├── media
    ├── AADCredPassthru.png
    ├── ADBMount.png
    ├── ADBNotebook.png
    ├── AccessToMultipleDataset.png
    ├── AccessToSingleDataset.png
    ├── AccessViaSP.png
    ├── ClusterScopedServicePrincipal.png
    ├── Comparison.png
    ├── DNSFlow.png
    ├── NetworkFlow.png
    ├── PermissionByWorkspace.png
    ├── PrivateDNSIntegration.png
    ├── PrivateEndpoint2.png
    ├── Readme.md
    ├── SessionScopedServicePrincipal.png
    ├── SingleUserAccess.png
    ├── VNetPeering.png
    ├── firewall.png
    ├── firewall2.tif
    ├── notebook2.tif
    ├── privateendpoint.png
    ├── vnetlinked.png
    └── vnetlinked3.png
├── readme.md
└── tutorials
    ├── pattern_3_AAD_Credential_passthrough
        ├── Pattern3.md
        ├── media
        │   ├── pattern_3_step_1.png
        │   ├── pattern_3_step_2.png
        │   ├── pattern_3_step_3.png
        │   ├── pattern_3_step_4.png
        │   ├── pattern_3_step_5.png
        │   ├── pattern_3_step_6.png
        │   ├── pattern_3_step_6_a.png
        │   ├── pattern_3_step_7.png
        │   ├── pattern_3_step_7_a.png
        │   ├── pattern_3_step_8.png
        │   └── pattern_3_step_9.png
        └── notebooks
        │   ├── testuser1
        │       └── pattern3-AADPassthrough-group1.ipynb
        │   └── testuser2
        │       └── pattern3-AADPassthrough-group2.ipynb
    ├── pattern_4_Cluster_scoped_Service_Principal
        ├── Pattern4.md
        ├── media
        │   ├── pattern_4_step_0.png
        │   ├── pattern_4_step_1.png
        │   ├── pattern_4_step_2.png
        │   ├── pattern_4_step_3.png
        │   ├── pattern_4_step_4.png
        │   ├── pattern_4_step_4_a.png
        │   ├── pattern_4_step_5.png
        │   ├── pattern_4_step_5_a.png
        │   ├── pattern_4_step_6.png
        │   └── pattern_4_step_7.png
        └── notebooks
        │   ├── testuser1
        │       └── pattern4-Cluster-scoped-principals-iot_devices.ipynb
        │   └── testuser2
        │       └── pattern4-Cluster-scoped-principals-loans.ipynb
    ├── pattern_6_Databricks_Table_Access_Control
        ├── Pattern6.md
        ├── media
        │   ├── pattern_6_step_1.png
        │   ├── pattern_6_step_10.png
        │   ├── pattern_6_step_10_a.png
        │   ├── pattern_6_step_1_a.png
        │   ├── pattern_6_step_2.png
        │   ├── pattern_6_step_3.png
        │   ├── pattern_6_step_4.png
        │   ├── pattern_6_step_5.png
        │   ├── pattern_6_step_5_a.png
        │   ├── pattern_6_step_6.png
        │   ├── pattern_6_step_7.png
        │   ├── pattern_6_step_8.png
        │   ├── pattern_6_step_8_a.png
        │   ├── pattern_6_step_8_b.png
        │   ├── pattern_6_step_8_c.png
        │   ├── pattern_6_step_9.png
        │   └── pattern_6_step_9_a.png
        └── notebooks
        │   ├── testuser1
        │       └── pattern6-table-access-control.ipynb
        │   └── testuser2
        │       └── pattern6-table-access-control.ipynb
    └── preparation
        ├── Preparation.md
        ├── media
            ├── preparation_step_1.png
            ├── preparation_step_2.png
            ├── preparation_step_2_a.png
            ├── preparation_step_2_b.png
            ├── preparation_step_3.png
            ├── preparation_step_4.png
            ├── preparation_step_5.png
            ├── preparation_step_6.png
            ├── preparation_step_6_a.png
            ├── preparation_step_6_b.png
            ├── preparation_step_7.png
            ├── preparation_step_8.png
            └── preparation_step_9.png
        └── notebooks
            └── Preparation.ipynb


/media/AADCredPassthru.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/AADCredPassthru.png


--------------------------------------------------------------------------------
/media/ADBMount.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/ADBMount.png


--------------------------------------------------------------------------------
/media/ADBNotebook.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/ADBNotebook.png


--------------------------------------------------------------------------------
/media/AccessToMultipleDataset.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/AccessToMultipleDataset.png


--------------------------------------------------------------------------------
/media/AccessToSingleDataset.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/AccessToSingleDataset.png


--------------------------------------------------------------------------------
/media/AccessViaSP.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/AccessViaSP.png


--------------------------------------------------------------------------------
/media/ClusterScopedServicePrincipal.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/ClusterScopedServicePrincipal.png


--------------------------------------------------------------------------------
/media/Comparison.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/Comparison.png


--------------------------------------------------------------------------------
/media/DNSFlow.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/DNSFlow.png


--------------------------------------------------------------------------------
/media/NetworkFlow.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/NetworkFlow.png


--------------------------------------------------------------------------------
/media/PermissionByWorkspace.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/PermissionByWorkspace.png


--------------------------------------------------------------------------------
/media/PrivateDNSIntegration.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/PrivateDNSIntegration.png


--------------------------------------------------------------------------------
/media/PrivateEndpoint2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/PrivateEndpoint2.png


--------------------------------------------------------------------------------
/media/Readme.md:
--------------------------------------------------------------------------------
1 | Placeholder
2 | 


--------------------------------------------------------------------------------
/media/SessionScopedServicePrincipal.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/SessionScopedServicePrincipal.png


--------------------------------------------------------------------------------
/media/SingleUserAccess.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/SingleUserAccess.png


--------------------------------------------------------------------------------
/media/VNetPeering.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/VNetPeering.png


--------------------------------------------------------------------------------
/media/firewall.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/firewall.png


--------------------------------------------------------------------------------
/media/firewall2.tif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/firewall2.tif


--------------------------------------------------------------------------------
/media/notebook2.tif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/notebook2.tif


--------------------------------------------------------------------------------
/media/privateendpoint.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/privateendpoint.png


--------------------------------------------------------------------------------
/media/vnetlinked.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/vnetlinked.png


--------------------------------------------------------------------------------
/media/vnetlinked3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/media/vnetlinked3.png


