How Delta Sharing Supports ABAC Sharing for Providers and Recipients

2026-03-16 · Source: Databricks · Field: Technology & Digital — Data Science & Analytics, Cybersecurity & Data Privacy, Cloud Computing & IT Infrastructure · Depth: Intermediate, quick

Summary

Delta Sharing now supports Attribute-Based Access Control (ABAC) for secure table sharing, allowing data providers to share assets without duplicating tables or policy logic. Recipients can apply their own ABAC policies on shared tables, provided they also apply the necessary governed tags on their side. These recipient-side policies are enforced at query time, enabling local governance and independent business logic. All actions, including policy creation, sharing, and access requests, are logged in Unity Catalog, ensuring traceability for regulatory compliance and internal audits. This capability has already been adopted by customers like Yanolja, a global travel platform, to enhance partner engagement and ensure consistent data usability across regions.

Key takeaway

For Data Engineers or MLOps Engineers managing data sharing, implementing ABAC Table Sharing via Delta Sharing allows you to distribute data securely while empowering recipients to apply their own governance. This approach reduces friction and ensures compliance without compromising control, streamlining data access for diverse consumers across multiple workspaces.

Key insights

ABAC-enabled Delta Sharing allows secure, governed data exchange with independent recipient-side policy enforcement.

Principles

• Decouple data sharing from policy duplication.
• Recipient-side tags enable local policy enforcement.

Method

Data providers build shares via Delta Sharing. Recipients apply their own ABAC policies and corresponding governed tags. Policies are enforced at query time, with all actions logged in Unity Catalog.

In practice

• Share data across regions with dynamic policies.
• Ensure compliance with local governance requirements.

Topics

• ABAC
• Delta Sharing
• Data Governance
• Unity Catalog
• Policy Enforcement

Best for: Data Engineer, MLOps Engineer, AI Security Engineer

Related on AIssential

• Introducing Cross-Engine ABAC — Unity Catalog's cross-engine ABAC centralizes fine-grained data access policy enforcement across diverse data engines via Iceberg REST Catalog APIs.
• The Collaboration Advantage: How Modern Retailers and CPG Brands Win Together — Real-time, secure data collaboration is crucial for mitigating significant financial losses in retail and CPG supply chains.
• NATO governance policies need updating — Effective geospatial intelligence fusion requires updated policies, common standards, and strong allied relationships.
• Your Data Lives Everywhere, and That is the Problem — Data integration is the core task in data engineering due to data scattering across diverse systems.
• The Undo Button for Big Data: An Intro to Delta Lake Time Travel — Delta Lake's transaction log enables data time travel, providing an undo button for big data operations.
• Reclaiming Freedom: Who Holds Veto Over Your Data Stack — Control over tools dictates user freedom; open, adaptable systems with structural guardrails are crucial for data sovereignty.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Databricks.