π‘οΈ Azure Databricks Unity Catalog is not configuredπ’βͺ
- Contextual name: π‘οΈ Databricks Unity Catalog is not configuredπ’βͺ
- ID:
/ce/ca/azure/databricks/unity-catalog - Tags:
- βͺ Impossible policy
- π’ Policy with categories
- π’ Policy with type
- Policy Type:
COMPLIANCE_POLICY - Policy Categories:
SECURITY
Descriptionβ
Descriptionβ
Unity Catalog is a centralized governance model for managing and securing data in Azure Databricks. It provides fine-grained access control to databases, tables, and views using Microsoft Entra ID identities. Unity Catalog also enhances data lineage, audit logging, and compliance monitoring, making it a critical component for security and governance.
Rationaleβ
- Enforces centralized access control policies and reduces data security risks.
- Enables identity-based authentication via Microsoft Entra ID.
- Improves compliance with industry regulations (e.g. GDPR, HIPAA, SOC 2) by providing audit logs and access visibility.
- Prevents unauthorized data access through table-, row-, and column-level security (RLS & CLS).
Impactβ
- Improperly configured permissions may lead to data exfiltration or unauthorized access.
- Unity Catalog requires structured governance policies to be effective and prevent overly permissive access.
Auditβ
Method 1: Verify unity catalog deployment:
- As an Azure Databricks account admin, log into the account console.
... see more
Remediationβ
Remediationβ
Use the remediation procedure written in this article: https://learn.microsoft.com/en-us/azure/databricks/data-governance/unity-catalog/get-started.
policy.yamlβ
Linked Framework Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| πΌ CIS Azure v4.0.0 β πΌ 3.1.5 Ensure that Unity Catalog is configured for Azure Databricks (Manual) | 1 | no data | |||
| πΌ Cloudaware Framework β πΌ Data Protection and Recovery | 16 | no data |