--------------------------------------------------------------------------------
/readme.md:
--------------------------------------------------------------------------------
  1 | # Securing access to Azure Data Lake Gen 2 from Azure Databricks
  2 | 
  3 | **Summary:**
  4 | 
  5 | This document provides guidance and approaches to securing access and connectivity to data in Azure Data Lake Storage from Databricks.
  6 | 
  7 | **Versions:**
  8 | 
  9 | | **Name** | **Title** | **Notes** | **Date** |
 10 | | --- | --- | --- | --- |
 11 | | Nicholas Hurt | Microsoft Cloud Solution Architect – Data & AI | Original | 20 Jan 2020 |
 12 | | Nicholas Hurt, Wasim Ahmad | Microsoft Cloud Solution Architect – Data & AI | Added section on securely accessing ADLS | 03 Aug 2020 |
 13 | | Anil Sener | Microsoft Cloud Solution Architect – Data & AI | Added tutorials for pattern 3, 4 and 6. | 01 December 2021 |
 14 | |   |   |   |   |
 15 | 
 16 | # Contents
 17 | 
 18 | [Introduction](#Introduction)
 19 | 
 20 | [Securing connectivity to ADLS](#securing-connectivity-to-ADLS) 
 21 | 
 22 | [Pattern 1 - Access via Service Principal](#Pattern-1---Access-via-Service-Principal)
 23 | 
 24 | [Pattern 2 - Multiple workspaces — permission by workspace](#Pattern-2---Multiple-workspaces---permission-by-workspace)
 25 | 
 26 | [Pattern 3 - AAD Credential passthrough](#Pattern-3---AAD-Credential-passthrough)
 27 | 
 28 | [Pattern 4 - Cluster scoped Service Principal](#Pattern-4---Cluster-scoped-Service-Principal)
 29 | 
 30 | [Pattern 5 - Session scoped Service Principal](#Pattern-5---Session-scoped-Service-Principal)
 31 | 
 32 | [Pattern 6 - Databricks Table Access Control](#Pattern-6---Databricks-Table-Access-Control)
 33 | 
 34 | [Conclusion](#Conclusion)
 35 | 
 36 | [License/Terms of Use](#License/Terms-of-Use)
 37 | 
 38 | 
 39 | ## Introduction
 40 | 
 41 | There are a number of considerations when configuring access to Azure Data Lake Storage gen2 (ADLS) from Azure Databricks (ADB). How will Databricks users connect to the lake securely, and how does one configure access control based on identity? This article aims to provide an overview of [network security](https://docs.microsoft.com/en-us/azure/security/fundamentals/network-best-practices) between these two services as well as in-depth look at six [access control](https://docs.microsoft.com/en-us/azure/security/fundamentals/identity-management-best-practices) patterns, the advantages and disadvantages of each, and the scenarios in which they would be most appropriate. ADLS in the context of this article can be considered a v2 storage account with Hierarchical Namespace (HNS) enabled.
 42 | 
 43 | ADLS offers more granular security than RBAC through the use of access control lists (ACLs) which can be applied at folder or file level.  As per [best practice](https://docs.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-best-practices#use-security-groups-versus-individual-users) these should be assigned to AAD groups rather than individual users or service principals. Additionally, nesting groups(groups within groups) can offer even more agility and flexibility as permissions evolve. There are two main reasons for this: i.) changing ACLs can take time to propagate if there are 1000s of files, and ii.) there is a limit of 32 ACLs entries per file or folder. Understanding access control using RBAC and ACLs is outside the scope of this document but is covered [here](https://github.com/hurtn/datalake-on-ADLS/blob/master/Understanding%20access%20control%20and%20data%20lake%20configurations%20in%20ADLS%20Gen2.md).
 44 | 
 45 | By way of a very simple example, a data lake may require two sets of permissions - engineers who run data pipelines and transformations requiring read-write access to a particular set of folders, and analysts who consume [read-only] curated analytics from another. At a minimum, two AAD security groups should be created to represent this division of responsibilities, namely a readers group and a writers group. Additional groups to represent the teams or business units could be nested inside these groups and the individuals added to their respective team group. The required permissions for the readers and writers groups to specific folders could be controlled using ACLs. Please see [the documentation](https://docs.microsoft.com/en-gb/azure/storage/blobs/data-lake-storage-access-control#access-control-lists-on-files-and-directories) for further details. For automated jobs, a [service principal](https://docs.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals#service-principal-object) which has been added to the appropriate group should be used, instead of an individual user identity. Service principal credentials should be kept extremely secure and referenced only through [secrets](https://docs.microsoft.com/en-us/azure/databricks/security/secrets/).
 46 | 
 47 | ## Securing connectivity to ADLS
 48 | In Azure there are two types of PaaS service – those which are built using dedicated architecture, known as dedicated services, and those which are built using a shared architecture, known as shared services. Dedicated services use a mix of cloud resources (compute, storage, network) allocated from a pool, and are assigned to a dedicated instance of that service for a particular customer. These can be deployed within a customer virtual network, for example, a virtual machine. Shared services use a set of cloud resources which are assigned to more than one instance of a service, utilised by more than one customer, and therefore cannot be deployed within a single customer network, e.g., storage. Depending on the type of service, a different [VNet integration pattern](https://github.com/fguerri/AzureVNetIntegrationPatterns) is applied to make it accessible only from clients deployed within Azure VNets and not accessible from the internet.
 49 | Azure Storage / ADLS gen2 is a shared service built using a shared architecture, and so to access it securely from Azure Databricks there are two options available. This Databricks [blog](https://databricks.com/blog/2020/02/28/securely-accessing-azure-data-sources-from-azure-databricks.html#:~:text=%20Securely%20Accessing%20Azure%20Data%20Sources%20from%20Azure,available%20to%20access%20Azure%20data%20services...%20More%20) summarises the following approaches:
 50 | 
 51 | 1. [Service Endpoints](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview#key-benefits)
 52 | 2. [Azure Private Link](https://docs.microsoft.com/en-us/azure/private-link/private-link-overview#key-benefits)
 53 | 
 54 | Customers may use either approach for securing access between ADB and ADLS Gen2, but both require the ADB workspace to be [VNET injected](https://docs.microsoft.com/en-us/azure/databricks/administration-guide/cloud-configurations/azure/vnet-inject). 
 55 | 
 56 | ### Service Endpoints
 57 | The [documentation](https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security) explains how to configure service endpoints, and how to limit access to the storage account by configuring the storage firewall. Further secure the storage account from data exfiltration using a [service endpoint policy](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoint-policies-overview).
 58 | 
 59 | ### Private Link
 60 | 
 61 | The setup for storage service endpoints are less complicated than compared to Private Link, however Private Link is widely regarded as the most secure approach and indeed the recommended mechanism for securely connecting to ADLS G2 from Azure Databricks. It exposes the PaaS shared services (storage) via a private IP and thus overcomes the limitations of service endpoints and protects against data exfiltration __by default__. The setup of Private Link requires a number of configurations at the network and DNS level and the complexity encountered is around the DNS resolution to the service. The following [article](https://github.com/dmauser/PrivateLink/tree/master/DNS-Integration-Scenarios) goes into greater detail on DNS considerations and integration scenarios. The approach discussed below is to use Azure Private DNS Zones to host the “privatelink” zone. 
 62 | 
 63 | ### Connecting securely to ADLS from ADB
 64 | 
 65 | The following steps will enable Azure Databricks to connect privately and securely with Azure Storage via private endpoint using a [hub and spoke](https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/hub-spoke) configuration, i.e., ADB and private endpoints are in their respective spoke VNETs:
 66 | 1. Deploy Azure Databricks into a VNet using the [Portal](https://docs.microsoft.com/en-us/azure/databricks/administration-guide/cloud-configurations/azure/vnet-inject#--create-the-azure-databricks-workspace-in-the-azure-portal) or [ARM template](https://azure.microsoft.com/en-us/resources/templates/101-databricks-all-in-one-template-for-vnet-injection/).
 67 | 1. Create a [private storage account](https://docs.microsoft.com/en-us/azure/private-link/create-private-endpoint-storage-portal#create-your-private-endpoint) with a private endpoint and deploy it into the different VNet (i.e., create a new VNet named `spokevnet-storage-pl` beforehand)
 68 | 1. Ensure the [private endpoint is integrated with a private DNS zone](https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-dns) to host the privatelink DNS zone of the respective service, in this case `dfs.core.windows.net`. When creating the Private Endpoint, there is an option to integrate it with Private DNS as shown below:
 69 | 
 70 |    ![Private Endpoint](media/privateendpoint.png)
 71 |   
 72 | 1. When ADB and Storage private endpoints are deployed in their respective VNets, there are some additional steps that need to be performed:
 73 | 
 74 |    a. The VNets should be [linked](https://docs.microsoft.com/en-us/azure/dns/private-dns-virtual-network-links) with the private DNS zone, as shown below (`databricks-vnetpl` and `spkevnet-storage-pl`):
 75 | 
 76 |       ![Vnet Linked](media/vnetlinked3.png)
 77 | 
 78 |    b. Also make sure both ADB and storage endpoint VNETs are [peered](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview):
 79 |   
 80 |       ![VNet Peering](media/VNetPeering.png)
 81 |    
 82 |       The network configuration should now be as follows:
 83 |     
 84 |       ![Network Flow](media/DNSFlow.png)
 85 |        
 86 |    c. Make sure the storage firewall is enabled. As an optional step you can also add the ADB VNet (`databricks-vnet`) to communicate with this storage account. When you enable this, storage endpoints will also be enabled on the ADB Vnet (`databricks-vnet`). 
 87 |   
 88 |       ![VNet Peering](media/firewall.png)
 89 |   
 90 | 1. In an ADB notebook you can double check if the FQDN of the storage is now resolving to private IP:
 91 |   
 92 |    ![ADB Notebook](media/ADBNotebook.png)
 93 |   
 94 | 1. A mount can be created as normal using the same FQDN and it will connect privately to ADLS using private endpoints.
 95 |   
 96 |    ![ADB Mount](media/ADBMount.png)
 97 | 
 98 |   If you are using a proxy then service principal authentication may fail. To avoid the error you can use the following environment variables  and specify your proxy URL:
 99 | 
100 |   ```
101 |   http_url: Proxy FQDN, https_url: Proxy FQDN
102 |   ```
103 | 
104 |     Note: You can deploy the private endpoint for storage within the same VNet where ADB is injected but it should be a different subnet, i.e., it must not be deployed in the ADB private or public subnets.
105 |   
106 | There are [further steps](https://databricks.com/blog/2020/03/27/data-exfiltration-protection-with-azure-databricks.html) one can take to harden the Databricks control plane using an Azure Firewall if required.
107 | 
108 | In the next few sections we will discuss the various approaches to authenticate and patterns to implement access control based on permissions.
109 | 
110 | ## Pattern 1 - Access via Service Principal
111 | 
112 | To provide a group of users access to a particular folder (and it's
113 | contents) in ADLS, the simplest mechanism is to create a [mount point
114 | using a service
115 | principal](https://docs.microsoft.com/en-gb/azure/databricks/data/data-sources/azure/azure-datalake-gen2?toc=https%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Fazure%2Fazure-databricks%2FTOC.json&bc=https%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Fazure%2Fbread%2Ftoc.json#--mount-an-azure-data-lake-storage-gen2-account-using-a-service-principal-and-oauth-20)
116 | at the desired folder depth. The mount point (`/mnt/<mount_name>`) is
117 | created once-off per workspace but **is accessible to any user on any
118 | cluster in that workspace**. In order to secure access to different
119 | groups of users with different permissions, one will need more than just
120 | a single one mount point in one workspace. One of the patterns described
121 | below should be followed.
122 | 
123 | *Note access keys couldn't be used to mount the ADLS, like they can be used for mounting of
124 | normal blob containers without HNS enabled.  But access keys [could be used for direct access to data via APIs](https://docs.microsoft.com/en-us/azure/databricks/data/data-sources/azure/azure-datalake-gen2#--access-directly-using-the-storage-account-access-key). Since DBR 7.5, direct access to data is also [possible via shared access signatures](https://docs.microsoft.com/en-us/azure/databricks/data/data-sources/azure/azure-datalake-gen2#access-directly-using-sas-token-provider) as experimental feature.*
125 | 
126 | Below is sample code to authenticate via a SP using OAuth2 and create a
127 | mount point in Python:
128 | 
129 | ```python
130 | configs = {
131 |   "fs.azure.account.auth.type": "OAuth",
132 |   "fs.azure.account.oauth.provider.type": "org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider",
133 |   "fs.azure.account.oauth2.client.id": "enter-your-service-principal-application-id-here",
134 |   "fs.azure.account.oauth2.client.secret": dbutils.secrets.get(scope = "enter-your-key-vault-secret-scope-name-here", key = "enter-the-secret"),
135 |   "fs.azure.account.oauth2.client.endpoint": "https://login.microsoftonline.com/enter-your-tenant-id-here/oauth2/token"
136 | }
137 | 
138 | dbutils.fs.mount(
139 |   source = "abfss://file-system-name@storage-account-name.dfs.core.windows.net/folder-path-here",
140 |   mount_point = "/mnt/mount-name",
141 |   extra_configs = configs)
142 | ```
143 | The creation of the mount point and listing of current mount points in
144 | the workspace can be done via the
145 | [CLI](https://docs.microsoft.com/en-gb/azure/databricks/dev-tools/cli/dbfs-cli)
146 | 
147 | ```cli
148 | \>databricks configure --- token
149 | 
150 | Databricks Host (should begin with ):
151 | https://eastus.azuredatabricks.net/?o=#########
152 | Token:dapi###############
153 | \>databricks fs ls dbfs:/mnt
154 | 
155 | datalake
156 | ```
157 | 
158 | From an architecture perspective these are the basic components where
159 | "dl" is used to represent the mount name.
160 | ![Access via Service Principal](media/AccessViaSP.png)
161 | 
162 | *Note the use of default ACLs otherwise any new folders created will be
163 | inaccessible*
164 | 
165 | The mount point and ACLs could be at the filesystem (root) level or at
166 | the folder level to grant access at the required filesystem depth.
167 | 
168 | Instead of mount points, access can also be via direct path --- Azure
169 | Blob Filesystem (ABFS - included in runtime 5.2 and above) as shown in
170 | the code snippet below.
171 | 
172 | To access data directly using service principal, authorisation code must
173 | be executed in the same session prior to reading/writing the data for
174 | example:
175 | 
176 | ```python
177 | # authenticate using a service principal and OAuth 2.0
178 | spark.conf.set("fs.azure.account.auth.type", "OAuth")
179 | spark.conf.set("fs.azure.account.oauth.provider.type",
180 |   "org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider")
181 | spark.conf.set("fs.azure.account.oauth2.client.id",
182 |   "enter-your-service-principal-application-id-here")
183 | spark.conf.set("fs.azure.account.oauth2.client.secret", 
184 |   dbutils.secrets.get(scope = "secret-scope-name", key = "secret-name"))
185 | spark.conf.set("fs.azure.account.oauth2.client.endpoint",
186 |   "https://login.microsoftonline.com//enter-your-tenant-id-here/oauth2/token")
187 | 
188 | # read data in delta format
189 | readdf=spark.read.format("delta").load(abfs://file-system-name@storage-account-name.dfs.core.windows.net/path-to-data")
190 | ```
191 | 
192 | Using a single service principal to authenticate users to a single
193 | location in the lake is unlikely to satisfy most security requirements
194 | -- it is too coarse grained, much like RBAC on Blob containers. It does
195 | not facilitate securing access to multiple groups of users of the lake
196 | who require different sets of permissions. One or more the following
197 | patterns may be followed to achieve the required level of
198 | granularity.
199 | 
200 | 
201 | ## Pattern 2 - Multiple workspaces --- permission by workspace
202 | 
203 | This is an extension of the first pattern whereby multiple workspaces
204 | are provisioned, and different groups of users are assigned to different
205 | workspaces. Each group/workspace will use a different service principal
206 | to govern the level of access required, either via a configured mount
207 | point or direct path. Conceptually, this is a mapping of service
208 | principal to each group of users, and each service principal will have a
209 | defined set of permissions on the lake. In order to assign users to a
210 | workspace simply ensure they are registered in your Azure Active
211 | Directory (AAD) and an admin (those with [contributor or owner role on
212 | the
213 | workspace](https://docs.microsoft.com/en-us/azure/databricks/administration-guide/account-settings/account#assign-initial-account-admins)
214 | will need to [add
215 | users](https://docs.microsoft.com/en-us/azure/databricks/administration-guide/users-groups/users#--add-a-user)
216 | (with the same identity as in AAD) to the appropriate workspace. The
217 | architecture below depicts two different folders and two groups of users
218 | (readers and writers) on each.
219 | 
220 | ![Permission by Workspace](media/PermissionByWorkspace.png)
221 | 
222 | This pattern may offer excellent isolation at a workspace level however
223 | the main disadvantage to this approach is the proliferation of
224 | workspaces --- n groups = n workspaces. The workspace itself does not
225 | incur cost, but there may be an inherit increase in total cost of
226 | ownership. If more granular security is required than workspace level then
227 | one of the following patterns may be more suitable.
228 | 
229 | ## Pattern 3 - AAD Credential passthrough
230 | AAD passthrough allows different groups of users to all work in the same
231 | workspace and access data either via mount point or direct path
232 | authenticated using their own credentials. The user's credentials are
233 | passed through to ADLS gen2 and evaluated against the files and folder
234 | ACLs. This feature is enabled at the cluster level under the advanced
235 | options.
236 | 
237 | To [mount an ADLS filesystem or folder with AAD passthrough
238 | enabled](https://docs.microsoft.com/en-us/azure/databricks/data/data-sources/azure/adls-passthrough#azure-data-lake-storage-gen2-1)
239 | the following Scala may be used:
240 | 
241 | ```scala
242 | val configs = Map(
243 |   "fs.azure.account.auth.type" -> "CustomAccessToken",
244 |   "fs.azure.account.custom.token.provider.class" -> spark.conf.get("spark.databricks.passthrough.adls.gen2.tokenProviderClassName"))
245 | 
246 | // Optionally, you can add <directory-name> to the source URI of your mount point.
247 | dbutils.fs.mount(
248 |   source = "abfss://file-system-name@storage-account-name.dfs.core.windows.net/folder-path-here",
249 |   mountPoint = "/mnt/mount-name",
250 |   extraConfigs = configs)
251 | ```
252 | 
253 | Any user reading or writing via the mount point will have their
254 | credentials evaluated. Alternatively, to access data directly without a
255 | mount point simply use the abfs path on a cluster with AAD Passthrough
256 | enabled, for example:
257 | ```python
258 | # read data in delta format using direct path
259 | readdf = spark.read\
260 |   .format("<file format>")\
261 |   .load("abfss://<filesys>@<storageacc>.dfs.core.windows.net/<path>")
262 | ```
263 | Originally this functionality was only available using [high
264 | concurrency
265 | clusters](https://docs.microsoft.com/en-gb/azure/databricks/data/data-sources/azure/adls-passthrough#enable-azure-data-lake-storage-credential-passthrough-for-a-high-concurrency-cluster)
266 | and supported only Python and SQL notebooks, but recently [standard
267 | clusters support for AAD
268 | passthrough](https://docs.microsoft.com/en-gb/azure/databricks/data/data-sources/azure/adls-passthrough#--enable-azure-data-lake-storage-credential-passthrough-for-a-standard-cluster)
269 | using R and Scala notebooks were announced. One major consideration
270 | however for standard clusters, is that only [a single user can be
271 | enabled per
272 | cluster](https://docs.microsoft.com/en-us/azure/databricks/data/data-sources/azure/adls-passthrough#single-user).
273 | 
274 | ![Single User Access](media/SingleUserAccess.png)
275 | 
276 | A subtle but important difference in this pattern is that service
277 | principals are not required to delegate access, as it is the user's
278 | credentials that are used.
279 | 
280 | ![AAD Credential Passthrough](media/AADCredPassthru.png)
281 | 
282 | *Note: Access can still be either direct path or mount point*
283 | 
284 | There are some [[further
285 | considerations]](https://docs.microsoft.com/en-gb/azure/databricks/data/data-sources/azure/adls-passthrough#known-limitations)
286 | to note at the time of writing:
287 | 
288 | -   The [[minimum runtime versions]](https://docs.microsoft.com/en-gb/azure/databricks/data/data-sources/azure/adls-passthrough#supported-features)
289 |     as well as which PySpark ML APIs which are not supported, and
290 |     associated supported features
291 | 
292 | -   **Databricks Connect is not supported**
293 | 
294 | -   **[Jobs](https://docs.microsoft.com/en-gb/azure/databricks/jobs#jobs)**
295 |     are not supported
296 | 
297 | -   jdbc/odbc (BI tools) is not yet supported
298 | 
299 | If any of these limitations present a challenge or there is a
300 | requirement to enable more than one Scala or R developer to work on a
301 | cluster at the same time, then you may need to consider one of the other
302 | patterns below.
303 | 
304 | Please follow the [tutorial for Pattern 3](tutorials/pattern_3_AAD_Credential_passthrough/Pattern3.md).
305 | 
306 | ## Pattern 4 - Cluster scoped Service principal
307 | 
308 | In this pattern, each cluster is "mapped" to a unique service principal.
309 | By [restricting users or groups to a particular
310 | cluster](https://docs.microsoft.com/en-us/azure/databricks/administration-guide/access-control/cluster-acl#--configure-cluster-level-permissions),
311 | using the "can attach to" permission, it will ensure that access to the
312 | data lake is restricted by the ACLs assigned to the service principal.
313 | 
314 | ![Cluster Scoped Service Principal](media/ClusterScopedServicePrincipal.png)
315 | 
316 | This pattern will allow you to use multiple clusters in the same
317 | workspace, and "attach" a set of permissions according to the service
318 | principal set in the [cluster
319 | config](https://docs.microsoft.com/en-gb/azure/databricks/clusters/configure?toc=https%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Fazure%2Fazure-databricks%2FTOC.json&bc=https%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Fazure%2Fbread%2Ftoc.json):
320 | 
321 | ```
322 | fs.azure.account.auth.type OAuth
323 | fs.azure.account.oauth.provider.type org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider
324 | fs.azure.account.oauth2.client.id <service-principal-application-id>
325 | fs.azure.account.oauth2.client.secret {{secrets/<your scope name>/<secret name>}}
326 | fs.azure.account.oauth2.client.endpoint https://login.microsoftonline.com/<tenant id>/oauth2/token
327 | ```
328 | 
329 | *Note the method in which secrets are referenced in the config section
330 | as it is different from the usual dbutils syntax*
331 | 
332 | The benefit of this approach is that the scope and secret names are not
333 | exposed to end-users and they do not require read access to the secret
334 | scope however the creator of the cluster will.  But please note that this secret will be available to all users of cluster.
335 | 
336 | Users should use the direct access method, via ABFS, and mount points
337 | should be forbidden, unless of course there is a global folder everyone
338 | in the workspace needs access to. Until there is an in-built way to
339 | prevent mount points being created, you may wish to write an alert
340 | utility which runs frequently checking for any mount points using the
341 | CLI (as shown in the first pattern) and sends a notification if any
342 | unauthorised mount points are detected.
343 | 
344 | This pattern could be useful when both engineers and analysts require
345 | different sets of permissions and assigned to the same workspace. The
346 | engineers may need read access to one or more source data sets and then
347 | write access to a target location, with read-write access to a staging
348 | or working location. This requires a single service principal to have
349 | access to all the data sets in order for the code to execute fully ---
350 | more about this in the next pattern. The analysts however may need read
351 | access to the target folder and nothing else.
352 | 
353 | The disadvantage of this approach is dedicated clusters for each
354 | permission group, i.e., no sharing of clusters across permission groups.
355 | In other words, each service principal, and therefore each cluster,
356 | should have sufficient permissions in the lake to run the desired
357 | workload on that cluster. The reason for this is that a cluster can only
358 | be configured with a single service principal at a time. In a production
359 | scenario the config should be specified through scripting the
360 | provisioning of clusters using the CLI or API.
361 | 
362 | Depending on the number of permission groups required, this pattern
363 | could result in a proliferation of clusters. The next pattern may
364 | overcome this challenge but will require each user to execute
365 | authentication code at run time.
366 | 
367 | Please follow the [tutorial for Pattern 4](tutorials/pattern_4_Cluster_scoped_Service_Principal/Pattern4.md).
368 | 
369 | ## Pattern 5 - Session scoped Service principal
370 | 
371 | In this pattern, access control is governed at the session level so a
372 | cluster may be shared by multiple groups of users, each using a set of
373 | service principal credentials. *Normally, clusters with a number of
374 | concurrent users and jobs will require a [high
375 | concurrency](https://docs.microsoft.com/en-gb/azure/databricks/clusters/configure#--high-concurrency-clusters)
376 | cluster to ensure resources are shared fairly.* The user attempting to
377 | access ADLS will need to use the direct access method and execute the
378 | OAuth code prior to accessing the required folder. Consequently, this
379 | approach will not work when using odbc/jdbc connections. Also note, that
380 | **only one service principal can be set in session at a time** and this
381 | will have a significant influence the design based on Spark's lazy
382 | evaluation, as described later. Below is sample OAuth code, which is
383 | very similar to the code used in pattern 1 above:
384 | ```python
385 | # authenticate using a service principal and OAuth 2.0
386 | spark.conf.set("fs.azure.account.auth.type", "OAuth")
387 | spark.conf.set("fs.azure.account.oauth.provider.type", "org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider")
388 | spark.conf.set("fs.azure.account.oauth2.client.id", "enter-your-service-principal-application-id-here")
389 | spark.conf.set("fs.azure.account.oauth2.client.secret", dbutils.secrets.get(scope = "secret-scope-name", key = "secret-name"))
390 | spark.conf.set("fs.azure.account.oauth2.client.endpoint", "https://login.microsoftonline.com/enter-your-tenant-id-here/oauth2/token")
391 | 
392 | # read data in delta format
393 | readdf=spark.read.format("delta").load("abfss://file-system-name@storage-account-name.dfs.core.windows.net/path-to-data")
394 | ```
395 | This pattern works well where different permission groups (such as
396 | analysts and engineers) are required but one does not wish to take on
397 | the administrative burden of isolating the user groups by cluster. *As
398 | in the previous approach, mounting folders using the provided service
399 | principal/secret scope details should be forbidden.*
400 | 
401 | The mechanism which ensures that each group has the appropriate level of
402 | access is through their ability to "use" a service principal which has
403 | been added to the AAD group with the desired level of access. The way to
404 | effectively "map" the user group's level of access to a particular
405 | service principal is by granting the Databricks user group access to the
406 | secret scope (see below) which stores the credentials for that service
407 | principal. Armed with the secret scope name and the associated key
408 | name(s), users can then run the authorisation code shown above. The
409 | "client.secret" (service principal's secret) is stored as a secret in
410 | the secret scope but so to can any other sensitive details such as the
411 | service principals application ID and tenant ID.
412 | 
413 | The disadvantage to this approach is the **proliferation of secret
414 | scopes of which there is a limit of 100 per workspace**. Additionally
415 | the [premium
416 | plan](https://databricks.com/product/azure-pricing) is
417 | required in order to assign granular permissions to the secret scope.
418 | 
419 | To help explain this pattern further, and the setup required, examine
420 | the following simple scenario:
421 | 
422 | ![Session Scoped Service Principal](media/SessionScopedServicePrincipal.png)
423 | 
424 | The above diagram depicts a single folder (A) with two sets of
425 | permissions, readers and writers. AAD groups reflect these roles and
426 | have been assigned appropriate folder ACLs. Each AAD group contains a
427 | service principal and the credentials for each service principal have
428 | been stored in a unique secret scope. Each
429 | [group](https://docs.microsoft.com/en-us/azure/databricks/administration-guide/users-groups/groups)
430 | in the Databricks workspace contains the appropriate users, and the
431 | group has been [assigned READ
432 | ACLs](https://docs.microsoft.com/en-us/azure/databricks/dev-tools/cli/secrets-cli)
433 | on the associated secret scope, which allows a group of users to "use"
434 | the service principal mapped to their level of permission.
435 | 
436 | Below is an example CLI command of how to grant read permissions to the
437 | "GrWritersA" Databricks group on "SsWritersA" secret scope. Note that
438 | ACLs are at secret scope level, not at secret level which means that one
439 | secret scope will be required per service principal.
440 | ```CLI
441 | databricks secrets put-acl --scope SsWritersA --principal GrWritersA --permission READ
442 | databricks secrets get-acl --scope SsWritersA --principal GrWritersA
443 | Principal Permission
444 |  — — — — — — — — — — — — 
445 | GrWritersA READ
446 | ```
447 | How this is may be implemented for your data lake scenario requires
448 | careful thought and planning. In very general terms this pattern being
449 | applied in one of two ways, at folder granularity, representing a
450 | department or data lake zone (1) or at data project or "data module"
451 | granularity (2):
452 | 
453 | 1.  Analysts (read-only) and engineers (read-write) are working within a
454 |     single folder structure, and they do not require access to
455 |     additional datasets outside of their current directory. The diagram
456 |     below depicts two folders A and B, perhaps representing two
457 |     departments. Each department has their own analysts and engineers
458 |     working on their data, and should not be allowed access to the other
459 |     department's data.
460 | 
461 | ![Access To Single Dataset](media/AccessToSingleDataset.png)
462 | 
463 | 2.  Using the diagram below for reference, engineers and analysts are
464 |     working on different projects and should have clear separation of
465 |     concerns. Engineers working on "Module 1" require read access to
466 |     multiple source data assets (A & B). Transformations and joins are
467 |     run to produce another data asset ( C ). Engineers also require a
468 |     working or staging directory to persisting output during various
469 |     stages (X). For the entire pipeline to execute, "Service Principal
470 |     for Module 1 Developers" has been added to the relevant AAD groups
471 |     which provide access to all necessary folders (A, B, X, C) through
472 |     the assigned ACLs.
473 | 
474 |     Analysts need to produce analytics using the new data asset ( C )
475 |     but should not have access to the source data, therefore, they use
476 |     the "Service Principal for Dataset C" which was added to the Readers
477 |     C group only.
478 | 
479 | ![Access To Multiple Dataset](media/AccessToMultipleDataset.png)
480 | 
481 | It may seem more logical to have one service principal per data asset
482 | but when multiple permissions are required for a single pipeline to
483 | execute in Spark, then one needs to consider how [lazy
484 | evaluation](https://data-flair.training/blogs/apache-spark-lazy-evaluation/)
485 | works. When attempting to use multiple service principals in the same
486 | notebook/session one needs to remember that the read and write will be
487 | executed only once the write is triggered. One cannot therefore set the
488 | authentication to one service principal for one folder and then to
489 | another prior to the final write operation, all in the same
490 | notebook/session, as the read operation will be executed only when the
491 | write is triggered.
492 | 
493 | *This means a single service principal will need to encapsulate the
494 | permissions of a single pipeline execution rather than a single service
495 | principal per data asset.*
496 | 
497 | ## Pattern 6 - Databricks Table Access Control
498 | 
499 | 
500 | One final pattern, which not technically an access pattern to ADLS,
501 | implements security at the table (or view) level rather than the data
502 | lake level. This method is native to Databricks and involves granting,
503 | denying, revoking access to tables or views which may have been created
504 | from files residing in ADLS. Access is granted programmatically (from
505 | Python or SQL) to tables or views based on user/group. This approach
506 | requires [both cluster and table access
507 | control](https://docs.microsoft.com/en-gb/azure/databricks/administration-guide/access-control/table-acls/table-acl#enable-table-access-control-at-the-account-level)
508 | to be enabled and requires a [premium tier
509 | workspace](https://databricks.com/product/azure-pricing).
510 | File access is disabled through a [cluster level
511 | configuration](https://docs.microsoft.com/en-gb/azure/databricks/administration-guide/access-control/table-acls/table-acl#sql-only-table-access-control)
512 | which ensures the only method of data access for users is via the
513 | pre-configured tables or views. This works well for analytical (BI)
514 | tools accessing tables/views via odbc but limits users in their ability
515 | to access files directly and does not support R and Scala.
516 | 
517 | Please follow the [tutorial for Pattern 6](tutorials/pattern_6_Databricks_Table_Access_Control/Pattern6.md).
518 | 
519 | ## Conclusion
520 | 
521 | This white paper has examined a number of access patterns to Azure Data
522 | Lake gen2 available from Azure Databricks. There are merits and
523 | disadvantages of each, and most likely it will be a combination of these
524 | patterns which will suit a production scenario. Below is a table
525 | summarising the above access patterns and some important considerations
526 | of each.
527 | 
528 | ![Comparison of options](media/Comparison.png)
529 | 
530 | ## License/Terms of Use
531 | 
532 | This is a free white paper released into the public domain.
533 | 
534 | Anyone is free to use or distribute this white paper, for any purpose,
535 | commercial or non-commercial, and by any means.
536 | 
537 | THE WHITE PAPER IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND,
538 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
539 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
540 | 
541 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
542 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
543 | FROM, OUT OF OR IN CONNECTION WITH THE WHITE PAPER.
544 | 
545 | 


