What is Unity Catalog?
Unity Catalog is a centralized governance layer for data and AI assets:
* Manages access control across workspaces
* Provides data lineage
* Enables fine-grained security (row/column level)
π It replaces the legacy Hive Metastore with enterprise-grade governance.
What is the object hierarchy in Unity Catalog?
Catalog β Schema β Table/View
Example:
catalog = finance
schema = transactions
table = payments
π This structure supports multi-tenant environments.
What are the key differences between Unity Catalog and Hive Metastore?
Unity Catalog:
Centralized across workspaces
Fine-grained access control
Built-in lineage
Hive Metastore:
Workspace-level
Limited governance
No native lineage
π Unity Catalog is designed for enterprise governance at scale.
What types of access control does Unity Catalog support?
Table-level
Column-level
Row-level filtering
π Enables:
Data masking
Compliance (PII protection)
How does row-level security work in Unity Catalog?
- Applies filters based on user identity
- Users see only permitted rows
π Example:
Sales manager sees only their region
How is column-level security implemented?
- Mask or restrict access to specific columns
π Example: - Hide
salaryorSSNfor non-authorized users
What is data lineage and why is it important?
Tracks:
* Data origin
* Transformations
* Downstream dependencies
π Helps with:
* Debugging
* Impact analysis
* Compliance audits
What is an external location in Unity Catalog?
- A secured reference to cloud storage (e.g., ADLS, S3)
π Controls access to: - Files
- Tables stored outside managed storage
What are storage credentials in Unity Catalog?
- Secure authentication mechanism to access cloud storage
π Separates: - Access control from compute
- Credentials from code
What is the difference between managed and external tables?
- Managed: Databricks controls data + metadata
- External: Data stored outside, only metadata managed π Managed = easier π External = more control
How does Unity Catalog enable data sharing?
- Secure sharing across workspaces or organizations
- No need to duplicate data π Often uses Delta Sharing.
What is the principle of least privilege and why is it important?
- Users get only the access they need π Reduces:
- Security risks
- Accidental data exposure
How is RBAC implemented in Unity Catalog?
- Assign permissions to roles/groups
- Grant roles to users π Easier to manage than user-level permissions.
What is data masking and when should it be used?
- Obscures sensitive data
π Example: - Show only last 4 digits of credit card Used for: * Compliance (GDPR, HIPAA)
How does Unity Catalog handle multiple workspaces?
- Central governance across all workspaces
π Ensures: - Consistent policies
- No duplication of rules
Why is auditing important in data governance?
- Tracks who accessed what data and when π Required for:
- Compliance
- Security monitoring
Why is defining data ownership important?
- Ensures accountability
- Improves data quality
- Clarifies responsibility
π Each dataset should have a clear owner.
What is the tradeoff between governance and flexibility?
- Strong governance β secure but restrictive
- High flexibility β agile but risky
π Balance is key in enterprise environments.
How would you secure PII data in Databricks?
- Use column-level masking
- Apply row-level filters
- Restrict access via RBAC
π Combine multiple controls for strong security.
Why is it important to understand data access patterns?
- Helps define permissions
- Improves performance
- Avoids overexposure
π Governance should align with usage.
How do you enforce governance in data pipelines?
- Apply permissions at table level
- Validate data quality
- Track lineage
π Governance is not just access controlβitβs end-to-end.
What are common mistakes in data governance?
- Over-permissioning users
- No data ownership
- Ignoring lineage
- Poor documentation
π Leads to βdata chaosβ.
How does Unity Catalog integrate with Delta Lake?
- Delta provides data reliability
- Unity Catalog provides governance
π Together: - Reliable + secure data platform
How would you handle a request for sensitive data access?
- Validate business need
- Apply least privilege
- Grant temporary or scoped access
π Always audit and monitor usage.
-
Databricks Interview Prep-Architecture & Fundamentals18
-
Databricks Interview prep - Delta Lake Deep Dive24
-
Databricks Interview prep - Spark & Performance Optimization24
-
Databricks Interview Prep - streaming & Pipeline Design25
-
Databricks Interview prep - Unity Catalog & Governance25
-
Databricks Interview Prep - Scenarios-based questions25
-
Databricks Interview Prep - Miscelaneous50
