Answer-first summary for fast verification
Answer: All the above are able to use the secrets in the secret scope
Correct answer: All the above are able to use the secrets in the secret scope. Workspace administrators have MANAGE permissions to all secret scopes in the workspace. Secret creators and users granted specific access permissions (MANAGE, WRITE, READ) can also use Databricks secrets. Each permission level is a subset of the previous level’s permissions, meaning a principal with WRITE permission can perform all actions that require READ permission. Reference: [Databricks Secrets](https://docs.databricks.com/security/secrets/index.html) and [Secret ACLs](https://docs.databricks.com/security/auth-authz/access-control/secret-acl.html#permission-levels).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In a production workspace, the data engineering team has a secret scope named 'prod-scope' containing sensitive secrets. A data engineer is documenting security and compliance and needs to clarify which roles can access these secrets. Who is authorized to use the secrets in 'prod-scope'?
A
Secret creators
B
Users with READ permission on the secret scope
C
Workspace Administrators
D
Users with MANAGE permission on the secret scope
E
All the above are able to use the secrets in the secret scope
No comments yet.