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/Pattern3.md:
--------------------------------------------------------------------------------
  1 | # Tutorial for Pattern 3: Azure Active Directory Credential passthrough
  2 | 
  3 | **Summary:**
  4 | 
  5 | This document provides links to a tutorial on implementing Pattern 3: Azure Active Directory Credential passthrough
  6 | 
  7 | **Versions:**
  8 | 
  9 | | **Name** | **Title** | **Notes** | **Date** |
 10 | | --- | --- | --- | --- |
 11 | | Anil Sener | Microsoft Cloud Solution Architect – Data &amp; AI | Original | 01 December 2021 |
 12 | |   |   |   |   |
 13 | 
 14 | # Contents
 15 | 
 16 | [Tutorial Steps](#Tutorial-Steps)
 17 | 
 18 | [Pre-requisites](#Pre-requisites)
 19 | 
 20 | [License/Terms of Use](#License/Terms-of-Use)
 21 | 
 22 | ## Pre-requisites
 23 | 
 24 | This tutorial requires the completion of the steps in [Connecting securely to ADLS from ADB](../../Readme.md#connecting-securely-to-adls-from-adb) section.
 25 | 
 26 | This tutorial requires the completion of the steps in the [preparation](../preparation/Readme.md) section.
 27 | 
 28 | This tutorial requires a premium Databricks Workspace.
 29 | 
 30 | Install [Databricks Client](https://docs.databricks.com/dev-tools/cli/index.html).
 31 | 
 32 | ## Tutorial Steps
 33 | 1. Navigate to the <b>Storage Accounts</b>, drill down to the storage account created in the setup steps and navigate to <b>Containers</b> to display <b>test_container</b>. Then, click <b>...</b> icon on the rightern side of the container and select <b>Manage ACLs</b>:
 34 | <p align="center">
 35 |   <img width="850" src="media/pattern_3_step_1.png" />
 36 | </p>
 37 | 
 38 | 2. When the ACLs for the container are displayed, add the principals for the active directory groups called <b>group1</b> and <b>group2</b> which should be already created as a part of preparation steps. Please check only <b>Execute</b> right for these principals and click to <b>Save</b> button:
 39 | <p align="center">
 40 |   <img width="850" src="media/pattern_3_step_2.png" />
 41 | </p>
 42 | 
 43 | 3. Click on <b>test_container</b> and then you should be able to see the folders inside the container. Then, click <b>...</b> icon on the rightern side of the <b>iot_devices</b> folder and select <b>Manage ACLs</b>:
 44 | <p align="center">
 45 |   <img width="850" src="media/pattern_3_step_3.png" />
 46 | </p>
 47 | 
 48 | 4. When the ACLs for the <b>iot_devices</b> folder are displayed, add the principals for the active directory group <b>group1</b> and check <b>Read</b> and <b>Execute</b> and click to <b>Save</b> button:
 49 | <p align="center">
 50 |   <img width="850" src="media/pattern_3_step_4.png" />
 51 | </p>
 52 | 
 53 | 5. When the ACLs for the <b>loans</b> folder are displayed, add the principals for the active directory group <b>group2</b> and check <b>Read</b> and <b>Execute</b> and click to <b>Save</b> button:
 54 | <p align="center">
 55 |   <img width="850" src="media/pattern_3_step_5.png" />
 56 | </p>
 57 | 
 58 | 6. Navigate to the <b>premium Azure Databricks Workspace > Overview</b> and click <b>Launch Workspace</b> button, choose and <b>an admin</b> user to login. When Azure Databricks Workspace is displayed, navigate to <b>Compute</b>. Then, create a Standard cluster for <b>TestUser1</b> enabling the credential passthrough with the following settings. Set the permissions to allow <b>IoTDevicesGroup</b> to attach this cluster: 
 59 | <p align="center">
 60 |   <img width="850" src="media/pattern_3_step_6.png" />
 61 | </p>
 62 | 
 63 | <p align="center">
 64 |   <img width="450" src="media/pattern_3_step_6_a.png" />
 65 | </p>
 66 | 
 67 | 7. Then, create another Standard cluster for <b>TestUser2</b> enabling the credential passthrough with the following settings.Set the permissions to allow <b>LoanGroup</b> to attach this cluster: 
 68 | <p align="center">
 69 |   <img width="850" src="media/pattern_3_step_7.png" />
 70 | </p>
 71 | 
 72 | <p align="center">
 73 |   <img width="450" src="media/pattern_3_step_7_a.png" />
 74 | </p>
 75 | 
 76 | 8. Navigate to the premium Azure Databricks <b>Workspace > Overview</b> on Azure Portal and click <b>Launch Workspace</b> button, choose and <b>TestUser1</b> user to login. When Azure Databricks Workspace is displayed, navigate to <b>Workspace</b>, then upload [pattern3-AADPassthrough-group1.ipynb](notebooks/testuser1/pattern3-AADPassthrough-group1.ipynb) notebook to the Databricks Workspace and open the notebook, attach & start the cluster created in step 6 and then run all cells: 
 77 | <p align="center">
 78 |   <img width="850" src="media/pattern_3_step_8.png" />
 79 | </p>
 80 | 
 81 | <i>RESULT: Files unders /iot_devices folder are readable meanwhile /loans raise an exception due to lack of privileges to access these files on ADLS Gen2. These permissions are limited thanks to the privileges of group1 on ADLS Gen2 ACLs.</i> 
 82 | 
 83 | 9. Navigate to the premium Azure Databricks <b>Workspace > Overview</b>on Azure Portal and click <b>Launch Workspace</b> button, choose and <b>TestUser2</b> user to login. When Azure Databricks Workspace is displayed, navigate to <b>Workspace</b>, then upload [pattern3-AADPassthrough-group2.ipynb](notebooks/testuser2/pattern3-AADPassthrough-group2.ipynb) notebook to the Databricks Workspace and open the notebook, attach & start the cluster created in step 7 and then run all cells:  
 84 | <p align="center">
 85 |   <img width="850" src="media/pattern_3_step_9.png" />
 86 | </p>
 87 | 
 88 | <i>RESULT: Files unders /loans folder are readable meanwhile /iot_devices raise an exception due to lack of privileges to access these files on ADLS Gen2. These permissions are limited thanks to the privileges of group1 on ADLS Gen2 ACLs.</i> 
 89 | 
 90 | ## License/Terms of Use
 91 | 
 92 | This is a free white paper released into the public domain.
 93 | 
 94 | Anyone is free to use or distribute this white paper, for any purpose,
 95 | commercial or non-commercial, and by any means.
 96 | 
 97 | THE WHITE PAPER IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND,
 98 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 99 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
100 | 
101 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
102 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
103 | FROM, OUT OF OR IN CONNECTION WITH THE WHITE PAPER.
104 | 
105 | 


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_1.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_2.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_3.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_4.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_5.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_6.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_6_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_6_a.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_7.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_7_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_7_a.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_8.png


--------------------------------------------------------------------------------
/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_3_AAD_Credential_passthrough/media/pattern_3_step_9.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/Pattern4.md:
--------------------------------------------------------------------------------
  1 | # Tutorial for Pattern 4: Cluster Scoped Service Principal
  2 | 
  3 | **Summary:**
  4 | 
  5 | This document provides links to a tutorial on implementing Pattern 4: Cluster Scoped Service Principal
  6 | 
  7 | **Versions:**
  8 | 
  9 | | **Name** | **Title** | **Notes** | **Date** |
 10 | | --- | --- | --- | --- |
 11 | | Anil Sener | Microsoft Cloud Solution Architect – Data &amp; AI | Original | 01 December 2021 |
 12 | |   |   |   |   |
 13 | 
 14 | # Contents
 15 | 
 16 | [Pre-requisites](#Pre-requisites)
 17 | 
 18 | [Tutorial Steps](#Tutorial-Steps)
 19 | 
 20 | [License/Terms of Use](#License/Terms-of-Use)
 21 | 
 22 | ## Pre-requisites
 23 | 
 24 | This tutorial requires the completion of the steps in [Connecting securely to ADLS from ADB](../../Readme.md#connecting-securely-to-adls-from-adb) section.
 25 | 
 26 | This tutorial requires the completion of the steps in the [preparation](../preparation/Readme.md) section.
 27 | 
 28 | This tutorial requires a premium Databricks Workspace.
 29 | 
 30 | Install [Databricks Client](https://docs.databricks.com/dev-tools/cli/index.html).
 31 | 
 32 | ## Tutorial Steps
 33 | 1. Navigate to <b>Azure Active Directory > App registrations</b> and create two application registration service principals one for loans and another for iot_devices:
 34 | <p align="center">
 35 |   <img width="850" src="media/pattern_4_step_0.png" />
 36 | </p>
 37 | 
 38 | 2. Drill down to app registration created for iot_devices and navigate to <b>Certificates & secrets > Client secrets</b> and create a secret and copy the secret value to be used in KeyVault in the later steps:
 39 | <p align="center">
 40 |   <img width="850" src="media/pattern_4_step_1.png" />
 41 | </p>
 42 | 
 43 | 3. Drill down to app registration created for loans and navigate to <b>Certificates & secrets > Client secrets/</b> and create a secret and copy the secret value to be used in KeyVault in the later steps:
 44 | <p align="center">
 45 |   <img width="850" src="media/pattern_4_step_2.png" />
 46 | </p>
 47 | 
 48 | 4. Navigate to the KeyVaults and search for the Keyvault called <b>rr-demo</b> which is created during the setup process, then navigate to <b>Secrets</b> and create two secrets for iot_devices and loans using the client secret values generated in step 2 and 3:
 49 | <p align="center">
 50 |   <img width="850" src="media/pattern_4_step_3.png" />
 51 | </p>
 52 | 
 53 | 5. When the ACLs for the container are displayed, add the principals for App registrations created in step 1. Please check only <b>Execute</b> right for these principals and click to <b>Save</b> button:
 54 | <p align="center">
 55 |   <img width="850" src="../pattern-3-AAD-Credential-passthrough/media/pattern_3_step_2.png" />
 56 | </p>
 57 | 
 58 | 6. Click on <b>test_container</b> and then you should be able to see the folders inside the container. Then, click <b>...</b> icon on the rightern side of the <b>iot_devices</b> folder and select <b>Manage ACLs</b>:
 59 | <p align="center">
 60 |   <img width="850" src="../pattern-3-AAD-Credential-passthrough/media/pattern_3_step_3.png" />
 61 | </p>
 62 | 
 63 | 7. When the ACLs for the <b>iot_devices</b> folder are displayed, add the principals for the app registration service principal created for iot_devices and check <b>Read</b> and <b>Execute</b> and click to <b>Save</b> button:
 64 | <p align="center">
 65 |   <img width="850" src="../pattern-3-AAD-Credential-passthrough/media/pattern_3_step_4.png" />
 66 | </p>
 67 | 
 68 | 8. When the ACLs for the <b>loans</b> folder are displayed, add the principals for the app registration service principal created for iot_devices and check <b>Read</b> and <b>Execute</b> and click to <b>Save</b> button:
 69 | <p align="center">
 70 |   <img width="850" src="../pattern-3-AAD-Credential-passthrough/media/pattern_3_step_5.png" />
 71 | </p>
 72 | 
 73 | 9. Navigate to the <b>premium Azure Databricks Workspace > Overview</b> and click <b>Launch Workspace</b> button, choose and <b>admin user</b> to login. When Azure Databricks Workspace is displayed, navigate to <b>Settings > User Settings</b> and then click the <b>Generate New Token</b> button. Copy the token.
 74 | 
 75 | 10. Launch a commandline application in you pc and use [Databricks Client](https://docs.databricks.com/dev-tools/cli/index.html) to execute the following command to configure the databricks client with the workspace providing your premium workspace url and token generated in the previous step:
 76 | ```sh
 77 | databricks configure --token 
 78 | ```
 79 | 
 80 | 11. After the [Databricks Client](https://docs.databricks.com/dev-tools/cli/index.html) configuration execute the following commands to create 2 Databricks secret scopes for iot_devices and loans and to create one Databricks secret per each to be referred in the subsequent steps in this tutorial. Please remember to replace `<subscription-id>` with your own in each command below:
 81 | 
 82 | ```sh
 83 | databricks secrets create-scope --scope  iot-group-scope --scope-backend-type AZURE_KEYVAULT --resource-id /subscriptions/<subscription-id>/resourceGroups/RR-demo/providers/Microsoft.KeyVault/vaults/rr-demo-kv  --dns-name https://rr-demo-kv.vault.azure.net/
 84 | 
 85 | databricks secrets put-acl --scope  iot-group-scope  --principal  IoTDevicesGroup --permission READ
 86 | 
 87 | databricks secrets create-scope --scope  loan-group-scope --scope-backend-type AZURE_KEYVAULT --resource-id /subscriptions/<subscription-id>/resourceGroups/RR-demo/providers/Microsoft.KeyVault/vaults/rr-demo-kv  --dns-name https://rr-demo-kv.vault.azure.net/
 88 | 
 89 | databricks secrets put-acl --scope loan-group-scope --principal  LoanGroup --permission READ
 90 | ```
 91 | 
 92 | <i>These commands will limit access of Databricks groups only to the app registration service principals relavant to their group. Ideally, we should have created separate Azure key vaults for each secret scope.</i> 
 93 | 
 94 | 12. Navigate to the <b>premium Azure Databricks Workspace > Overview</b> and click <b>Launch Workspace</b> button, choose and <b>admin user</b> to login. When Azure Databricks Workspace is displayed, navigate to <b>Compute</b> and then create a cluster to be used by IoTDevices group by setting the Spark Configuration as below. Set the permissions to allow <b>IoTDevicesGroup</b> to attach this cluster. Please remember to replace `<iot-devices-group-service-principal-application-id>`,`<secret name>` and `<Directory-ID>` (your Azure Tenant ID):
 95 | 
 96 | ```
 97 | fs.azure.account.auth.type OAuth
 98 | fs.azure.account.oauth.provider.type org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider
 99 | fs.azure.account.oauth2.client.id <iot-devices-group-service-principal-application-id>
100 | fs.azure.account.oauth2.client.secret {{secrets/iot-group-scope/<secret name>}}
101 | fs.azure.account.oauth2.client.endpoint https://login.microsoftonline.com/<Directory-ID>/oauth2/token
102 | ```
103 | 
104 | <p align="center">
105 |   <img width="850" src="media/pattern_4_step_4.png" />
106 | </p>
107 | 
108 | <p align="center">
109 |   <img width="450" src="media/pattern_4_step_4_a.png" />
110 | </p>
111 | 
112 | 13. Create another cluster to be used by LoanGroup group by setting the Spark Configuration as below. Set the permissions to allow <b>LoanGroup</b> to attach this cluster. Please remember to replace `<loan-group-service-principal-application-id>`,`<secret name>` and `<Directory-ID>` (your Azure Tenant ID)::
113 | 
114 | ```
115 | fs.azure.account.auth.type OAuth
116 | fs.azure.account.oauth.provider.type org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider
117 | fs.azure.account.oauth2.client.id <loan-group-service-principal-application-id>
118 | fs.azure.account.oauth2.client.secret {{secrets/loan-group-scope/<secret name>}}
119 | fs.azure.account.oauth2.client.endpoint https://login.microsoftonline.com/<Directory-ID>/oauth2/token
120 | ```
121 | 
122 | <p align="center">
123 |   <img width="850" src="media/pattern_4_step_5.png" />
124 | </p>
125 | 
126 | <p align="center">
127 |   <img width="450" src="media/pattern_4_step_5_a.png" />
128 | </p>
129 | 
130 | 14. Navigate to the premium Azure Databricks <b>Workspace > Overview</b> on Azure Portal and click <b>Launch Workspace</b> button, choose and <b>TestUser1</b> user to login. When Azure Databricks Workspace is displayed, navigate to <b>Workspace</b>, then upload [pattern4-Cluster-scoped-principals-iot_devices.ipynb](notebooks/testuser1/pattern4-Cluster-scoped-principals-iot_devices.ipynb) notebook to the Databricks Workspace and open the notebook, attach & start the cluster created in step 12 and then run all cells: 
131 | <p align="center">
132 |   <img width="850" src="media/pattern_4_step_6.png" />
133 | </p>
134 | 
135 | <i>RESULT: Files unders /iot_devices folder are readable meanwhile /loans raise an exception due to lack of privileges to access these files on ADLS Gen2. These permissions are limited thanks to the privileges of app registration service principal created for iot_devices on ADLS Gen2 ACLs.</i> 
136 | 
137 | 15. Navigate to the premium Azure Databricks <b>Workspace > Overview</b> on Azure Portal and click <b>Launch Workspace</b> button, choose and <b>TestUser2</b> user to login. When Azure Databricks Workspace is displayed, navigate to <b>Workspace</b>, then upload [pattern4-Cluster-scoped-principals-loans.ipynb](notebooks/testuser2/pattern4-Cluster-scoped-principals-loans.ipynb) notebook to the Databricks Workspace and open the notebook, attach & start the cluster created in step 13 and then run all cells: 
138 | <p align="center">
139 |   <img width="850" src="media/pattern_4_step_7.png" />
140 | </p>
141 | 
142 | <i>RESULT: Files unders /loans folder are readable meanwhile /iot_devices raise an exception due to lack of privileges to access these files on ADLS Gen2. These permissions are limited thanks to the privileges of app registration service principal created for loans on ADLS Gen2 ACLs.</i> 
143 | 
144 | ## License/Terms of Use
145 | 
146 | This is a free white paper released into the public domain.
147 | 
148 | Anyone is free to use or distribute this white paper, for any purpose,
149 | commercial or non-commercial, and by any means.
150 | 
151 | THE WHITE PAPER IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND,
152 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
153 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
154 | 
155 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
156 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
157 | FROM, OUT OF OR IN CONNECTION WITH THE WHITE PAPER.
158 | 
159 | 


