters etc)

python_provising.py → grants permissions to the service principal used by LHM based on user input

• script requires admin Databricks account with which permissions can be granted

...

The service principal used by LHO requires permissions to be granted to it in order to access Databricks Workspaces and those assets managed by workspaces. These access rights can be granted via the python_provisiong.py script which requires an admin Databricks account in order to grant permisions.

If new assets (workflows, notebooks, clusters) are added in a workspace, then the LHO service principal need to be granted permission to those assets as well. This can be done automatically by adding the previous as script as an AWS Canary that runs recurrently every 15 min.

How to create the AWS Canary

Step 1. Create a python virtualenv
On your local machine create a virtual env in order to prepare the canary archive.

...