Manage Secrets in Azure Databricks Using Azure Key Vault

In the previous blog "Securely Manage Secrets in Azure Databricks using Databricks-Backed", we looked at how to secure credentials that can be used by many users connecting to many different data sources.  In this blog we will look at how we can secure secrets with Azure Databricks using Azure Key Vault-backed scoped secrets.

To manage credentials Azure Databricks offers Secret Management. Secret Management allows users to share credentials in a secure mechanism. Currently Azure Databricks offers two types of Secret Scopes:

• Azure Key Vault-backed: To reference secrets stored in an Azure Key Vault, you can create a secret scope backed by Azure Key Vault. Azure Key Vault-backed secrets are only supported for Azure Databricks Premium Plan.
• Databricks-backed: A Databricks-backed scope is stored in (backed by) an Azure Databricks database. You create a Databricks-backed secret scope using the Databricks CLI (version 0.7.1 and above).

To learn more about Azure Key Vault-backed please check out my article here.