Azure Databricks Setup

Databricks workspace setup for Azure users.

Some companies require different cloud devops teams to be involved with this step for security reasons. Please contact for any assistance.

This doc shows you how to register an app in Microsoft Entra. After you complete the steps below, you will have the Subscription Id, Client Id, Tenant Id, and Client Secret that you need to create an Azure Databricks Workspace integration in Gradient.

Step 1: Register an Application

In order to grant Gradient permissions to collection the data needed to generate a recommendation, you can to register an app using Microsoft Entra.

Step 2: Register a New App for Gradient

Entra, the Microsoft identity platform, performs identity and access management (IAM) only for registered applications. The next few steps will walk you through registering Gradient in order to grant and read access to Azure Databricks resources.

Name the app and choose the appropriate account type. (For most organizations, this is set to single tenant for the current directory)

Write down or save the values for Client ID and Tenant ID.

You will need to provide Gradient with the following values in Step 5

  • Tenant ID

  • Client ID

  • Client secret

  • Subscription ID

Step 3: Add a Client Secret to the New App

A client secret is an authentication technique that uses a string value in the Azure application instead of a certificate for identity. Gradient will use this secret to retrieve cluster information needed to make a recommendation.

To create a secret click on Certificates & Secrets > + New Client Secret

Record the value of the secret as it is required by the log submission process.

Step 4: Grant the Gradient App Permissions

The app requires read access to the subscription. The easiest way to provide access is to assign the Reader role to the app. You can refer to the full documentation here.

From your Subscription settings, click on the Access control (IAM) link on the side tab. From here, add a new role assignment.

You can find the Reader role by searching or scrolling through your list of roles. Once you find it, click on the role.

From the members tab, add the app you created in that last section by clicking the + select members link and searching for your app by name.

Complete the assignment by verifying your settings and clicking the Review + assign button

Step 5: Add Entra App Client details into Gradient

Gradient requires four pieces of information for access:

  • Subscription ID - This can be copied from the Subscriptions service in the Azure console.

  • Tenant ID - This can be copied from the Active Directory overview page in the Azure console.

  • Client ID - The ID of the Active Directory principle with which the library should authenticate. This can be copied from the Active Directory “App registrations” page in the Azure console.

  • Client secret - This can be generated from the “Certificates & secrets” page for the app.

Once entered, click on "Save & Test Access" to proceed in the Gradient UI.

Access check test - A series of access checks will occur to verify the permissions have been properly set up. If all checks are passed with green checks, you may proceed to the next section. If there are any red checks, please verify the installation is correct. Please email if there are any issues or questions.

Final Step

Click on the link below to proceed to the webhook setup.

pageWebhook Setup

Last updated