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_0.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_0.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_1.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_2.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_3.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_4.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_4_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_4_a.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_5.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_5_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_5_a.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_6.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_4_Cluster_scoped_Service_Principal/media/pattern_4_step_7.png


--------------------------------------------------------------------------------
/tutorials/pattern_4_Cluster_scoped_Service_Principal/notebooks/testuser2/pattern4-Cluster-scoped-principals-loans.ipynb:
--------------------------------------------------------------------------------
1 | {"cells":[{"cell_type":"markdown","source":["# pattern 4- cluster scoped principals - loans\n\nhttps://docs.microsoft.com/en-us/azure/databricks/administration-guide/access-control/cluster-acl#--configure-cluster-level-permissions"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"af7f1460-22a4-4dcc-ab0c-e912712b1e74"}}},{"cell_type":"code","source":["# read data in delta format using direct path\nloansdf = spark.read\\\n  .format(\"delta\")\\\n  .load(\"abfss://test-container@rrdemostorageacc.dfs.core.windows.net/loans\")\n\ndisplay(loansdf)"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"7a20b015-eb2c-4cbe-8fb0-c201e7484c30"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"overflow":true,"datasetInfos":[],"data":[[0,1000,182.22,"CA"],[1,1000,361.19,"WA"],[2,1000,176.26,"TX"],[3,1000,1000.0,"OK"],[4,1000,249.98,"PA"],[5,1000,408.6,"CA"],[6,1000,1000.0,"MD"],[7,1000,168.81,"OH"],[8,1000,193.64,"TX"],[9,1000,218.83,"CT"],[10,1000,322.37,"NJ"],[11,1000,400.61,"NY"],[12,1000,1000.0,"FL"],[13,1000,165.88,"NJ"],[14,1000,190.6,"TX"],[15,1000,1000.0,"OH"],[16,1000,213.72,"MI"],[17,1000,188.89,"MI"],[18,1000,237.41,"CA"],[19,1000,203.85,"CA"],[20,1000,1000.0,"NM"],[21,1000,66.39,"NY"],[22,1000,1000.0,"VA"],[23,1000,381.93,"AL"],[24,1000,147.91,"TX"],[25,1200,1200.0,"WA"],[26,1200,288.19,"CA"],[27,1200,516.99,"NV"],[28,1200,84.45,"NY"],[29,1200,677.96,"IN"],[30,1200,376.91,"OH"],[31,1200,1200.0,"NY"],[32,1200,79.62,"IL"],[33,1200,395.74,"AZ"],[34,1200,357.72,"MO"],[35,1275,1275.0,"MO"],[36,1275,285.26,"ID"],[37,1400,1400.0,"IL"],[38,1400,406.41,"PA"],[39,1400,1400.0,"OR"],[40,1450,575.78,"PA"],[41,1500,778.87,"AL"],[42,1500,328.7,"TX"],[43,1500,267.65,"MI"],[44,1500,112.59,"NY"],[45,1500,1500.0,"MO"],[46,1500,375.03,"TN"],[47,1500,654.03,"NJ"],[48,1500,555.59,"TX"],[49,1500,1500.0,"CA"],[50,1500,1411.83,"IL"],[51,1500,1500.0,"KS"],[52,1500,1057.36,"IN"],[53,1500,786.61,"CA"],[54,1500,99.54,"AL"],[55,1500,235.51,"TX"],[56,1500,821.76,"NY"],[57,1500,1500.0,"IL"],[58,1550,1550.0,"UT"],[59,1600,723.98,"NJ"],[60,1600,528.98,"IL"],[61,1600,526.27,"AL"],[62,1600,74.68,"NH"],[63,1600,767.82,"OH"],[64,1700,303.37,"MO"],[65,1700,1700.0,"AZ"],[66,1800,1800.0,"MO"],[67,1800,890.14,"TX"],[68,1800,653.3,"MS"],[69,1900,1900.0,"TX"],[70,1975,383.32,"TX"],[71,2000,1614.9,"NY"],[72,2000,356.89,"TN"],[73,2000,1052.86,"VA"],[74,2000,149.09,"LA"],[75,2000,99.06,"CA"],[76,2000,1163.66,"PA"],[77,2000,2000.0,"CA"],[78,2000,2000.0,"NJ"],[79,2000,1970.57,"TN"],[80,2000,143.94,"OH"],[81,2000,494.31,"TX"],[82,2000,494.3,"IL"],[83,2000,2000.0,"IN"],[84,2000,142.94,"NY"],[85,2000,1259.27,"TX"],[86,2000,1573.02,"MI"],[87,2000,141.94,"ID"],[88,2000,387.44,"TX"],[89,2000,337.46,"NH"],[90,2000,751.19,"MN"],[91,2000,488.7,"TX"],[92,2000,488.69,"KS"],[93,2000,387.19,"NE"],[94,2000,2000.0,"OK"],[95,2000,437.71,"IN"],[96,2000,855.79,"FL"],[97,2000,801.34,"OK"],[98,2000,2000.0,"MD"],[99,2000,2000.0,"TX"],[100,2000,2000.0,"FL"],[101,2000,2000.0,"NV"],[102,2000,381.19,"CA"],[103,2000,2000.0,"AK"],[104,2000,636.01,"TX"],[105,2000,377.71,"MI"],[106,2000,477.53,"MI"],[107,2000,377.71,"WY"],[108,2000,1006.5,"KY"],[109,2000,1066.88,"CA"],[110,2000,1066.88,"FL"],[111,2000,136.68,"WA"],[112,2000,1235.56,"GA"],[113,2000,938.5,"CA"],[114,2000,770.85,"LA"],[115,2000,2000.0,"FL"],[116,2000,1860.58,"FL"],[117,2000,927.56,"KY"],[118,2000,2000.0,"NY"],[119,2000,128.73,"VA"],[120,2000,2000.0,"CA"],[121,2100,696.95,"ID"],[122,2100,1025.23,"AL"],[123,2100,753.7,"TX"],[124,2200,53.34,"LA"],[125,2200,425.87,"SC"],[126,2200,364.98,"PA"],[127,2200,2200.0,"IL"],[128,2200,1330.82,"TX"],[129,2300,115.19,"LA"],[130,2300,172.63,"TN"],[131,2300,503.58,"CA"],[132,2300,2300.0,"OH"],[133,2300,912.91,"MS"],[134,2375,2375.0,"NC"],[135,2400,553.86,"NY"],[136,2400,599.94,"WI"],[137,2400,2400.0,"PA"],[138,2400,524.09,"NC"],[139,2400,1222.09,"NY"],[140,2400,525.24,"CA"],[141,2400,198.94,"SC"],[142,2400,2400.0,"WI"],[143,2400,1500.51,"VA"],[144,2400,2400.0,"AL"],[145,2400,763.25,"TX"],[146,2400,1284.56,"NY"],[147,2400,453.21,"CA"],[148,2400,2400.0,"NY"],[149,2400,2400.0,"AL"],[150,2400,2400.0,"FL"],[151,2400,1271.64,"ME"],[152,2400,790.18,"FL"],[153,2500,1472.04,"PA"],[154,2500,2500.0,"MS"],[155,2500,638.54,"FL"],[156,2500,870.18,"CA"],[157,2500,2500.0,"VA"],[158,2500,568.52,"VA"],[159,2500,628.51,"NY"],[160,2500,1027.25,"AL"],[161,2500,2091.65,"TX"],[162,2500,1090.3,"NV"],[163,2500,1298.63,"VA"],[164,2500,1219.13,"FL"],[165,2500,872.09,"KY"],[166,2500,421.41,"OH"],[167,2500,1417.8,"MI"],[168,2500,1202.49,"IN"],[169,2500,538.98,"OH"],[170,2500,534.11,"SC"],[171,2500,2500.0,"IN"],[172,2500,453.46,"NY"],[173,2500,2500.0,"MN"],[174,2500,760.49,"VA"],[175,2525,1469.46,"NJ"],[176,2625,1064.43,"VT"],[177,2650,2650.0,"FL"],[178,2650,1352.52,"NY"],[179,2700,192.94,"VA"],[180,2700,2700.0,"IN"],[181,2700,179.12,"LA"],[182,2700,358.17,"AR"],[183,2725,189.65,"NV"],[184,2800,2800.0,"TX"],[185,2800,1629.23,"IN"],[186,2800,540.0,"PA"],[187,2800,1454.54,"KY"],[188,2800,1058.66,"NJ"],[189,2800,1365.41,"NY"],[190,2800,2800.0,"TX"],[191,2800,897.74,"WI"],[192,2800,391.11,"UT"],[193,2800,2800.0,"WI"],[194,2800,123.0,"CA"],[195,2825,303.63,"PA"],[196,2875,1568.71,"WI"],[197,2975,1910.92,"AL"],[198,2975,558.28,"MS"],[199,2975,188.74,"CA"],[200,3000,1875.57,"CA"],[201,3000,1215.9,"TX"],[202,3000,1207.98,"MN"],[203,3000,861.53,"TX"],[204,3000,1192.32,"SC"],[205,3000,1691.84,"CA"],[206,3000,3000.0,"KY"],[207,3000,232.18,"KY"],[208,3000,535.3,"WA"],[209,3000,690.32,"KS"],[210,3000,611.76,"TX"],[211,3000,225.61,"TX"],[212,3000,3000.0,"MI"],[213,3000,688.27,"TX"],[214,3000,723.51,"NJ"],[215,3000,3000.0,"MN"],[216,3000,223.61,"NY"],[217,3000,223.62,"TX"],[218,3000,684.26,"PA"],[219,3000,3000.0,"IL"],[220,3000,1660.37,"AZ"],[221,3000,527.01,"LA"],[222,3000,604.38,"TX"],[223,3000,604.38,"CT"],[224,3000,1573.66,"CA"],[225,3000,2812.87,"CA"],[226,3000,1240.99,"NY"],[227,3000,1397.45,"GA"],[228,3000,3000.0,"LA"],[229,3000,1907.47,"VA"],[230,3000,1734.87,"GA"],[231,3000,1066.87,"MS"],[232,3000,1726.01,"TX"],[233,3000,664.37,"MN"],[234,3000,3000.0,"WI"],[235,3000,3000.0,"OH"],[236,3000,741.05,"SD"],[237,3000,1464.51,"PA"],[238,3000,1053.93,"TX"],[239,3000,3000.0,"TN"],[240,3000,3000.0,"MD"],[241,3000,581.11,"NY"],[242,3000,650.64,"OH"],[243,3000,1045.73,"HI"],[244,3000,1289.44,"CA"],[245,3000,505.71,"RI"],[246,3000,966.85,"MD"],[247,3000,656.5,"PA"],[248,3000,3000.0,"CA"],[249,3000,1046.3,"AZ"],[250,3000,505.71,"AZ"],[251,3000,1623.81,"IN"],[252,3000,1874.04,"NJ"],[253,3000,559.63,"TX"],[254,3000,1283.69,"NE"],[255,3000,2249.47,"IL"],[256,3000,882.07,"NC"],[257,3000,3000.0,"NJ"],[258,3000,1701.17,"MO"],[259,3000,209.15,"MN"],[260,3000,209.15,"TN"],[261,3000,3000.0,"CO"],[262,3000,571.79,"NC"],[263,3000,3000.0,"FL"],[264,3000,953.96,"TX"],[265,3000,2801.21,"PA"],[266,3000,1272.72,"FL"],[267,3000,1689.94,"IL"],[268,3000,2800.23,"FL"],[269,3000,1517.58,"AZ"],[270,3000,3000.0,"CO"],[271,3000,492.9,"KY"],[272,3000,492.9,"TX"],[273,3000,492.9,"CT"],[274,3000,3000.0,"NV"],[275,3000,562.93,"IL"],[276,3000,637.04,"TX"],[277,3000,942.21,"WI"],[278,3000,562.93,"CO"],[279,3000,1175.6,"PA"],[280,3000,629.44,"NY"],[281,3000,1273.89,"NJ"],[282,3000,926.7,"CA"],[283,3000,3000.0,"NH"],[284,3000,1665.48,"WI"],[285,3000,3000.0,"MN"],[286,3000,1316.07,"IL"],[287,3000,470.96,"PA"],[288,3000,1064.1,"NJ"],[289,3000,3000.0,"TX"],[290,3000,1650.62,"MT"],[291,3000,1388.06,"FL"],[292,3000,3000.0,"PA"],[293,3000,1135.42,"NY"],[294,3000,3000.0,"NV"],[295,3000,526.05,"IL"],[296,3000,811.66,"NJ"],[297,3000,1048.57,"CO"],[298,3000,364.07,"OK"],[299,3000,1065.43,"CA"],[300,3000,614.69,"TX"],[301,3025,1267.09,"GA"],[302,3025,773.57,"GA"],[303,3025,516.45,"GA"],[304,3025,214.69,"GA"],[305,3025,1300.11,"GA"],[306,3025,2066.13,"GA"],[307,3025,404.14,"TX"],[308,3025,891.96,"NY"],[309,3025,656.78,"GA"],[310,3025,637.2,"CA"],[311,3050,1007.02,"IL"],[312,3100,3100.0,"IL"],[313,3100,3100.0,"NY"],[314,3125,1053.94,"TN"],[315,3125,198.37,"CA"],[316,3150,645.23,"CA"],[317,3200,644.46,"MI"],[318,3200,3200.0,"NH"],[319,3200,3200.0,"PA"],[320,3200,1296.48,"MD"],[321,3200,460.12,"OH"],[322,3200,460.11,"TX"],[323,3200,763.92,"VA"],[324,3200,3200.0,"AZ"],[325,3200,1673.39,"NV"],[326,3200,172.61,"PA"],[327,3250,1302.32,"VA"],[328,3300,806.26,"TX"],[329,3300,3080.29,"NY"],[330,3350,252.31,"NJ"],[331,3350,1937.32,"AZ"],[332,3400,3400.0,"CA"],[333,3400,2062.45,"OH"],[334,3425,3425.0,"TX"],[335,3450,237.51,"TX"],[336,3500,3500.0,"NY"],[337,3500,1281.06,"WI"],[338,3500,1658.72,"GA"],[339,3500,3500.0,"MD"],[340,3500,3500.0,"NJ"],[341,3500,3500.0,"AL"],[342,3500,3500.0,"CO"],[343,3500,887.44,"PA"],[344,3500,3281.75,"IL"],[345,3500,1248.58,"OR"],[346,3500,3500.0,"CA"],[347,3500,168.43,"NC"],[348,3500,3500.0,"CA"],[349,3500,3500.0,"GA"],[350,3500,1229.56,"OH"],[351,3500,250.12,"IL"],[352,3500,248.21,"AR"],[353,3500,855.07,"CA"],[354,3500,853.31,"CA"],[355,3500,1677.48,"CO"],[356,3500,3500.0,"TX"],[357,3500,1679.58,"FL"],[358,3500,3266.87,"MO"],[359,3500,240.93,"AL"],[360,3500,3500.0,"MO"],[361,3500,291.53,"TX"],[362,3500,240.58,"NV"],[363,3500,1515.0,"TX"],[364,3500,3500.0,"CA"],[365,3500,1466.27,"NY"],[366,3500,1371.49,"NJ"],[367,3550,1952.11,"FL"],[368,3600,1529.58,"KY"],[369,3600,291.55,"FL"],[370,3600,640.38,"NC"],[371,3600,3600.0,"CO"],[372,3600,3600.0,"TN"],[373,3600,259.1,"OH"],[374,3600,917.23,"LA"],[375,3600,787.76,"CA"],[376,3600,3600.0,"MO"],[377,3600,3600.0,"MS"],[378,3600,966.83,"AZ"],[379,3600,1962.77,"FL"],[380,3600,3600.0,"TX"],[381,3600,2245.97,"RI"],[382,3600,776.05,"OH"],[383,3600,1727.7,"WA"],[384,3600,1758.34,"OH"],[385,3600,675.57,"PA"],[386,3600,675.57,"AL"],[387,3600,849.44,"GA"],[388,3600,3600.0,"TX"],[389,3600,1701.56,"NY"],[390,3600,3600.0,"CA"],[391,3600,580.05,"NV"],[392,3600,1018.75,"OK"],[393,3625,1239.53,"GA"],[394,3650,1504.95,"CA"],[395,3700,1817.82,"MD"],[396,3750,3750.0,"MN"],[397,3750,1953.35,"NY"],[398,3750,229.41,"IL"],[399,3775,1561.18,"NV"],[400,3800,1500.4,"NY"],[401,3800,2109.52,"OR"],[402,3800,3800.0,"CO"],[403,3800,1960.28,"TX"],[404,3825,3825.0,"VA"],[405,3850,967.97,"KS"],[406,3900,3900.0,"FL"],[407,3925,1604.31,"LA"],[408,4000,2436.76,"CT"],[409,4000,2442.62,"TX"],[410,4000,610.36,"FL"],[411,4000,819.0,"KY"],[412,4000,2580.85,"IL"],[413,4000,1451.57,"MS"],[414,4000,1341.04,"WA"],[415,4000,1771.82,"WI"],[416,4000,4000.0,"MI"],[417,4000,4000.0,"NJ"],[418,4000,818.5,"MN"],[419,4000,805.75,"IL"],[420,4000,1322.31,"IN"],[421,4000,1753.04,"IL"],[422,4000,1426.99,"AR"],[423,4000,1426.99,"CA"],[424,4000,4000.0,"CA"],[425,4000,4000.0,"GA"],[426,4000,1974.46,"NJ"],[427,4000,2199.4,"OH"],[428,4000,999.94,"NY"],[429,4000,1417.61,"TX"],[430,4000,1634.95,"WY"],[431,4000,287.6,"AL"],[432,4000,988.6,"CA"],[433,4000,1580.95,"WA"],[434,4000,1302.35,"OH"],[435,4000,2286.99,"NY"],[436,4000,2517.95,"CA"],[437,4000,880.53,"CA"],[438,4000,1018.67,"NJ"],[439,4000,775.26,"FL"],[440,4000,774.74,"TX"],[441,4000,4000.0,"OH"],[442,4000,875.78,"NJ"],[443,4000,771.36,"NY"],[444,4000,1289.08,"TX"],[445,4000,1289.08,"NY"],[446,4000,1289.08,"NJ"],[447,4000,2279.34,"GA"],[448,4000,2279.34,"TX"],[449,4000,4000.0,"CA"],[450,4000,4000.0,"NY"],[451,4000,4000.0,"IN"],[452,4000,663.53,"CO"],[453,4000,4000.0,"OR"],[454,4000,4000.0,"TX"],[455,4000,1588.38,"NY"],[456,4000,4000.0,"NC"],[457,4000,2253.42,"FL"],[458,4000,1264.72,"VA"],[459,4000,3733.92,"OH"],[460,4000,1911.28,"GA"],[461,4000,657.18,"NC"],[462,4000,2864.13,"WI"],[463,4000,1687.27,"IL"],[464,4000,1365.43,"MI"],[465,4000,4000.0,"PA"],[466,4000,750.22,"GA"],[467,4000,2129.08,"CA"],[468,4000,1567.24,"NM"],[469,4000,943.86,"IL"],[470,4000,4000.0,"NC"],[471,4000,4000.0,"NE"],[472,4000,2924.04,"NJ"],[473,4000,4000.0,"TN"],[474,4000,269.13,"GA"],[475,4000,1448.55,"HI"],[476,4000,4000.0,"TN"],[477,4000,3725.68,"FL"],[478,4000,2220.47,"CA"],[479,4000,4000.0,"NJ"],[480,4000,1336.63,"NY"],[481,4000,731.6,"FL"],[482,4000,1649.35,"TX"],[483,4000,4000.0,"PA"],[484,4000,1320.58,"OR"],[485,4000,4000.0,"LA"],[486,4000,4000.0,"CT"],[487,4000,4000.0,"WV"],[488,4000,2188.15,"TX"],[489,