Problem
You want to restrict workspace users from accessing specific data. For example, you have sensitive data that you do not want everyone to be able to access or modify.
Cause
The DBFS root is accessible to all users and does not support access control. You should not save sensitive data on DBFS.
For more information, review the Recommendations for working with DBFS root (AWS | Azure | GCP) documentation.
Solution
Unity Catalog
If your workspace is using Unity Catalog, you should store your data in Unity Catalog volumes (AWS | Azure | GCP).
You can use SQL or the workspace UI to manage file permissions.
Workspace Files
If your workspace is not Unity Catalog enabled, you should store your data as workspace files (AWS | Azure | GCP). Access to workspace files can be managed with access control lists (AWS | Azure | GCP).
For more information, review the Recommendations for files in volumes and workspace files (AWS | Azure | GCP) documentation.