/
Working with Databricks SQL Warehouse on Azure

Working with Databricks SQL Warehouse on Azure

This section details how to configure and use a Databricks SQL Warehouse connection on Azure in Kyvos to access data, create datasets, and process semantic models using Databricks as the SQL engine with No-Spark.

Prerequisites for creating Azure SQL Warehouse Connection

Before creating an Azure SQL Warehouse connection without Spark, complete the following prerequisites.

  1. Unity Catalog must be enabled on your Databricks cluster.

  2. In Unity Catalog, create storage credentials and an external location with appropriate access permissions for both the source and destination locations. You must have permission to create storage credentials and external locations.

  3. To create storage credentials, first, create an access connector for Azure Databricks. Assign that access connector while creating storage credentials.

  4. Grant the managed identity access to the storage account. You must have the Owner or User Access Administrator Azure RBAC role to grant permission to access your storage account.

    1. Log in to your Azure Data Lake Storage Gen2 account.

    2. Go to Access Control (IAM), click + Add, and select Add role assignment.

    3. Select the Storage Blob Data Contributor role and click Next.

    4. Under Assign access, select a Managed identity.

    5. Click +Select Members, and select Access connector for Azure Databricks or User-assigned managed identity.

    6. Search for your connector name or user-assigned identity, select it, and click Review and Assign.

  5. Fetch the ABFSS path till the parent directory of your respective storage account.

  6. On the Unity Catalog page, go to external locations and create a new external location by providing an external location name, newly created Storage credential, and fetched ABFSS URL. The URL format should be in abfss://my-container-name@my-storage-account.dfs.core.windows.net/<path>

  7. Test the newly created external location by clicking the 'Test connection' button. This will validate the connection with the external location path. Through the permissions tab, assign your user the CREATE EXTERNAL TABLE and WRITE FILESrole.

  8. Go to semantic model Advanced Properties, and add the following properties:

    1. temp catalog name for create parquet table = kyvos.sqlwarehouse.catalog

    2. temp database name for create parquet table = kyvos.sqlwarehouse.tempdb

  9. You must have 'create table and Use schema' permissions on the temp catalog.

Prerequisites for OAuth Connection

To create Databricks SQL Warehouse connection with OAuth, you need to complete the following prerequisites.

  1. Logged-in user in Databricks Workspace must have Admin access to perform the below steps.

  2. Create a Service Principal

    1. Go to the Databricks Workspace User Profile, click Settings, then Identity and access. Under Service Principal [Manage], click Add Service Principal, and note generated Application ID or Client ID; this will be OAuth2ClientId.

    2. Generate a secret for this Service Principal and note it down as it is OAuth2Secret.

  3. Navigate to the Databricks SQL Warehouse, select the SQL Warehouse, click on permissions tab and add the service principal with the permission “CAN MANAGE“

  4. Update the JDBC URL for OAuth. For example, if the JDBC URL is:

jdbc:databricks://adb-650081446221384.4.azuredatabricks.net:443/default;transportMode=http;ssl=1;httpPath=sql/protocolv1/o/650081446221384/0809-080132-671a9aak;AuthMech=3;UID=token;PWD=<personal-access-token>

Change the URL as follows (change AuthMech=11 and add Auth_Flow=1 to the parameters):

jdbc:databricks://adb-650081446221384.4.azuredatabricks.net:443/default;transportMode=http;ssl=1;AuthMech=11;httpPath=sql/protocolv1/o/650081446221384/0809-080132-671a9aak;Auth_Flow=1

  1. Grant Permission to process semantic model using the above connection: To process semantic models using the above connection, grant permission on the external location (create an external location if it does not already exist for the storage account being used in your environment, such as "dev_testing"). For this service principal:

    • Click Catalog.

    • Click the Settings icon.

    • Click the Storage Location Name.

    • Create external table and write files access

  2. Add the following properties to semantic model Advanced Properties:

    • kyvos.sqlwarehouse.catalog = <catalog name for temporary tables created while cubes building>

    • kyvos.sqlwarehouse.tempdb = <temporary database for temporary tables created while cubes building>

For more detail about Authentication settings for the Databricks JDBC Driver, refer to AWS documentation.

Creating Azure SQL Warehouse connection with no-Spark

To create Azure SQL Warehouse connection for processing semantic models without Spark, perform the following steps.

  1. From the Toolbox, click Connections.

  2. From the Actions menu (  ) click Add Connection.

  3. Enter the following details: 

Parameter/Field

Comments/Description

Name

Enter a unique name for the connection.

Category

Select the Warehouse option.  There may be more than one warehouse connection.

Provider

Select DATABRICKSSQL from the list.

Driver class

This field will be auto selected. The Driver class (com.databricks.client.jdbc.Driver ) is required to connect to the Azure SQL DB.

URL

In the URL field, enter the Databricks SQL Warehouse JDBC URL.

For more information, see Microsoft documentation.

Authentication Type

Select Personal Access Token or OAuth.

If the OAuth option is selected, the Client ID and Client Secret fields are displayed.

  1. In the Client ID field, enter the value of the service principal’s Application ID, Client ID, or OAuth2ClientId.

  2. In the Client Secret field, enter the value of the secret created for the above service principal or the OAuth2ClientId.

User Name

Enter the text token for username.

Password

Enter Databricks SQL Personal Access Token’s value for the Databricks SQL workspace

Use as Source

This checkbox is auto selected. Enter Spark Read Method as JDBC

Is default SQL Engine

By default, the checkbox is selected as this connection can only be used to read data (creating datasets) on which the semantic model will be created. 

Catalog Enabled

Select this checkbox to list different catalog created in the workspace.

Properties

Click Properties to view or set properties.

NOTE: Kyvos supports defining SQL Warehouse properties (kyvos.sqlwarehouse.catalog and kyvos.sqlwarehouse.tempdb) at the connection level. This enhancement enables properties to be configured once at the connection level and automatically applied to all semantic models that use the same connection. If the properties are applied at both the connection and semantic model levels, the semantic model configuration takes precedence.

Copyright Kyvos, Inc. 2025. All rights reserved.