4000,1204.71,"MI"],[490,4000,1408.18,"FL"],[491,4000,895.0,"OH"],[492,4000,1503.47,"AK"],[493,4000,1610.58,"NY"],[494,4000,507.64,"FL"],[495,4000,2195.32,"NY"],[496,4050,1531.34,"MO"],[497,4050,1392.3,"TX"],[498,4150,849.64,"OH"],[499,4150,288.83,"FL"],[500,4200,1100.48,"MA"],[501,4200,1784.51,"NJ"],[502,4200,4200.0,"CA"],[503,4200,1642.89,"FL"],[504,4200,2210.61,"TX"],[505,4200,1852.53,"MA"],[506,4200,2068.7,"NY"],[507,4200,2428.92,"NE"],[508,4200,1367.47,"CA"],[509,4200,708.38,"CO"],[510,4200,1682.97,"FL"],[511,4200,4200.0,"CA"],[512,4200,1016.05,"FL"],[513,4200,2121.16,"WA"],[514,4200,2601.53,"PA"],[515,4225,853.74,"IN"],[516,4250,1633.9,"NY"],[517,4300,1704.48,"WI"],[518,4375,4375.0,"TN"],[519,4400,4400.0,"NH"],[520,4450,820.26,"AR"],[521,4450,1699.49,"CA"],[522,4450,1625.34,"GA"],[523,4475,1623.23,"VT"],[524,4475,1785.86,"RI"],[525,4500,1946.02,"AZ"],[526,4500,4500.0,"TX"],[527,4500,339.06,"OH"],[528,4500,4500.0,"MN"],[529,4500,1580.82,"CA"],[530,4500,4500.0,"OH"],[531,4500,522.12,"MO"],[532,4500,2208.2,"CA"],[533,4500,2336.35,"NC"],[534,4500,4500.0,"AL"],[535,4500,1304.97,"TN"],[536,4525,1054.09,"OH"],[537,4550,880.72,"MS"],[538,4550,1972.49,"TX"],[539,4550,985.29,"NE"],[540,4575,1521.23,"MO"],[541,4675,2577.73,"KY"],[542,4675,2539.53,"OH"],[543,4700,1279.09,"TX"],[544,4725,2386.11,"CA"],[545,4750,2020.38,"MI"],[546,4750,1952.18,"AL"],[547,4800,4800.0,"NJ"],[548,4800,2962.43,"DC"],[549,4800,889.53,"MO"],[550,4800,874.52,"CA"],[551,4800,3952.49,"CO"],[552,4800,1907.7,"CA"],[553,4800,371.49,"SC"],[554,4800,2039.44,"OH"],[555,4800,362.4,"OH"],[556,4800,2399.26,"RI"],[557,4800,2797.95,"IL"],[558,4800,964.92,"NY"],[559,4800,966.93,"IL"],[560,4800,1091.56,"MA"],[561,4800,4800.0,"MA"],[562,4800,2117.19,"NY"],[563,4800,1961.94,"TX"],[564,4800,227.65,"NC"],[565,4800,3038.23,"IL"],[566,4800,1174.08,"AL"],[567,4800,1546.93,"AZ"],[568,4800,809.12,"TX"],[569,4800,2735.11,"MD"],[570,4800,2873.64,"MI"],[571,4800,2721.97,"TX"],[572,4800,2443.23,"GA"],[573,4800,334.63,"FL"],[574,4800,4800.0,"TX"],[575,4800,900.67,"NV"],[576,4800,1625.57,"FL"],[577,4800,658.8,"TX"],[578,4800,213.97,"MD"],[579,4800,2251.77,"MO"],[580,4800,4800.0,"UT"],[581,4825,2405.54,"MI"],[582,4825,1422.59,"CA"],[583,4900,2002.89,"NJ"],[584,4925,2627.0,"NJ"],[585,4925,1162.06,"TX"],[586,4950,958.17,"OH"],[587,4975,325.3,"AZ"],[588,4975,1869.83,"CA"],[589,5000,2003.58,"CA"],[590,5000,1137.04,"NC"],[591,5000,1140.09,"FL"],[592,5000,5000.0,"TX"],[593,5000,386.95,"CA"],[594,5000,2819.66,"NM"],[595,5000,1043.39,"TX"],[596,5000,5000.0,"CA"],[597,5000,2262.19,"CA"],[598,5000,5000.0,"CA"],[599,5000,5000.0,"NY"],[600,5000,2517.94,"NH"],[601,5000,2517.94,"MA"],[602,5000,2103.01,"CO"],[603,5000,5000.0,"FL"],[604,5000,2094.18,"GA"],[605,5000,892.19,"VA"],[606,5000,1022.55,"FL"],[607,5000,3515.81,"MO"],[608,5000,250.41,"CA"],[609,5000,889.38,"PA"],[610,5000,889.38,"FL"],[611,5000,5000.0,"IL"],[612,5000,5000.0,"AZ"],[613,5000,3471.91,"NY"],[614,5000,3033.67,"TX"],[615,5000,2925.85,"NY"],[616,5000,2925.85,"WV"],[617,5000,1814.35,"CA"],[618,5000,1814.35,"IL"],[619,5000,1814.35,"CA"],[620,5000,1814.35,"CA"],[621,5000,1147.06,"NY"],[622,5000,5000.0,"NE"],[623,5000,5000.0,"GA"],[624,5000,5000.0,"DE"],[625,5000,2914.11,"TN"],[626,5000,2077.42,"OK"],[627,5000,1669.45,"NV"],[628,5000,5000.0,"CT"],[629,5000,2909.17,"FL"],[630,5000,2909.17,"TX"],[631,5000,1400.26,"SC"],[632,5000,2767.29,"FL"],[633,5000,5000.0,"WA"],[634,5000,1231.62,"PA"],[635,5000,878.27,"WA"],[636,5000,5000.0,"CA"],[637,5000,1797.09,"NY"],[638,5000,1797.09,"TX"],[639,5000,2068.43,"TX"],[640,5000,2480.7,"CO"],[641,5000,5000.0,"CA"],[642,5000,1652.78,"FL"],[643,5000,1804.16,"NE"],[644,5000,1257.01,"NY"],[645,5000,1652.78,"OH"],[646,5000,2054.5,"MA"],[647,5000,5000.0,"AZ"],[648,5000,2054.5,"IN"],[649,5000,2191.12,"WA"],[650,5000,2054.5,"MI"],[651,5000,2054.5,"NY"],[652,5000,1783.81,"FL"],[653,5000,2468.08,"MA"],[654,5000,5000.0,"CA"],[655,5000,3068.64,"FL"],[656,5000,2749.25,"NY"],[657,5000,3177.23,"OH"],[658,5000,3428.76,"IL"],[659,5000,5000.0,"FL"],[660,5000,1644.51,"LA"],[661,5000,3648.47,"NY"],[662,5000,1778.12,"KY"],[663,5000,5000.0,"AZ"],[664,5000,1644.51,"IN"],[665,5000,2043.68,"MI"],[666,5000,2062.67,"NY"],[667,5000,1773.09,"NY"],[668,5000,2180.41,"IN"],[669,5000,2180.26,"CA"],[670,5000,2180.41,"NH"],[671,5000,2597.26,"SC"],[672,5000,2597.26,"OH"],[673,5000,2943.48,"IL"],[674,5000,1372.84,"FL"],[675,5000,2734.31,"KY"],[676,5000,239.81,"LA"],[677,5000,359.85,"WI"],[678,5000,359.85,"MO"],[679,5000,481.39,"OK"],[680,5000,5000.0,"CA"],[681,5000,5000.0,"MD"],[682,5000,359.47,"OH"],[683,5000,979.85,"FL"],[684,5000,1967.9,"NC"],[685,5000,5000.0,"NV"],[686,5000,1627.8,"CO"],[687,5000,5000.0,"WA"],[688,5000,2025.76,"PA"],[689,5000,2025.76,"CT"],[690,5000,1756.45,"WA"],[691,5000,2438.26,"NY"],[692,5000,2438.26,"OH"],[693,5000,357.32,"TX"],[694,5000,4677.11,"MI"],[695,5000,3148.05,"VA"],[696,5000,2858.61,"VA"],[697,5000,1751.91,"NM"],[698,5000,1619.52,"WI"],[699,5000,1751.27,"FL"],[700,5000,3282.44,"CA"],[701,5000,1228.57,"IN"],[702,5000,5000.0,"CA"],[703,5000,5000.0,"NC"],[704,5000,843.86,"MD"],[705,5000,843.86,"CA"],[706,5000,5000.0,"MD"],[707,5000,1222.95,"NY"],[708,5000,969.03,"MN"],[709,5000,843.33,"CA"],[710,5000,843.33,"IN"],[711,5000,5000.0,"PA"],[712,5000,843.33,"NY"],[713,5000,1094.75,"MI"],[714,5000,843.33,"IN"],[715,5000,968.44,"PA"],[716,5000,2012.69,"NV"],[717,5000,5000.0,"AZ"],[718,5000,719.1,"MI"],[719,5000,2012.69,"TX"],[720,5000,5000.0,"CA"],[721,5000,1744.04,"NE"],[722,5000,1221.74,"NC"],[723,5000,474.71,"TX"],[724,5000,842.41,"MI"],[725,5000,967.85,"WY"],[726,5000,967.85,"GA"],[727,5000,5000.0,"LA"],[728,5000,1180.77,"MD"],[729,5000,718.93,"CA"],[730,5000,1094.1,"IL"],[731,5000,967.86,"NY"],[732,5000,842.81,"NY"],[733,5000,842.8,"NJ"],[734,5000,5000.0,"WI"],[735,5000,2706.19,"NV"],[736,5000,1872.56,"IL"],[737,5000,4674.41,"NY"],[738,5000,5000.0,"CA"],[739,5000,2415.79,"TX"],[740,5000,5000.0,"IL"],[741,5000,2003.37,"MD"],[742,5000,2003.37,"IL"],[743,5000,1210.36,"NY"],[744,5000,5000.0,"NY"],[745,5000,2692.22,"IL"],[746,5000,2834.25,"PA"],[747,5000,2835.36,"GA"],[748,5000,2835.36,"PA"],[749,5000,5000.0,"WI"],[750,5000,5000.0,"NY"],[751,5000,3408.03,"FL"],[752,5000,231.16,"CA"],[753,5000,5000.0,"NJ"],[754,5000,3119.24,"VA"],[755,5000,2684.95,"NV"],[756,5000,1204.08,"PA"],[757,5000,5000.0,"NY"],[758,5000,1204.07,"CA"],[759,5000,829.41,"FL"],[760,5000,952.98,"NJ"],[761,5000,829.41,"IN"],[762,5000,465.43,"NY"],[763,5000,1721.61,"PA"],[764,5000,585.42,"CA"],[765,5000,1589.98,"AZ"],[766,5000,1589.98,"CA"],[767,5000,5000.0,"CO"],[768,5000,1985.05,"GA"],[769,5000,2121.29,"LA"],[770,5000,1746.82,"TX"],[771,5000,5000.0,"FL"],[772,5000,2676.01,"DC"],[773,5000,2534.18,"NY"],[774,5000,2816.65,"VA"],[775,5000,3108.3,"CA"],[776,5000,2673.01,"TN"],[777,5000,3406.19,"CA"],[778,5000,1193.66,"NC"],[779,5000,944.14,"CA"],[780,5000,5000.0,"WA"],[781,5000,944.14,"FL"],[782,5000,1578.57,"NJ"],[783,5000,700.13,"WI"],[784,5000,344.2,"WA"],[785,5000,2108.09,"NV"],[786,5000,5000.0,"MS"],[787,5000,2108.9,"CA"],[788,5000,2666.97,"HI"],[789,5000,5000.0,"NY"],[790,5000,2384.78,"OH"],[791,5000,5000.0,"VA"],[792,5000,1186.72,"NJ"],[793,5000,1186.72,"AK"],[794,5000,5000.0,"PA"],[795,5000,1568.22,"NY"],[796,5000,816.15,"NJ"],[797,5000,816.15,"NY"],[798,5000,1890.65,"MD"],[799,5000,3097.08,"TN"],[800,5000,5000.0,"CT"],[801,5000,1956.57,"TX"],[802,5000,5000.0,"SC"],[803,5000,4496.36,"NY"],[804,5000,1552.32,"TX"],[805,5000,805.65,"NY"],[806,5000,686.23,"GA"],[807,5000,336.41,"NY"],[808,5000,1943.68,"MO"],[809,5000,1944.13,"CA"],[810,5000,1944.12,"CA"],[811,5000,1544.45,"WA"],[812,5000,1544.45,"FL"],[813,5000,5000.0,"WI"],[814,5000,795.24,"NC"],[815,5000,1159.28,"OR"],[816,5000,1786.24,"NY"],[817,5000,5000.0,"NM"],[818,5000,1650.88,"CA"],[819,5000,5000.0,"NM"],[820,5000,213.58,"CA"],[821,5000,5000.0,"OH"],[822,5000,2026.3,"TX"],[823,5000,1877.86,"CA"],[824,5000,754.43,"NY"],[825,5000,5000.0,"CA"],[826,5000,287.7,"CA"],[827,5050,1822.02,"FL"],[828,5050,1761.5,"FL"],[829,5050,1088.66,"GA"],[830,5100,1998.39,"NY"],[831,5100,3238.26,"NY"],[832,5100,833.81,"IL"],[833,5125,380.54,"WI"],[834,5125,5125.0,"GA"],[835,5200,4872.59,"CT"],[836,5200,4867.83,"CT"],[837,5200,1137.92,"CA"],[838,5200,3244.04,"MI"],[839,5200,5200.0,"FL"],[840,5200,109.57,"AL"],[841,5275,2473.35,"CA"],[842,5275,1726.48,"AR"],[843,5300,1246.97,"NC"],[844,5300,400.6,"TX"],[845,5300,853.23,"OH"],[846,5325,1064.02,"NJ"],[847,5350,5350.0,"MD"],[848,5375,1141.34,"OK"],[849,5375,971.18,"WA"],[850,5375,201.62,"WI"],[851,5400,3197.27,"VA"],[852,5400,1821.23,"TN"],[853,5400,5400.0,"NJ"],[854,5400,383.23,"NC"],[855,5400,910.23,"CA"],[856,5400,639.58,"MD"],[857,5400,2551.69,"IL"],[858,5425,2217.67,"TX"],[859,5450,3505.54,"IL"],[860,5450,2015.06,"IL"],[861,5500,2464.58,"VA"],[862,5500,2056.83,"NC"],[863,5500,2488.45,"VA"],[864,5500,5500.0,"NV"],[865,5500,3062.49,"PA"],[866,5500,2740.67,"IL"],[867,5500,5500.0,"NY"],[868,5500,1351.46,"NJ"],[869,5500,1772.5,"OH"],[870,5500,2333.51,"DE"],[871,5500,5500.0,"TX"],[872,5500,2940.62,"AR"],[873,5500,3418.5,"NC"],[874,5500,1839.18,"AR"],[875,5525,5525.0,"SD"],[876,5550,2268.61,"NY"],[877,5575,348.61,"CA"],[878,5600,5600.0,"VA"],[879,5600,2300.94,"OH"],[880,5600,1997.79,"CA"],[881,5600,2764.1,"IL"],[882,5600,5600.0,"MN"],[883,5600,1986.34,"NE"],[884,5600,5600.0,"MD"],[885,5600,5600.0,"HI"],[886,5600,1961.29,"MN"],[887,5600,5600.0,"OH"],[888,5600,928.93,"NY"],[889,5600,928.93,"MN"],[890,5600,5600.0,"WA"],[891,5600,1862.16,"NY"],[892,5600,5212.88,"MD"],[893,5600,5600.0,"VA"],[894,5600,2094.18,"NY"],[895,5625,1055.48,"TN"],[896,5700,1262.21,"NY"],[897,5700,5700.0,"GA"],[898,5700,2350.24,"NY"],[899,5700,1653.81,"WI"],[900,5750,3325.17,"MN"],[901,5825,769.02,"GA"],[902,5825,1877.16,"TX"],[903,5825,5428.77,"OH"],[904,5825,1177.99,"CO"],[905,5850,2807.36,"MN"],[906,5925,2613.06,"NJ"],[907,5925,1319.57,"PA"],[908,5950,2172.28,"PA"],[909,6000,2503.88,"OH"],[910,6000,2452.77,"SC"],[911,6000,2252.11,"VA"],[912,6000,1111.87,"CA"],[913,6000,6000.0,"FL"],[914,6000,1183.8,"NY"],[915,6000,2234.24,"IL"],[916,6000,1023.4,"SC"],[917,6000,1252.02,"SC"],[918,6000,2549.14,"CA"],[919,6000,1252.02,"MI"],[920,6000,6000.0,"OR"],[921,6000,2549.14,"CO"],[922,6000,2549.14,"TX"],[923,6000,2549.14,"CA"],[924,6000,2549.13,"OH"],[925,6000,6000.0,"VA"],[926,6000,5637.76,"CA"],[927,6000,3532.84,"IL"],[928,6000,4961.58,"NY"],[929,6000,2523.52,"CO"],[930,6000,2688.58,"IL"],[931,6000,3570.23,"CA"],[932,6000,6000.0,"TX"],[933,6000,1070.59,"NY"],[934,6000,3010.27,"TX"],[935,6000,6000.0,"CA"],[936,6000,1067.27,"CA"],[937,6000,1538.61,"CT"],[938,6000,2506.68,"IL"],[939,6000,6000.0,"OH"],[940,6000,2173.8,"NY"],[941,6000,2177.28,"VA"],[942,6000,2503.88,"LA"],[943,6000,2177.28,"MI"],[944,6000,2668.69,"AZ"],[945,6000,1219.68,"WA"],[946,6000,1376.44,"NY"],[947,6000,1532.52,"MI"],[948,6000,904.37,"OH"],[949,6000,3840.98,"NJ"],[950,6000,3840.98,"MA"],[951,6000,2657.63,"GA"],[952,6000,2989.66,"FL"],[953,6000,447.23,"PA"],[954,6000,3259.17,"GA"],[955,6000,2003.45,"NY"],[956,6000,2164.84,"TX"],[957,6000,447.12,"PA"],[958,6000,6000.0,"NJ"],[959,6000,447.11,"MN"],[960,6000,1208.67,"AZ"],[961,6000,1364.46,"FL"],[962,6000,6000.0,"AR"],[963,6000,1515.27,"WA"],[964,6000,2201.19,"NV"],[965,6000,2629.57,"NJ"],[966,6000,2629.57,"CA"],[967,6000,2465.3,"IL"],[968,6000,2465.3,"OR"],[969,6000,2465.3,"NJ"],[970,6000,2629.57,"KY"],[971,6000,3450.57,"NY"],[972,6000,2961.69,"NY"],[973,6000,3299.1,"MI"],[974,6000,3299.1,"CA"],[975,6000,3814.95,"OR"],[976,6000,2031.1,"NJ"],[977,6000,2616.49,"NY"],[978,6000,2128.22,"CA"],[979,6000,2947.74,"CA"],[980,6000,2947.74,"NY"],[981,6000,3111.55,"CA"],[982,6000,6000.0,"FL"],[983,6000,1322.03,"NY"],[984,6000,1482.8,"MT"],[985,6000,2594.63,"FL"],[986,6000,2107.71,"NY"],[987,6000,428.76,"CA"],[988,6000,1943.5,"FL"],[989,6000,6000.0,"IL"],[990,6000,1012.67,"NY"],[991,6000,1314.53,"UT"],[992,6000,1162.15,"DE"],[993,6000,1466.73,"OH"],[994,6000,1012.01,"CA"],[995,6000,1012.01,"AZ"],[996,6000,1466.73,"AZ"],[997,6000,2414.39,"CA"],[998,6000,2578.88,"OK"],[999,6000,2415.37,"FL"]],"plotOptions":{"displayType":"table","customPlotOptions":{},"pivotColumns":null,"pivotAggregation":null,"xColumns":null,"yColumns":null},"columnCustomDisplayInfos":{},"aggType":"","isJsonSchema":true,"removedWidgets":[],"aggSchema":[],"schema":[{"name":"loan_id","type":"\"long\"","metadata":"{}"},{"name":"funded_amnt","type":"\"integer\"","metadata":"{}"},{"name":"paid_amnt","type":"\"double\"","metadata":"{}"},{"name":"addr_state","type":"\"string\"","metadata":"{}"}],"aggError":"","aggData":[],"addedWidgets":{},"metadata":{},"dbfsResultPath":null,"type":"table","aggOverflow":false,"aggSeriesLimitReached":false,"arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .table-result-container {\n    max-height: 300px;\n    overflow: auto;\n  }\n  table, th, td {\n    border: 1px solid black;\n    border-collapse: collapse;\n  }\n  th, td {\n    padding: 5px;\n  }\n  th {\n    text-align: left;\n  }\n</style><div class='table-result-container'><table class='table-result'><thead style='background-color: