Work with Azure Databricks clean rooms as an invited collaborator
Important
This feature is in Public Preview.
This article describes how to join and work in a Azure Databricks clean room as an invited collaborator.
Databricks Clean Rooms provides a secure and privacy-protecting environment where multiple parties can work together on sensitive enterprise data without direct access to each other’s data. For more information, see What is Azure Databricks Clean Rooms?.
When another collaborator creates a clean room so that you can work with them on a shared data project, there are two tasks that someone in your organization must perform:
- Find and send the clean room creator your Clean Room sharing identifier.
- When the clean room appears in your Unity Catalog metastore, grant users in your organization access to it.
This article describes those tasks, along with instructions for managing and working in a clean room.
Find your sharing identifier
When a collaborator creates a clean room that they want to share with you, they will request your Clean Room sharing identifier. The sharing identifier is a string that consists of your global metastore ID + your workspace ID + your username (email address).
Permissions required: To get the sharing identifier, you must have the BROWSE
privilege on your metastore, have any privilege on any clean room, have the CREATE CLEAN ROOM
privilege, or be a metastore admin.
To get the sharing identifier:
In your Azure Databricks workspace, click Catalog.
On the Quick access page, click the Clean Rooms > button.
Alternatively, click the gear icon at the top of the Catalog pane and select Clean Rooms.
On the Clean Rooms page, click your organization name in the upper right and select Copy Clean Room sharing identifier from the menu.
Send the sharing identifier to the clean room creator.
View, edit, grant access to, monitor, and delete a clean room
To learn how to view, edit, grant access to, monitor audit logs for, and delete a clean room, see Manage clean rooms.
Add data assets and notebooks to a clean room that was shared with you
To learn how to add tables, volumes, and notebooks to a clean room, see Step 3. Add data assets and notebooks to the clean room. The process is the same, whether you are the clean room creator or an invited collaborator.
Run notebooks in a clean room
To learn how to run notebooks in a clean room, see Run notebooks in clean rooms. You can run notebooks that were added to the clean room by the other collaborators, but you cannot run notebooks that you add to the clean room yourself.
Read output tables in a clean room
Output tables are temporary read-only tables generated by a notebook run and shared to the notebook runner’s Unity Catalog metastore. If the notebook creates output tables, you can read those tables in your Azure Databricks workspace, subject to the usual Unity Catalog privilege grants, and incorporate them into workflows. See Create and work with output tables in Databricks Clean Rooms.