{"id":427,"date":"2025-08-11T15:16:50","date_gmt":"2025-08-11T15:16:50","guid":{"rendered":"https:\/\/dataopsschool.com\/blog\/?p=427"},"modified":"2025-08-11T15:24:57","modified_gmt":"2025-08-11T15:24:57","slug":"databricks-set-up-metastore-map-azure-storage-account-with-access-connector-enable-unity-catalog","status":"publish","type":"post","link":"https:\/\/dataopsschool.com\/blog\/databricks-set-up-metastore-map-azure-storage-account-with-access-connector-enable-unity-catalog\/","title":{"rendered":"Databricks: Set Up Metastore & Map Azure Storage Account with Access Connector, Enable Unity Catalog"},"content":{"rendered":"\n

<\/p>\n\n\n\n

<\/h2>\n\n\n\n

This guide walks you through setting up a Unity Catalog metastore in Azure Databricks, connecting it securely to an Azure storage account using the Access Connector, validating the setup, and enabling Unity Catalog for your Databricks workspace.<\/p>\n\n\n\n

\n\n\n\n

Step 1: Create a Storage Account and Container for Metastore<\/strong><\/h2>\n\n\n\n
    \n
  1. Navigate to Azure Portal<\/strong> and create an Azure Data Lake Storage Gen2 account (must be in the same region as your Databricks workspace).<\/li>\n\n\n\n
  2. Add a container<\/strong> for metastore-level storage. For example: mycontainer<\/code> in mydatalakestorage<\/code>.<\/li>\n\n\n\n
  3. Note down the ADLS Gen2 URI:<\/strong> textabfss:\/\/mycontainer@mydatalakestorage.dfs.core.windows.net\/unity-metastore<\/code> This will be the root path for managed tables and volumes.<\/li>\n<\/ol>\n\n\n\n
    \n\n\n\n

    Step 2: Create Access Connector (Managed Identity) for Azure Databricks<\/strong><\/h2>\n\n\n\n
      \n
    1. In Azure Portal:<\/strong>\n
        \n
      • Click \u201cCreate a resource\u201d \u2192 Search for \u201cAccess Connector for Azure Databricks\u201d.<\/li>\n\n\n\n
      • Click Create<\/strong>.<\/li>\n\n\n\n
      • Choose Subscription<\/strong>, Resource Group<\/strong>, Region<\/strong>, and enter a connector name (e.g., unity-access-connector<\/code>).<\/li>\n\n\n\n
      • On the Managed Identity tab, select System-assigned managed identity<\/strong> (recommended).<\/li>\n\n\n\n
      • Click Review + Create<\/strong>.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
      • Grant Storage Access:<\/strong>\n
          \n
        • Assign the managed identity Storage Blob Data Contributor<\/strong> or higher role on the storage account or precise container.<\/li>\n\n\n\n
        • This enables Databricks to write\/read data.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
        • Note the resource ID:<\/strong> text\/subscriptions\/<sub_id>\/resourceGroups\/<rg>\/providers\/Microsoft.Databricks\/accessConnectors\/<name><\/code><\/li>\n<\/ol>\n\n\n\n
          \"\"<\/figure>\n\n\n\n
          \"\"<\/figure>\n\n\n\n
          \n\n\n\n

          Step 3: Create the Metastore in Databricks and Link Storage<\/strong><\/h2>\n\n\n\n
            \n
          1. Log in to the Databricks Account Console<\/strong> (), as Account Admin.<\/li>\n\n\n\n
          2. Go to Catalog<\/strong>.<\/li>\n\n\n\n
          3. Click \u201cCreate Metastore.\u201d<\/strong><\/li>\n\n\n\n
          4. Fill the form:<\/strong>\n
              \n
            • Name for the metastore<\/li>\n\n\n\n
            • Region (match storage, workspace)<\/li>\n\n\n\n
            • ADLS Gen2 path:<\/strong> mycontainer@mydatalakestorage.dfs.core.windows.net\/unity-metastore<\/code><\/li>\n\n\n\n
            • Access Connector ID:<\/strong> Paste the resource ID from previous step<\/li>\n<\/ul>\n<\/li>\n\n\n\n
            • Click \u201cCreate.\u201d<\/strong><\/li>\n<\/ol>\n\n\n\n
              \"\"<\/figure>\n\n\n\n
              \n\n\n\n

              Step 4: Link Workspaces to the Metastore & Enable Unity Catalog<\/strong><\/h2>\n\n\n\n
                \n
              1. After metastore creation<\/strong>, select workspaces to assign to the metastore.\n
                  \n
                • Alternatively, return to Account Console \u2192 Catalog \u2192 Metastore \u2192 Workspaces tab \u2192 \u201cAssign to workspace\u201d.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                • Confirm assignment:<\/strong> The workspace is Unity Catalog enabled.<\/li>\n<\/ol>\n\n\n\n
                  \n\n\n\n

                  Step 5: Validation Steps<\/strong><\/h2>\n\n\n\n
                    \n
                  • Workspace Validation:<\/strong>\n
                      \n
                    • In Databricks Workspace UI, navigate to Data<\/strong>. Confirm you see Unity Catalog concepts (Catalogs, Schemas).<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                    • Storage Validation:<\/strong>\n
                        \n
                      • Access data via Unity Catalog and verify files\/folders are created in the designated ADLS Gen2 storage account\/container.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                      • Security Validation:<\/strong>\n
                          \n
                        • Ensure data access controls and audits appear in the Catalog Explorer.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                        • Metastore Validation:<\/strong>\n
                            \n
                          • Run a simple create table command in Databricks and check physical storage and permission enforcement.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n
                            \n\n\n\n

                            Step 6: Setup Unity Catalog Objects<\/strong><\/h2>\n\n\n\n
                              \n
                            1. Create Catalogs, Schemas, and Tables<\/strong> using SQL in the workspace: sqlCREATE CATALOG my_catalog; CREATE SCHEMA my_catalog.my_schema; CREATE TABLE my_catalog.my_schema.my_table (id INT, name STRING);<\/code>\n
                                \n
                              • Data will be stored in the mapped container, managed by Unity Catalog.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                              • Create External Locations if needed:<\/strong>\n
                                  \n
                                • For additional storage, register external locations for external tables.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n
                                  \n\n\n\n

                                  Key Notes & Troubleshooting<\/strong><\/h2>\n\n\n\n
                                    \n
                                  • Global Admin permissions<\/strong> may be required for setup; SCIM connector recommended for user\/group sync.<\/li>\n\n\n\n
                                  • You must co-locate storage, connector, metastore, and workspaces in the same region.<\/li>\n\n\n\n
                                  • Managed identities via Access Connector are preferred over service principals for security and simplicity.<\/li>\n<\/ul>\n\n\n\n
                                    \n\n\n\n

                                    By following these steps, you will secure, govern, and validate storage and workspace integration with Unity Catalog in Azure Databricks, ready for enterprise-scale Lakehouse governance.<\/p>\n\n\n\n

                                    <\/p>\n\n\n\n

                                    <\/p>\n","protected":false},"excerpt":{"rendered":"

                                    This guide walks you through setting up a Unity Catalog metastore in Azure Databricks, connecting it securely to an Azure storage account using the Access Connector, validating… <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-427","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/427","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=427"}],"version-history":[{"count":3,"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/427\/revisions"}],"predecessor-version":[{"id":434,"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/427\/revisions\/434"}],"wp:attachment":[{"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=427"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=427"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dataopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=427"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}