As organizations share more data across teams, workspaces, and cloud boundaries, governance teams face increasing pressure to keep access consistent and compliant. But once data moves between environments, many native controls fall out of alignment, resulting in gaps in policy enforcement, duplicated configurations, and incomplete audit trails. With Delta Sharing becoming a core pattern inside Databricks, enterprises need a unified way to govern shared data with the same precision they apply everywhere else. That’s why we’re expanding Immuta’s Databricks support to bring subscription policies directly to Delta Share objects.
This update brings shared Databricks data into the same consistent access framework customers already rely on across Immuta.
One of Immuta’s core pillars is enabling organizations to connect to any data, anywhere, and to control that data through a single, consistent governance plane. As customers scale across different compute platforms, we continue to mature every existing connector so that access controls, provisioning, and audit behaviors remain predictable across all data environments.
This month, we’re extending that strategy with new support for subscription policies on Databricks Delta Share objects. Many teams use Delta Sharing to distribute tables and other assets across Databricks workspaces or cloud environments. Previously, once those objects landed in a recipient workspace, Immuta could not apply subscription policies to them, even when both the producer and recipient environments belonged to the same organization.
Now, when a Delta Share is received into a Databricks environment connected to Immuta, administrators can govern those shared objects using the same subscription policies applied to native Databricks tables. This enhancement deepens our partnership with Databricks and provides a more secure, consistent, and scalable way to provision access through either reusable policies or controlled access requests.
Consider a financial institution with two Databricks accounts, Analytics and Risk, both governed by Immuta. The Analytics team produces curated datasets and shares a set of tables with the Risk workspace using Databricks Delta Sharing. In the Risk environment, these appear in a catalog such as:
shared_analytics
├── customer_profile_clean
├── monthly_transactions
└── fraud_labels_training
With this update, Immuta automatically discovers these received Delta Share objects and treats them like any other governable data source. Administrators can apply subscription policies directly to these shared tables.
For example, a Risk data steward might create a policy such as: allow access if the user is in the Risk-Modeling group and has completed compliance training.
Immuta translates this into Databricks-native privileges and enforces it consistently. Eligible analysts can query:
SELECT * FROM shared_analytics.monthly_transactions
WHERE transaction_amount > 10000;Others are either denied or prompted to submit an access request, depending on how the subscription is configured. This ensures least-privilege access across both the producer and recipient environments and brings Delta Sharing governance into alignment with all other platforms managed through Immuta.
The following table summarizes the subscription, data policy, and marketplace support Immuta provides across Databricks object types, including Delta Shares.
| Object Type | Subscription Policy Support | Data Policy Support | Marketplace Support |
|---|---|---|---|
| Table | Yes | Yes | Yes |
| View | Yes | No | Yes |
| Materialized view | Yes | Yes | Yes |
| Streaming table | Yes | Yes | Yes |
| External table | Yes | Yes | Yes |
| Foreign table | Yes | Yes | Yes |
| Volumes (external and managed) | Yes | No | Yes |
| Models | Yes | No | Yes |
| Functions | Yes | No | Yes |
| Data Shares | Yes | No | Yes |
As organizations increasingly use Delta Sharing to move data across Databricks Accounts, business units, or cloud boundaries, governance can quickly become fragmented. Shared data often falls outside the primary control plane, leading to inconsistent access rules, duplicated configurations, and incomplete audit trails. These gaps increase operational overhead and introduce risk, especially for regulated or sensitive datasets.
With subscription policy support for Delta Share objects, Immuta ensures that shared data is governed with the same policies, logic, and workflows as every other dataset under management. Administrators gain a single place to define and enforce access rules, even as data flows across environments.
Producers can share confidently, consumers gain clearer and faster access paths, and governance teams maintain complete visibility into how shared data is used.
Looking ahead, we plan to continue strengthening our partnership with Databricks by expanding into additional capabilities that bring even deeper control to shared data. A key priority will be enabling ABAC policy controls on Delta Share objects themselves, further unifying governance across all Databricks data access paths and reducing friction for enterprise-scale collaboration.
Take a closer look at all of our data provisioning updates.