white'><tr><th>loan_id</th><th>funded_amnt</th><th>paid_amnt</th><th>addr_state</th></tr></thead><tbody><tr><td>0</td><td>1000</td><td>182.22</td><td>CA</td></tr><tr><td>1</td><td>1000</td><td>361.19</td><td>WA</td></tr><tr><td>2</td><td>1000</td><td>176.26</td><td>TX</td></tr><tr><td>3</td><td>1000</td><td>1000.0</td><td>OK</td></tr><tr><td>4</td><td>1000</td><td>249.98</td><td>PA</td></tr><tr><td>5</td><td>1000</td><td>408.6</td><td>CA</td></tr><tr><td>6</td><td>1000</td><td>1000.0</td><td>MD</td></tr><tr><td>7</td><td>1000</td><td>168.81</td><td>OH</td></tr><tr><td>8</td><td>1000</td><td>193.64</td><td>TX</td></tr><tr><td>9</td><td>1000</td><td>218.83</td><td>CT</td></tr><tr><td>10</td><td>1000</td><td>322.37</td><td>NJ</td></tr><tr><td>11</td><td>1000</td><td>400.61</td><td>NY</td></tr><tr><td>12</td><td>1000</td><td>1000.0</td><td>FL</td></tr><tr><td>13</td><td>1000</td><td>165.88</td><td>NJ</td></tr><tr><td>14</td><td>1000</td><td>190.6</td><td>TX</td></tr><tr><td>15</td><td>1000</td><td>1000.0</td><td>OH</td></tr><tr><td>16</td><td>1000</td><td>213.72</td><td>MI</td></tr><tr><td>17</td><td>1000</td><td>188.89</td><td>MI</td></tr><tr><td>18</td><td>1000</td><td>237.41</td><td>CA</td></tr><tr><td>19</td><td>1000</td><td>203.85</td><td>CA</td></tr><tr><td>20</td><td>1000</td><td>1000.0</td><td>NM</td></tr><tr><td>21</td><td>1000</td><td>66.39</td><td>NY</td></tr><tr><td>22</td><td>1000</td><td>1000.0</td><td>VA</td></tr><tr><td>23</td><td>1000</td><td>381.93</td><td>AL</td></tr><tr><td>24</td><td>1000</td><td>147.91</td><td>TX</td></tr><tr><td>25</td><td>1200</td><td>1200.0</td><td>WA</td></tr><tr><td>26</td><td>1200</td><td>288.19</td><td>CA</td></tr><tr><td>27</td><td>1200</td><td>516.99</td><td>NV</td></tr><tr><td>28</td><td>1200</td><td>84.45</td><td>NY</td></tr><tr><td>29</td><td>1200</td><td>677.96</td><td>IN</td></tr><tr><td>30</td><td>1200</td><td>376.91</td><td>OH</td></tr><tr><td>31</td><td>1200</td><td>1200.0</td><td>NY</td></tr><tr><td>32</td><td>1200</td><td>79.62</td><td>IL</td></tr><tr><td>33</td><td>1200</td><td>395.74</td><td>AZ</td></tr><tr><td>34</td><td>1200</td><td>357.72</td><td>MO</td></tr><tr><td>35</td><td>1275</td><td>1275.0</td><td>MO</td></tr><tr><td>36</td><td>1275</td><td>285.26</td><td>ID</td></tr><tr><td>37</td><td>1400</td><td>1400.0</td><td>IL</td></tr><tr><td>38</td><td>1400</td><td>406.41</td><td>PA</td></tr><tr><td>39</td><td>1400</td><td>1400.0</td><td>OR</td></tr><tr><td>40</td><td>1450</td><td>575.78</td><td>PA</td></tr><tr><td>41</td><td>1500</td><td>778.87</td><td>AL</td></tr><tr><td>42</td><td>1500</td><td>328.7</td><td>TX</td></tr><tr><td>43</td><td>1500</td><td>267.65</td><td>MI</td></tr><tr><td>44</td><td>1500</td><td>112.59</td><td>NY</td></tr><tr><td>45</td><td>1500</td><td>1500.0</td><td>MO</td></tr><tr><td>46</td><td>1500</td><td>375.03</td><td>TN</td></tr><tr><td>47</td><td>1500</td><td>654.03</td><td>NJ</td></tr><tr><td>48</td><td>1500</td><td>555.59</td><td>TX</td></tr><tr><td>49</td><td>1500</td><td>1500.0</td><td>CA</td></tr><tr><td>50</td><td>1500</td><td>1411.83</td><td>IL</td></tr><tr><td>51</td><td>1500</td><td>1500.0</td><td>KS</td></tr><tr><td>52</td><td>1500</td><td>1057.36</td><td>IN</td></tr><tr><td>53</td><td>1500</td><td>786.61</td><td>CA</td></tr><tr><td>54</td><td>1500</td><td>99.54</td><td>AL</td></tr><tr><td>55</td><td>1500</td><td>235.51</td><td>TX</td></tr><tr><td>56</td><td>1500</td><td>821.76</td><td>NY</td></tr><tr><td>57</td><td>1500</td><td>1500.0</td><td>IL</td></tr><tr><td>58</td><td>1550</td><td>1550.0</td><td>UT</td></tr><tr><td>59</td><td>1600</td><td>723.98</td><td>NJ</td></tr><tr><td>60</td><td>1600</td><td>528.98</td><td>IL</td></tr><tr><td>61</td><td>1600</td><td>526.27</td><td>AL</td></tr><tr><td>62</td><td>1600</td><td>74.68</td><td>NH</td></tr><tr><td>63</td><td>1600</td><td>767.82</td><td>OH</td></tr><tr><td>64</td><td>1700</td><td>303.37</td><td>MO</td></tr><tr><td>65</td><td>1700</td><td>1700.0</td><td>AZ</td></tr><tr><td>66</td><td>1800</td><td>1800.0</td><td>MO</td></tr><tr><td>67</td><td>1800</td><td>890.14</td><td>TX</td></tr><tr><td>68</td><td>1800</td><td>653.3</td><td>MS</td></tr><tr><td>69</td><td>1900</td><td>1900.0</td><td>TX</td></tr><tr><td>70</td><td>1975</td><td>383.32</td><td>TX</td></tr><tr><td>71</td><td>2000</td><td>1614.9</td><td>NY</td></tr><tr><td>72</td><td>2000</td><td>356.89</td><td>TN</td></tr><tr><td>73</td><td>2000</td><td>1052.86</td><td>VA</td></tr><tr><td>74</td><td>2000</td><td>149.09</td><td>LA</td></tr><tr><td>75</td><td>2000</td><td>99.06</td><td>CA</td></tr><tr><td>76</td><td>2000</td><td>1163.66</td><td>PA</td></tr><tr><td>77</td><td>2000</td><td>2000.0</td><td>CA</td></tr><tr><td>78</td><td>2000</td><td>2000.0</td><td>NJ</td></tr><tr><td>79</td><td>2000</td><td>1970.57</td><td>TN</td></tr><tr><td>80</td><td>2000</td><td>143.94</td><td>OH</td></tr><tr><td>81</td><td>2000</td><td>494.31</td><td>TX</td></tr><tr><td>82</td><td>2000</td><td>494.3</td><td>IL</td></tr><tr><td>83</td><td>2000</td><td>2000.0</td><td>IN</td></tr><tr><td>84</td><td>2000</td><td>142.94</td><td>NY</td></tr><tr><td>85</td><td>2000</td><td>1259.27</td><td>TX</td></tr><tr><td>86</td><td>2000</td><td>1573.02</td><td>MI</td></tr><tr><td>87</td><td>2000</td><td>141.94</td><td>ID</td></tr><tr><td>88</td><td>2000</td><td>387.44</td><td>TX</td></tr><tr><td>89</td><td>2000</td><td>337.46</td><td>NH</td></tr><tr><td>90</td><td>2000</td><td>751.19</td><td>MN</td></tr><tr><td>91</td><td>2000</td><td>488.7</td><td>TX</td></tr><tr><td>92</td><td>2000</td><td>488.69</td><td>KS</td></tr><tr><td>93</td><td>2000</td><td>387.19</td><td>NE</td></tr><tr><td>94</td><td>2000</td><td>2000.0</td><td>OK</td></tr><tr><td>95</td><td>2000</td><td>437.71</td><td>IN</td></tr><tr><td>96</td><td>2000</td><td>855.79</td><td>FL</td></tr><tr><td>97</td><td>2000</td><td>801.34</td><td>OK</td></tr><tr><td>98</td><td>2000</td><td>2000.0</td><td>MD</td></tr><tr><td>99</td><td>2000</td><td>2000.0</td><td>TX</td></tr><tr><td>100</td><td>2000</td><td>2000.0</td><td>FL</td></tr><tr><td>101</td><td>2000</td><td>2000.0</td><td>NV</td></tr><tr><td>102</td><td>2000</td><td>381.19</td><td>CA</td></tr><tr><td>103</td><td>2000</td><td>2000.0</td><td>AK</td></tr><tr><td>104</td><td>2000</td><td>636.01</td><td>TX</td></tr><tr><td>105</td><td>2000</td><td>377.71</td><td>MI</td></tr><tr><td>106</td><td>2000</td><td>477.53</td><td>MI</td></tr><tr><td>107</td><td>2000</td><td>377.71</td><td>WY</td></tr><tr><td>108</td><td>2000</td><td>1006.5</td><td>KY</td></tr><tr><td>109</td><td>2000</td><td>1066.88</td><td>CA</td></tr><tr><td>110</td><td>2000</td><td>1066.88</td><td>FL</td></tr><tr><td>111</td><td>2000</td><td>136.68</td><td>WA</td></tr><tr><td>112</td><td>2000</td><td>1235.56</td><td>GA</td></tr><tr><td>113</td><td>2000</td><td>938.5</td><td>CA</td></tr><tr><td>114</td><td>2000</td><td>770.85</td><td>LA</td></tr><tr><td>115</td><td>2000</td><td>2000.0</td><td>FL</td></tr><tr><td>116</td><td>2000</td><td>1860.58</td><td>FL</td></tr><tr><td>117</td><td>2000</td><td>927.56</td><td>KY</td></tr><tr><td>118</td><td>2000</td><td>2000.0</td><td>NY</td></tr><tr><td>119</td><td>2000</td><td>128.73</td><td>VA</td></tr><tr><td>120</td><td>2000</td><td>2000.0</td><td>CA</td></tr><tr><td>121</td><td>2100</td><td>696.95</td><td>ID</td></tr><tr><td>122</td><td>2100</td><td>1025.23</td><td>AL</td></tr><tr><td>123</td><td>2100</td><td>753.7</td><td>TX</td></tr><tr><td>124</td><td>2200</td><td>53.34</td><td>LA</td></tr><tr><td>125</td><td>2200</td><td>425.87</td><td>SC</td></tr><tr><td>126</td><td>2200</td><td>364.98</td><td>PA</td></tr><tr><td>127</td><td>2200</td><td>2200.0</td><td>IL</td></tr><tr><td>128</td><td>2200</td><td>1330.82</td><td>TX</td></tr><tr><td>129</td><td>2300</td><td>115.19</td><td>LA</td></tr><tr><td>130</td><td>2300</td><td>172.63</td><td>TN</td></tr><tr><td>131</td><td>2300</td><td>503.58</td><td>CA</td></tr><tr><td>132</td><td>2300</td><td>2300.0</td><td>OH</td></tr><tr><td>133</td><td>2300</td><td>912.91</td><td>MS</td></tr><tr><td>134</td><td>2375</td><td>2375.0</td><td>NC</td></tr><tr><td>135</td><td>2400</td><td>553.86</td><td>NY</td></tr><tr><td>136</td><td>2400</td><td>599.94</td><td>WI</td></tr><tr><td>137</td><td>2400</td><td>2400.0</td><td>PA</td></tr><tr><td>138</td><td>2400</td><td>524.09</td><td>NC</td></tr><tr><td>139</td><td>2400</td><td>1222.09</td><td>NY</td></tr><tr><td>140</td><td>2400</td><td>525.24</td><td>CA</td></tr><tr><td>141</td><td>2400</td><td>198.94</td><td>SC</td></tr><tr><td>142</td><td>2400</td><td>2400.0</td><td>WI</td></tr><tr><td>143</td><td>2400</td><td>1500.51</td><td>VA</td></tr><tr><td>144</td><td>2400</td><td>2400.0</td><td>AL</td></tr><tr><td>145</td><td>2400</td><td>763.25</td><td>TX</td></tr><tr><td>146</td><td>2400</td><td>1284.56</td><td>NY</td></tr><tr><td>147</td><td>2400</td><td>453.21</td><td>CA</td></tr><tr><td>148</td><td>2400</td><td>2400.0</td><td>NY</td></tr><tr><td>149</td><td>2400</td><td>2400.0</td><td>AL</td></tr><tr><td>150</td><td>2400</td><td>2400.0</td><td>FL</td></tr><tr><td>151</td><td>2400</td><td>1271.64</td><td>ME</td></tr><tr><td>152</td><td>2400</td><td>790.18</td><td>FL</td></tr><tr><td>153</td><td>2500</td><td>1472.04</td><td>PA</td></tr><tr><td>154</td><td>2500</td><td>2500.0</td><td>MS</td></tr><tr><td>155</td><td>2500</td><td>638.54</td><td>FL</td></tr><tr><td>156</td><td>2500</td><td>870.18</td><td>CA</td></tr><tr><td>157</td><td>2500</td><td>2500.0</td><td>VA</td></tr><tr><td>158</td><td>2500</td><td>568.52</td><td>VA</td></tr><tr><td>159</td><td>2500</td><td>628.51</td><td>NY</td></tr><tr><td>160</td><td>2500</td><td>1027.25</td><td>AL</td></tr><tr><td>161</td><td>2500</td><td>2091.65</td><td>TX</td></tr><tr><td>162</td><td>2500</td><td>1090.3</td><td>NV</td></tr><tr><td>163</td><td>2500</td><td>1298.63</td><td>VA</td></tr><tr><td>164</td><td>2500</td><td>1219.13</td><td>FL</td></tr><tr><td>165</td><td>2500</td><td>872.09</td><td>KY</td></tr><tr><td>166</td><td>2500</td><td>421.41</td><td>OH</td></tr><tr><td>167</td><td>2500</td><td>1417.8</td><td>MI</td></tr><tr><td>168</td><td>2500</td><td>1202.49</td><td>IN</td></tr><tr><td>169</td><td>2500</td><td>538.98</td><td>OH</td></tr><tr><td>170</td><td>2500</td><td>534.11</td><td>SC</td></tr><tr><td>171</td><td>2500</td><td>2500.0</td><td>IN</td></tr><tr><td>172</td><td>2500</td><td>453.46</td><td>NY</td></tr><tr><td>173</td><td>2500</td><td>2500.0</td><td>MN</td></tr><tr><td>174</td><td>2500</td><td>760.49</td><td>VA</td></tr><tr><td>175</td><td>2525</td><td>1469.46</td><td>NJ</td></tr><tr><td>176</td><td>2625</td><td>1064.43</td><td>VT</td></tr><tr><td>177</td><td>2650</td><td>2650.0</td><td>FL</td></tr><tr><td>178</td><td>2650</td><td>1352.52</td><td>NY</td></tr><tr><td>179</td><td>2700</td><td>192.94</td><td>VA</td></tr><tr><td>180</td><td>2700</td><td>2700.0</td><td>IN</td></tr><tr><td>181</td><td>2700</td><td>179.12</td><td>LA</td></tr><tr><td>182</td><td>2700</td><td>358.17</td><td>AR</td></tr><tr><td>183</td><td>2725</td><td>189.65</td><td>NV</td></tr><tr><td>184</td><td>2800</td><td>2800.0</td><td>TX</td></tr><tr><td>185</td><td>2800</td><td>1629.23</td><td>IN</td></tr><tr><td>186</td><td>2800</td><td>540.0</td><td>PA</td></tr><tr><td>187</td><td>2800</td><td>1454.54</td><td>KY</td></tr><tr><td>188</td><td>2800</td><td>1058.66</td><td>NJ</td></tr><tr><td>189</td><td>2800</td><td>1365.41</td><td>NY</td></tr><tr><td>190</td><td>2800</td><td>2800.0</td><td>TX</td></tr><tr><td>191</td><td>2800</td><td>897.74</td><td>WI</td></tr><tr><td>192</td><td>2800</td><td>391.11</td><td>UT</td></tr><tr><td>193</td><td>2800</td><td>2800.0</td><td>WI</td></tr><tr><td>194</td><td>2800</td><td>123.0</td><td>CA</td></tr><tr><td>195</td><td>2825</td><td>303.63</td><td>PA</td></tr><tr><td>196</td><td>2875</td><td>1568.71</td><td>WI</td></tr><tr><td>197</td><td>2975</td><td>1910.92</td><td>AL</td></tr><tr><td>198</td><td>2975</td><td>558.28</td><td>MS</td></tr><tr><td>199</td><td>2975</td><td>188.74</td><td>CA</td></tr><tr><td>200</td><td>3000</td><td>1875.57</td><td>CA</td></tr><tr><td>201</td><td>3000</td><td>1215.9</td><td>TX</td></tr><tr><td>202</td><td>3000</td><td>1207.98</td><td>MN</td></tr><tr><td>203</td><td>3000</td><td>861.53</td><td>TX</td></tr><tr><td>204</td><td>3000</td><td>1192.32</td><td>SC</td></tr><tr><td>205</td><td>3000</td><td>1691.84</td><td>CA</td></tr><tr><td>206</td><td>3000</td><td>3000.0</td><td>KY</td></tr><tr><td>207</td><td>3000</td><td>232.18</td><td>KY</td></tr><tr><td>208</td><td>3000</td><td>535.3</td><td>WA</td></tr><tr><td>209</td><td>3000</td><td>690.32</td><td>KS</td></tr><tr><td>210</td><td>3000</td><td>611.76</td><td>TX</td></tr><tr><td>211</td><td>3000</td><td>225.61</td><td>TX</td></tr><tr><td>212</td><td>3000</td><td>3000.0</td><td>MI</td></tr><tr><td>213</td><td>3000</td><td>688.27</td><td>TX</td></tr><tr><td>214</td><td>3000</td><td>723.51</td><td>NJ</td></tr><tr><td>215</td><td>3000</td><td>3000.0</td><td>MN</td></tr><tr><td>216</td><td>3000</td><td>223.61</td><td>NY</td></tr><tr><td>217</td><td>3000</td><td>223.62</td><td>TX</td></tr><tr><td>218