Azure Admin Console Essentials for Cloud Administrators and Developers

Azure Admin Console is the central hub for managing and monitoring Azure resources. It provides a unified view of all your Azure subscriptions, resources, and services.

To get started with Azure Admin Console, you'll need to sign in with your Azure account credentials. This will give you access to the Azure portal, where you can manage your resources, configure settings, and troubleshoot issues.

The Azure Admin Console offers a range of features, including resource grouping, which allows you to organize your resources into logical groups. This makes it easier to manage and monitor your resources.

To set up Windows Admin Center, you'll need to meet some specific requirements.

You need to have either Owner or Contributor rights within Azure to install the Windows Admin Center extension on your Azure VM.

To connect to Windows Admin Center, you'll need Reader or Windows Admin Center Administrator Login rights at the virtual machine level.

Your Azure VM must reside in an Azure public cloud region, excluding Azure China, Azure Government, or other non-public clouds.

Here are the specific Azure VM configuration requirements:

To establish your first account admin, you'll need to involve someone with the Microsoft Entra ID Global Administrator role, as they have the necessary permissions to assign the role.

You can access the account console at https://accounts.azuredatabricks.net or by clicking the workspace selector at the top of the workspace UI and selecting Manage account.

The account console is where account admins manage their Azure Databricks account, and you can remove the Global Administrator from the Azure Databricks account once another user has the account admin role.

To access the account console of a different tenant, access the account console from within a workspace in your preferred tenant.

Here are the steps to assign the account admin role to another user:

Managing identities is a crucial aspect of managing your Azure account. You should sync your identity provider with Azure Databricks if applicable.

To do this, you'll need to follow the instructions in the Sync users and groups from Microsoft Entra ID section. This will ensure that your identities are properly managed and synced across your Azure account.

If you've enabled Unity Catalog for at least one workspace in your account, you'll need to manage identities in the account console. This means granting permissions and assigning workspaces to identities. You can find more information on this in the Manage users and groups section.

Here's a step-by-step guide to managing identities in your workspace:

It's worth noting that Databricks Academy has a free course on Identity Administration that you can take to learn more about managing identities in Azure Databricks. To access the course, you'll need to register for Databricks Academy first.

To configure Azure Active Directory, you'll need to add Canvas from the gallery to your list of managed SaaS apps. This will allow you to integrate Canvas with Azure AD and manage identities more effectively.

Here's a list of steps to configure Azure Active Directory:

Once you've added Canvas to your list of managed SaaS apps, you'll need to configure the integration with Azure AD. This involves adding your Canvas domains and configuring the Single Sign-On with SAML settings.

To do this, follow these steps:

By following these steps, you'll be able to configure Azure Active Directory and manage identities more effectively in your Azure account.

Enabling Unity Catalog is a crucial step in managing your Azure Databricks account. This feature allows you to manage metadata and permissions across your workspace.

If your account was created after November 9, 2023, your workspaces might have Unity Catalog enabled by default.

To enable Unity Catalog, you'll need an account admin to create a Unity Catalog metastore. This can only be done by an account admin.

You can learn more about the automatic enablement of Unity Catalog in the documentation.

To summarize, Unity Catalog can only be enabled by an account admin, and it's a key feature for managing metadata and permissions.

Here are some key points to keep in mind:

Accounts are essentially containers that hold your Azure resources, such as virtual machines, storage, and databases.

You can have multiple accounts, each with its own set of resources and subscriptions.

Each account is identified by a unique ID, known as the tenant ID.

Azure Active Directory (AAD) is used to manage identities and access to these accounts.

AAD allows you to assign roles and permissions to users, giving them the right level of access to your resources.

You can also use AAD to enable multi-factor authentication, adding an extra layer of security to your accounts.

Monitoring your Azure account is crucial to ensure everything is running smoothly. System tables are an Azure Databricks-hosted analytical store of your account's operational data found in the system catalog.

Account admins can enable system tables to access audit logs, billable usage logs, lineage data, and more. This provides a comprehensive view of your account's activity.