</td><td>3000</td><td>684.26</td><td>PA</td></tr><tr><td>219</td><td>3000</td><td>3000.0</td><td>IL</td></tr><tr><td>220</td><td>3000</td><td>1660.37</td><td>AZ</td></tr><tr><td>221</td><td>3000</td><td>527.01</td><td>LA</td></tr><tr><td>222</td><td>3000</td><td>604.38</td><td>TX</td></tr><tr><td>223</td><td>3000</td><td>604.38</td><td>CT</td></tr><tr><td>224</td><td>3000</td><td>1573.66</td><td>CA</td></tr><tr><td>225</td><td>3000</td><td>2812.87</td><td>CA</td></tr><tr><td>226</td><td>3000</td><td>1240.99</td><td>NY</td></tr><tr><td>227</td><td>3000</td><td>1397.45</td><td>GA</td></tr><tr><td>228</td><td>3000</td><td>3000.0</td><td>LA</td></tr><tr><td>229</td><td>3000</td><td>1907.47</td><td>VA</td></tr><tr><td>230</td><td>3000</td><td>1734.87</td><td>GA</td></tr><tr><td>231</td><td>3000</td><td>1066.87</td><td>MS</td></tr><tr><td>232</td><td>3000</td><td>1726.01</td><td>TX</td></tr><tr><td>233</td><td>3000</td><td>664.37</td><td>MN</td></tr><tr><td>234</td><td>3000</td><td>3000.0</td><td>WI</td></tr><tr><td>235</td><td>3000</td><td>3000.0</td><td>OH</td></tr><tr><td>236</td><td>3000</td><td>741.05</td><td>SD</td></tr><tr><td>237</td><td>3000</td><td>1464.51</td><td>PA</td></tr><tr><td>238</td><td>3000</td><td>1053.93</td><td>TX</td></tr><tr><td>239</td><td>3000</td><td>3000.0</td><td>TN</td></tr><tr><td>240</td><td>3000</td><td>3000.0</td><td>MD</td></tr><tr><td>241</td><td>3000</td><td>581.11</td><td>NY</td></tr><tr><td>242</td><td>3000</td><td>650.64</td><td>OH</td></tr><tr><td>243</td><td>3000</td><td>1045.73</td><td>HI</td></tr><tr><td>244</td><td>3000</td><td>1289.44</td><td>CA</td></tr><tr><td>245</td><td>3000</td><td>505.71</td><td>RI</td></tr><tr><td>246</td><td>3000</td><td>966.85</td><td>MD</td></tr><tr><td>247</td><td>3000</td><td>656.5</td><td>PA</td></tr><tr><td>248</td><td>3000</td><td>3000.0</td><td>CA</td></tr><tr><td>249</td><td>3000</td><td>1046.3</td><td>AZ</td></tr><tr><td>250</td><td>3000</td><td>505.71</td><td>AZ</td></tr><tr><td>251</td><td>3000</td><td>1623.81</td><td>IN</td></tr><tr><td>252</td><td>3000</td><td>1874.04</td><td>NJ</td></tr><tr><td>253</td><td>3000</td><td>559.63</td><td>TX</td></tr><tr><td>254</td><td>3000</td><td>1283.69</td><td>NE</td></tr><tr><td>255</td><td>3000</td><td>2249.47</td><td>IL</td></tr><tr><td>256</td><td>3000</td><td>882.07</td><td>NC</td></tr><tr><td>257</td><td>3000</td><td>3000.0</td><td>NJ</td></tr><tr><td>258</td><td>3000</td><td>1701.17</td><td>MO</td></tr><tr><td>259</td><td>3000</td><td>209.15</td><td>MN</td></tr><tr><td>260</td><td>3000</td><td>209.15</td><td>TN</td></tr><tr><td>261</td><td>3000</td><td>3000.0</td><td>CO</td></tr><tr><td>262</td><td>3000</td><td>571.79</td><td>NC</td></tr><tr><td>263</td><td>3000</td><td>3000.0</td><td>FL</td></tr><tr><td>264</td><td>3000</td><td>953.96</td><td>TX</td></tr><tr><td>265</td><td>3000</td><td>2801.21</td><td>PA</td></tr><tr><td>266</td><td>3000</td><td>1272.72</td><td>FL</td></tr><tr><td>267</td><td>3000</td><td>1689.94</td><td>IL</td></tr><tr><td>268</td><td>3000</td><td>2800.23</td><td>FL</td></tr><tr><td>269</td><td>3000</td><td>1517.58</td><td>AZ</td></tr><tr><td>270</td><td>3000</td><td>3000.0</td><td>CO</td></tr><tr><td>271</td><td>3000</td><td>492.9</td><td>KY</td></tr><tr><td>272</td><td>3000</td><td>492.9</td><td>TX</td></tr><tr><td>273</td><td>3000</td><td>492.9</td><td>CT</td></tr><tr><td>274</td><td>3000</td><td>3000.0</td><td>NV</td></tr><tr><td>275</td><td>3000</td><td>562.93</td><td>IL</td></tr><tr><td>276</td><td>3000</td><td>637.04</td><td>TX</td></tr><tr><td>277</td><td>3000</td><td>942.21</td><td>WI</td></tr><tr><td>278</td><td>3000</td><td>562.93</td><td>CO</td></tr><tr><td>279</td><td>3000</td><td>1175.6</td><td>PA</td></tr><tr><td>280</td><td>3000</td><td>629.44</td><td>NY</td></tr><tr><td>281</td><td>3000</td><td>1273.89</td><td>NJ</td></tr><tr><td>282</td><td>3000</td><td>926.7</td><td>CA</td></tr><tr><td>283</td><td>3000</td><td>3000.0</td><td>NH</td></tr><tr><td>284</td><td>3000</td><td>1665.48</td><td>WI</td></tr><tr><td>285</td><td>3000</td><td>3000.0</td><td>MN</td></tr><tr><td>286</td><td>3000</td><td>1316.07</td><td>IL</td></tr><tr><td>287</td><td>3000</td><td>470.96</td><td>PA</td></tr><tr><td>288</td><td>3000</td><td>1064.1</td><td>NJ</td></tr><tr><td>289</td><td>3000</td><td>3000.0</td><td>TX</td></tr><tr><td>290</td><td>3000</td><td>1650.62</td><td>MT</td></tr><tr><td>291</td><td>3000</td><td>1388.06</td><td>FL</td></tr><tr><td>292</td><td>3000</td><td>3000.0</td><td>PA</td></tr><tr><td>293</td><td>3000</td><td>1135.42</td><td>NY</td></tr><tr><td>294</td><td>3000</td><td>3000.0</td><td>NV</td></tr><tr><td>295</td><td>3000</td><td>526.05</td><td>IL</td></tr><tr><td>296</td><td>3000</td><td>811.66</td><td>NJ</td></tr><tr><td>297</td><td>3000</td><td>1048.57</td><td>CO</td></tr><tr><td>298</td><td>3000</td><td>364.07</td><td>OK</td></tr><tr><td>299</td><td>3000</td><td>1065.43</td><td>CA</td></tr><tr><td>300</td><td>3000</td><td>614.69</td><td>TX</td></tr><tr><td>301</td><td>3025</td><td>1267.09</td><td>GA</td></tr><tr><td>302</td><td>3025</td><td>773.57</td><td>GA</td></tr><tr><td>303</td><td>3025</td><td>516.45</td><td>GA</td></tr><tr><td>304</td><td>3025</td><td>214.69</td><td>GA</td></tr><tr><td>305</td><td>3025</td><td>1300.11</td><td>GA</td></tr><tr><td>306</td><td>3025</td><td>2066.13</td><td>GA</td></tr><tr><td>307</td><td>3025</td><td>404.14</td><td>TX</td></tr><tr><td>308</td><td>3025</td><td>891.96</td><td>NY</td></tr><tr><td>309</td><td>3025</td><td>656.78</td><td>GA</td></tr><tr><td>310</td><td>3025</td><td>637.2</td><td>CA</td></tr><tr><td>311</td><td>3050</td><td>1007.02</td><td>IL</td></tr><tr><td>312</td><td>3100</td><td>3100.0</td><td>IL</td></tr><tr><td>313</td><td>3100</td><td>3100.0</td><td>NY</td></tr><tr><td>314</td><td>3125</td><td>1053.94</td><td>TN</td></tr><tr><td>315</td><td>3125</td><td>198.37</td><td>CA</td></tr><tr><td>316</td><td>3150</td><td>645.23</td><td>CA</td></tr><tr><td>317</td><td>3200</td><td>644.46</td><td>MI</td></tr><tr><td>318</td><td>3200</td><td>3200.0</td><td>NH</td></tr><tr><td>319</td><td>3200</td><td>3200.0</td><td>PA</td></tr><tr><td>320</td><td>3200</td><td>1296.48</td><td>MD</td></tr><tr><td>321</td><td>3200</td><td>460.12</td><td>OH</td></tr><tr><td>322</td><td>3200</td><td>460.11</td><td>TX</td></tr><tr><td>323</td><td>3200</td><td>763.92</td><td>VA</td></tr><tr><td>324</td><td>3200</td><td>3200.0</td><td>AZ</td></tr><tr><td>325</td><td>3200</td><td>1673.39</td><td>NV</td></tr><tr><td>326</td><td>3200</td><td>172.61</td><td>PA</td></tr><tr><td>327</td><td>3250</td><td>1302.32</td><td>VA</td></tr><tr><td>328</td><td>3300</td><td>806.26</td><td>TX</td></tr><tr><td>329</td><td>3300</td><td>3080.29</td><td>NY</td></tr><tr><td>330</td><td>3350</td><td>252.31</td><td>NJ</td></tr><tr><td>331</td><td>3350</td><td>1937.32</td><td>AZ</td></tr><tr><td>332</td><td>3400</td><td>3400.0</td><td>CA</td></tr><tr><td>333</td><td>3400</td><td>2062.45</td><td>OH</td></tr><tr><td>334</td><td>3425</td><td>3425.0</td><td>TX</td></tr><tr><td>335</td><td>3450</td><td>237.51</td><td>TX</td></tr><tr><td>336</td><td>3500</td><td>3500.0</td><td>NY</td></tr><tr><td>337</td><td>3500</td><td>1281.06</td><td>WI</td></tr><tr><td>338</td><td>3500</td><td>1658.72</td><td>GA</td></tr><tr><td>339</td><td>3500</td><td>3500.0</td><td>MD</td></tr><tr><td>340</td><td>3500</td><td>3500.0</td><td>NJ</td></tr><tr><td>341</td><td>3500</td><td>3500.0</td><td>AL</td></tr><tr><td>342</td><td>3500</td><td>3500.0</td><td>CO</td></tr><tr><td>343</td><td>3500</td><td>887.44</td><td>PA</td></tr><tr><td>344</td><td>3500</td><td>3281.75</td><td>IL</td></tr><tr><td>345</td><td>3500</td><td>1248.58</td><td>OR</td></tr><tr><td>346</td><td>3500</td><td>3500.0</td><td>CA</td></tr><tr><td>347</td><td>3500</td><td>168.43</td><td>NC</td></tr><tr><td>348</td><td>3500</td><td>3500.0</td><td>CA</td></tr><tr><td>349</td><td>3500</td><td>3500.0</td><td>GA</td></tr><tr><td>350</td><td>3500</td><td>1229.56</td><td>OH</td></tr><tr><td>351</td><td>3500</td><td>250.12</td><td>IL</td></tr><tr><td>352</td><td>3500</td><td>248.21</td><td>AR</td></tr><tr><td>353</td><td>3500</td><td>855.07</td><td>CA</td></tr><tr><td>354</td><td>3500</td><td>853.31</td><td>CA</td></tr><tr><td>355</td><td>3500</td><td>1677.48</td><td>CO</td></tr><tr><td>356</td><td>3500</td><td>3500.0</td><td>TX</td></tr><tr><td>357</td><td>3500</td><td>1679.58</td><td>FL</td></tr><tr><td>358</td><td>3500</td><td>3266.87</td><td>MO</td></tr><tr><td>359</td><td>3500</td><td>240.93</td><td>AL</td></tr><tr><td>360</td><td>3500</td><td>3500.0</td><td>MO</td></tr><tr><td>361</td><td>3500</td><td>291.53</td><td>TX</td></tr><tr><td>362</td><td>3500</td><td>240.58</td><td>NV</td></tr><tr><td>363</td><td>3500</td><td>1515.0</td><td>TX</td></tr><tr><td>364</td><td>3500</td><td>3500.0</td><td>CA</td></tr><tr><td>365</td><td>3500</td><td>1466.27</td><td>NY</td></tr><tr><td>366</td><td>3500</td><td>1371.49</td><td>NJ</td></tr><tr><td>367</td><td>3550</td><td>1952.11</td><td>FL</td></tr><tr><td>368</td><td>3600</td><td>1529.58</td><td>KY</td></tr><tr><td>369</td><td>3600</td><td>291.55</td><td>FL</td></tr><tr><td>370</td><td>3600</td><td>640.38</td><td>NC</td></tr><tr><td>371</td><td>3600</td><td>3600.0</td><td>CO</td></tr><tr><td>372</td><td>3600</td><td>3600.0</td><td>TN</td></tr><tr><td>373</td><td>3600</td><td>259.1</td><td>OH</td></tr><tr><td>374</td><td>3600</td><td>917.23</td><td>LA</td></tr><tr><td>375</td><td>3600</td><td>787.76</td><td>CA</td></tr><tr><td>376</td><td>3600</td><td>3600.0</td><td>MO</td></tr><tr><td>377</td><td>3600</td><td>3600.0</td><td>MS</td></tr><tr><td>378</td><td>3600</td><td>966.83</td><td>AZ</td></tr><tr><td>379</td><td>3600</td><td>1962.77</td><td>FL</td></tr><tr><td>380</td><td>3600</td><td>3600.0</td><td>TX</td></tr><tr><td>381</td><td>3600</td><td>2245.97</td><td>RI</td></tr><tr><td>382</td><td>3600</td><td>776.05</td><td>OH</td></tr><tr><td>383</td><td>3600</td><td>1727.7</td><td>WA</td></tr><tr><td>384</td><td>3600</td><td>1758.34</td><td>OH</td></tr><tr><td>385</td><td>3600</td><td>675.57</td><td>PA</td></tr><tr><td>386</td><td>3600</td><td>675.57</td><td>AL</td></tr><tr><td>387</td><td>3600</td><td>849.44</td><td>GA</td></tr><tr><td>388</td><td>3600</td><td>3600.0</td><td>TX</td></tr><tr><td>389</td><td>3600</td><td>1701.56</td><td>NY</td></tr><tr><td>390</td><td>3600</td><td>3600.0</td><td>CA</td></tr><tr><td>391</td><td>3600</td><td>580.05</td><td>NV</td></tr><tr><td>392</td><td>3600</td><td>1018.75</td><td>OK</td></tr><tr><td>393</td><td>3625</td><td>1239.53</td><td>GA</td></tr><tr><td>394</td><td>3650</td><td>1504.95</td><td>CA</td></tr><tr><td>395</td><td>3700</td><td>1817.82</td><td>MD</td></tr><tr><td>396</td><td>3750</td><td>3750.0</td><td>MN</td></tr><tr><td>397</td><td>3750</td><td>1953.35</td><td>NY</td></tr><tr><td>398</td><td>3750</td><td>229.41</td><td>IL</td></tr><tr><td>399</td><td>3775</td><td>1561.18</td><td>NV</td></tr><tr><td>400</td><td>3800</td><td>1500.4</td><td>NY</td></tr><tr><td>401</td><td>3800</td><td>2109.52</td><td>OR</td></tr><tr><td>402</td><td>3800</td><td>3800.0</td><td>CO</td></tr><tr><td>403</td><td>3800</td><td>1960.28</td><td>TX</td></tr><tr><td>404</td><td>3825</td><td>3825.0</td><td>VA</td></tr><tr><td>405</td><td>3850</td><td>967.97</td><td>KS</td></tr><tr><td>406</td><td>3900</td><td>3900.0</td><td>FL</td></tr><tr><td>407</td><td>3925</td><td>1604.31</td><td>LA</td></tr><tr><td>408</td><td>4000</td><td>2436.76</td><td>CT</td></tr><tr><td>409</td><td>4000</td><td>2442.62</td><td>TX</td></tr><tr><td>410</td><td>4000</td><td>610.36</td><td>FL</td></tr><tr><td>411</td><td>4000</td><td>819.0</td><td>KY</td></tr><tr><td>412</td><td>4000</td><td>2580.85</td><td>IL</td></tr><tr><td>413</td><td>4000</td><td>1451.57</td><td>MS</td></tr><tr><td>414</td><td>4000</td><td>1341.04</td><td>WA</td></tr><tr><td>415</td><td>4000</td><td>1771.82</td><td>WI</td></tr><tr><td>416</td><td>4000</td><td>4000.0</td><td>MI</td></tr><tr><td>417</td><td>4000</td><td>4000.0</td><td>NJ</td></tr><tr><td>418</td><td>4000</td><td>818.5</td><td>MN</td></tr><tr><td>419</td><td>4000</td><td>805.75</td><td>IL</td></tr><tr><td>420</td><td>4000</td><td>1322.31</td><td>IN</td></tr><tr><td>421</td><td>4000</td><td>1753.04</td><td>IL</td></tr><tr><td>422</td><td>4000</td><td>1426.99</td><td>AR</td></tr><tr><td>423</td><td>4000</td><td>1426.99</td><td>CA</td></tr><tr><td>424</td><td>4000</td><td>4000.0</td><td>CA</td></tr><tr><td>425</td><td>4000</td><td>4000.0</td><td>GA</td></tr><tr><td>426</td><td>4000</td><td>1974.46</td><td>NJ</td></tr><tr><td>427</td><td>4000</td><td>2199.4</td><td>OH</td></tr><tr><td>428</td><td>4000</td><td>999.94</td><td>NY</td></tr><tr><td>429</td><td>4000</td><td>1417.61</td><td>TX</td></tr><tr><td>430</td><td>4000</td><td>1634.95</td><td>WY</td></tr><tr><td>431</td><td>4000</td><td>287.6</td><td>AL</td></tr><tr><td>432</td><td>4000</td><td>988.6</td><td>CA</td></tr><tr><td>433</td><td>4000</td><td>1580.95</td><td>WA</td></tr><tr><td>434</td><td>4000</td><td>1302.35</td><td>OH</td></tr><tr><td>435</td><td>4000</td><td>2286.99</td><td>NY</td></tr><tr><td>436</td><td>4000</td><td>2517.95</td><td>CA</td></tr><tr><td>437</td><td>4000</td><td>880.53</td><td>CA</td></tr><tr><td>438</td><td>4000</td><td>1018.67</td><td>NJ</td></tr><tr><td>439</td><td>4000</td><td>775.26</td><td>FL</td></tr><tr><td>440</td><td>4000</td><td>774.74</td><td>TX</td></tr><tr><td>441</td><td>4000</td><td>4000.0</td><td>OH</td></tr><tr><td>442</td><td>4000</td><td>875.78</td><td>NJ</td></tr><tr><td>443</td><td>4000</td><td>771.36</td><td>NY</td></tr><tr><td>444</td><td>4000</td><td>1289.08</td><td>TX</td></tr><tr><td>445</td><td>4000</td><td>1289.08</td><td>NY</td></tr><tr><td>446</td><td>4000</td><td>1289.08</td><td>NJ</td></tr><tr><td>447</td><td>4000</td><td>2279.34</td><td>GA</td></tr><tr><td>448</td><td>4000</td><td>2279.34</td><td>TX</td></tr><tr><td>449</td><td>4000</td><td>4000.0</td><td>CA</td></tr><tr><td>450</td><td>4000</td><td>4000.0</td><td>NY</td></tr><tr><td>451</td><td>4000</td><td>4000.0</td><td>IN</td></tr><tr><td>452</td><td>4000</td><td>663.53</td><td>CO</td></tr><tr><td>453</td><td>4000</td><td>4000.0</td><td>OR</td></tr><tr><td>454</td><td>4000</td><td>4000.0</td><td>TX</td></tr><tr><td>455</td><td>4000</td><td>1588.38</td><td>NY</td></tr><tr><td>456</td><td>4000</td><td>4000.0</td><td>NC</td></tr><tr><td>457</td><td>4000</td><td>2253.42</td><td>FL</td></tr><tr><td>458</td><td>4000</td><td>1264.72</td><td>VA</td></tr><tr><td>459</td><td>4000</td><td>3733.92</td><td>OH</td></tr><tr><td>460</td><td>4000</td><td>1911.28</td><td>GA</td></tr><tr><td>461</td><td>4000</td><td>657.18</td><td>NC</td></tr><tr><td>462</td><td>4000</td><td>2864.13</td><td>WI</td></tr><tr><td>463</td><td>4000</td><td>1687.27</td><td>IL</td></tr><tr><td>464</td><td>4000</td><td>1365.43</td><td>MI</td></tr><tr><td>465</td><td>4000</td><td>4000.0</td><td>PA</td></tr><tr><td>466</td><td>4000</td><td>750.22</td><td>GA</td></tr><tr><td>467</td><td>4000</td><td>2129.08</td><td>CA</td></tr><tr><td>468</td><td>4000</td><td>1567.24</td><td>NM</td></tr><tr><td>469</td><td>4000</td><td>943.86</td><td>IL</td></tr><tr><td>470</td><td>4000</td><td>4000.0</td><td>NC</td></tr><tr><td>471</td><td>4000</td><td>4000.0</td><td>NE</td></tr><tr><td>472</td><td>4000</td><td>2924.04</td><td>NJ</td></tr><tr><td>473</td><td>4000</td><td>4000.0</td><td>TN</td></tr><tr><td>474</td><td>4000</td><td>269.13</td><td>GA</td></tr><tr><td>475</td><td>4000</td><td>1448.55</td><td>HI</td></tr><tr><td>476</td><td>4000</td><td>4000.0</td><td>TN</td></tr><tr><td>477</td><td>4000</td><td>3725.68</td><td>FL</td></tr><tr><td>478</td><td>4000</td><td>2220.47</td><td>CA</td></tr><tr><td>479</td><td>4000</td><td>4000.0</td><td>NJ</td></tr><tr><td>480</td><td>4000</td><td>1336.63</td><td>NY</td></tr><tr><td>481</td><td>4000</td><td>731.6</td><td>FL</td></tr><tr><td>482</td><td>4000</td><td>1649.35</td><td>TX</td></tr><tr><td>483</td><td>4000</td><td>4000.0</td><td>PA</td></tr><tr><td>484</td><td>4000</td><td>1320.58</td><td>OR</td></tr><tr><td>485</td><td>4000</td><td>4000.0</td><td>LA</td></tr><tr><td>486</td><td>4000</td><td>4000.0</td><td>CT</td></tr><tr><td>487</td><td>4000</td><td>4000.0</td><td>WV</td></tr><tr><td>488</td><td>4000</td><td>2188.15</td><td>TX</td></tr><tr><td>489</td><td>4000</td><td>1204.71</td><td>MI</td></tr><tr><td>490</td><td>4000</td><td>1408.18</td><td>FL</td></tr><tr><td>491</td><td>4000</td><td>895.0</td><td>OH</td></tr><tr><td>492</td><td>4000</td><td>1503.47</td><td>AK</td></tr><tr><td>493</td><td>4000</td><td>1610.58</td><td>NY</td></tr><tr><td>494</td><td>4000</td><td>507.64</td><td>FL</td></tr><tr><td>495</td><td>4000</td><td>2195.32</td><td>NY</td></tr><tr><td>496</td><td>4050</td><td>1531.34</td><td>MO</td></tr><tr><td>497</td><td>4050</td><td>1392.3</td><td>TX</td></tr><tr><td>498</td><td>4150</td><td>849.64</td><td>OH</td></tr><tr><td>499</td><td>4150</td><td>288.83</td><td>FL</td></tr><tr><td>500</td><td>4200</td><td>1100.48</td><td>MA</td></tr><tr><td>501</td><td>4200</td><td>1784.51</td><td>NJ</td></tr><tr><td>502</td><td>4200</td><td>4200.0</td><td>CA</td></tr><tr><td>503</td><td>4200</td><td>1642.89</td><td>FL</td></tr><tr><td>504</td><td>4200</td><td>2210.61</td><td>TX</td></tr><tr><td>505</td><td>4200</td><td>1852.53</td><td>MA</td></tr><tr><td>506</td><td>4200</td><td>2068.7</td><td>NY</td></tr><tr><td>507</td><td>4200</td><td>2428.92</td><td>NE</td></tr><tr><td>508</td><td>4200</td><td>1367.47</td><td>CA</td></tr><tr><td>509</td><td>4200</td><td>708.38</td><td>CO</td></tr><tr><td>510</td><td>4200</td><td>1682.97</td><td>FL</td></tr><tr><td>511</td><td>4200</td><td>4200.0</td><td>CA</td></tr><tr><td>512</td><td>4200</td><td>1016.05</td><td>FL</td></tr><tr><td>513</td><td>4200</td><td>2121.16</td><td>WA</td></tr><tr><td>514</td><td>4200</td><td>2601.53</td><td>PA</td></tr><tr><td>515</td><td>4225</td><td>853.74</td><td>IN</td></tr><tr><td>516</td><td>4250</td><td>1633.9</td><td>NY</td></tr><tr><td>517</td><td>4300</td><td>1704.48</td><td>WI</td></tr><tr><td>518</td><td>4375</td><td>4375.0</td><td>TN</td></tr><tr><td>519</td><td>4400</td><td>4400.0</td><td>NH</td></tr><tr><td>520</td><td>4450</td><td>820.26</td><td>AR</td></tr><tr><td>521</td><td>4450</td><td>1699.49</td><td>CA</td></tr><tr><td>522</td><td>4450</td><td>1625.34</td><td>GA</td></tr><tr><td>523</td><td>4475</td><td>1623.23</td><td>VT</td></tr><tr><td>524</td><td>4475</td><td>1785.86</td><td>RI</td></tr><tr><td>525</td><td>4500</td><td>1946.02</td><td>AZ</td></tr><tr><td>526</td><td>4500</td><td>4500.0</td><td>TX</td></tr><tr><td>527</td><td>4500</td><td>339.06</td><td>OH</td></tr><tr><td>528</td><td>4500</td><td>4500.0</td><td>MN</td></tr><tr><td>529</td><td>4500</td><td>1580.82</td><td>CA</td></tr><tr><td>530</td><td>4500</td><td>4500.0</td><td>OH</td></tr><tr><td>531</td><td>4500</td><td>522.12</td><td>MO</td></tr><tr><td>532</td><td>4500</td><td>2208.2</td><td>CA</td></tr><tr><td>533</td><td>4500</td><td>2336.35</td><td>NC</td></tr><tr><td>534</td><td>4500</td><td>4500.0</td><td>AL</td></tr><tr><td>535</td><td>4500</td><td>1304.97</td><td>TN</td></tr><tr><td>536</td><td>4525</td><td>1054.09</td><td>OH</td></tr><tr><td>537</td><td>4550</td><td>880.72</td><td>MS</td></tr><tr><td>538</td><td>4550</td><td>1972.49</td><td>TX</td></tr><tr><td>539</td><td>4550</td><td>985.29</td><td>NE</td></tr><tr><td>540</td><td>4575</td><td>1521.23</td><td>MO</td></tr><tr><td>541</td><td>4675</td><td>2577.73</td><td>KY</td></tr><tr><td>542</td><td>4675</td><td>2539.53</td><td>OH</td></tr><tr><td>543</td><td>4700</td><td>1279.09</td><td>TX</td></tr><tr><td>544</td><td>4725</td><td>2386.11</td><td>CA</td></tr><tr><td>545</td><td>4750</td><td>2020.38</td><td>MI</td></tr><tr><td>546</td><td>4750</td><td>1952.18</td><td>AL</td></tr><tr><td>547</td><td>4800</td><td>4800.0</td><td>NJ</td></tr><tr><td>548</td><td>4800</td><td>2962.43</td><td>DC</td></tr><tr><td>549</td><td>4800</td><td>889.53</td><td>MO</td></tr><tr><td>550</td><td>4800</td><td>874.52</td><td>CA</td></tr><tr><td>551</td><td>4800</td><td>3952.49</td><td>CO</td></tr><tr><td>552</td><td>4800</td><td>1907.7</td><td>CA</td></tr><tr><td>553</td><td>4800</td><td>371.49</td><td>SC</td></tr><tr><td>554</td><td>4800</td><td>2039.44</td><td>OH</td></tr><tr><td>555</td><td>4800</td><td>362.4</td><td>OH</td></tr><tr><td>556</td><td>4800</td><td>2399.26</td><td>RI</td></tr><tr><td>557</td><td>4800</td><td>2797.95</td><td>IL</td></tr><tr><td>558</td><td>4800</td><td>964.92</td><td>NY</td></tr><tr><td>559</td><td>4800</td><td>966.93</td><td>IL</td></tr><tr><td>560</td><td>4800</td><td>1091.56</td><td>MA</td></tr><tr><td>561</td><td>4800</td><td>4800.0</td><td>MA</td></tr><tr><td>562</td><td>4800</td><td>2117.19</td><td>NY</td></tr><tr><td>563</td><td>4800</td><td>1961.94</td><td>TX</td></tr><tr><td>564</td><td>4800</td><td>227.65</td><td>NC</td></tr><tr><td>565</td><td>4800</td><td>3038.23</td><td>IL</td></tr><tr><td>566</td><td>4800</td><td>1174.08</td><td>AL</td></tr><tr><td>567</td><td>4800</td><td>1546.93</td><td>AZ</td></tr><tr><td>568</td><td>4800</td><td>809.12</td><td>TX</td></tr><tr><td>569</td><td>4800</td><td>2735.11</td><td>MD</td></tr><tr><td>570</td><td>4800</td><td>2873.64</td><td>MI</td></tr><tr><td>571</td><td>4800</td><td>2721.97</td><td>TX</td></tr><tr><td>572</td><td>4800</td><td>2443.23</td><td>GA</td></tr><tr><td>573</td><td>4800</td><td>334.63</td><td>FL</td></tr><tr><td>574</td><td>4800</td><td>4800.0</td><td>TX</td></tr><tr><td>575</td><td>4800</td><td>900.67</td><td>NV</td></tr><tr><td>576</td><td>4800</td><td>1625.57</td><td>FL</td></tr><tr><td>577</td><td>4800</td><td>658.8</td><td>TX</td></tr><tr><td>578</td><td>4800</td><td>213.97</td><td>MD</td></tr><tr><td>579</td><td>4800</td><td>2251.77</td><td>MO</td></tr><tr><td>580</td><td>4800</td><td>4800.0</td><td>UT</td></tr><tr><td>581</td><td>4825</td><td>2405.54</td><td>MI</td></tr><tr><td>582</td><td>4825</td><td>1422.59</td><td>CA</td></tr><tr><td>583</td><td>4900</td><td>2002.89</td><td>NJ</td></tr><tr><td>584</td><td>4925</td><td>2627.0</td><td>NJ</td></tr><tr><td>585</td><td>4925</td><td>1162.06</td><td>TX</td></tr><tr><td>586</td><td>4950</td><td>958.17</td><td>OH</td></tr><tr><td>587</td><td>4975</td><td>325.3</td><td>AZ</td></tr><tr><td>588</td><td>4975</td><td>1869.83</td><td>CA</td></tr><tr><td>589</td><td>5000</td><td>2003.58</td><td>CA</td></tr><tr><td>590</td><td>5000</td><td>1137.04</td><td>NC</td></tr><tr><td>591</td><td>5000</td><td>1140.09</td><td>FL</td></tr><tr><td>592</td><td>5000</td><td>5000.0</td><td>TX</td></tr><tr><td>593</td><td>5000</td><td>386.95</td><td>CA</td></tr><tr><td>594</td><td>5000</td><td>2819.66</td><td>NM</td></tr><tr><td>595</td><td>5000</td><td>1043.39</td><td>TX</td></tr><tr><td>596</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>597</td><td>5000</td><td>2262.19</td><td>CA</td></tr><tr><td>598</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>599</td><td>5000</td><td>5000.0</td><td>NY</td></tr><tr><td>600</td><td>5000</td><td>2517.94</td><td>NH</td></tr><tr><td>601</td><td>5000</td><td>2517.94</td><td>MA</td></tr><tr><td>602</td><td>5000</td><td>2103.01</td><td>CO</td></tr><tr><td>603</td><td>5000</td><td>5000.0</td><td>FL</td></tr><tr><td>604</td><td>5000</td><td>2094.18</td><td>GA</td></tr><tr><td>605</td><td>5000</td><td>892.19</td><td>VA</td></tr><tr><td>606</td><td>5000</td><td>1022.55</td><td>FL</td></tr><tr><td>607</td><td>5000</td><td>3515.81</td><td>MO</td></tr><tr><td>608</td><td>5000</td><td>250.41</td><td>CA</td></tr><tr><td>609</td><td>5000</td><td>889.38</td><td>PA</td></tr><tr><td>610</td><td>5000</td><td>889.38</td><td>FL</td></tr><tr><td>611</td><td>5000</td><td>5000.0</td><td>IL</td></tr><tr><td>612</td><td>5000</td><td>5000.0</td><td>AZ</td></tr><tr><td>613</td><td>5000</td><td>3471.91</td><td>NY</td></tr><tr><td>614</td><td>5000</td><td>3033.67</td><td>TX</td></tr><tr><td>615</td><td>5000</td><td>2925.85</td><td>NY</td></tr><tr><td>616</td><td>5000</td><td>2925.85</td><td>WV</td></tr><tr><td>617</td><td>5000</td><td>1814.35</td><td>CA</td></tr><tr><td>618</td><td>5000</td><td>1814.35</td><td>IL</td></tr><tr><td>619</td><td>5000</td><td>1814.35</td><td>CA</td></tr><tr><td>620</td><td>5000</td><td>1814.35</td><td>CA</td></tr><tr><td>621</td><td>5000</td><td>1147.06</td><td>NY</td></tr><tr><td>622</td><td>5000</td><td>5000.0</td><td>NE</td></tr><tr><td>623</td><td>5000</td><td>5000.0</td><td>GA</td></tr><tr><td>624</td><td>5000</td><td>5000.0</td><td>DE</td></tr><tr><td>625</td><td>5000</td><td>2914.11</td><td>TN</td></tr><tr><td>626</td><td>5000</td><td>2077.42</td><td>OK</td></tr><tr><td>627</td><td>5000</td><td>1669.45</td><td>NV</td></tr><tr><td>628</td><td>5000</td><td>5000.0</td><td>CT</td></tr><tr><td>629</td><td>5000</td><td>2909.17</td><td>FL</td></tr><tr><td>630</td><td>5000</td><td>2909.17</td><td>TX</td></tr><tr><td>631</td><td>5000</td><td>1400.26</td><td>SC</td></tr><tr><td>632</td><td>5000</td><td>2767.29</td><td>FL</td></tr><tr><td>633</td><td>5000</td><td>5000.0</td><td>WA</td></tr><tr><td>634</td><td>5000</td><td>1231.62</td><td>PA</td></tr><tr><td>635</td><td>5000</td><td>878.27</td><td>WA</td></tr><tr><td>636</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>637</td><td>5000</td><td>1797.09</td><td>NY</td></tr><tr><td>638</td><td>5000</td><td>1797.09</td><td>TX</td></tr><tr><td>639</td><td>5000</td><td>2068.43</td><td>TX</td></tr><tr><td>640</td><td>5000</td><td>2480.7</td><td>CO</td></tr><tr><td>641</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>642</td><td>5000</td><td>1652.78</td><td>FL</td></tr><tr><td>643</td><td>5000</td><td>1804.16</td><td>NE</td></tr><tr><td>644</td><td>5000</td><td>1257.01</td><td>NY</td></tr><tr><td>645</td><td>5000</td><td>1652.78</td><td>OH</td></tr><tr><td>646</td><td>5000</td><td>2054.5</td><td>MA</td></tr><tr><td>647</td><td>5000</td><td>5000.0</td><td>AZ</td></tr><tr><td>648</td><td>5000</td><td>2054.5</td><td>IN</td></tr><tr><td>649</td><td>5000</td><td>2191.12</td><td>WA</td></tr><tr><td>650</td><td>5000</td><td>2054.5</td><td>MI</td></tr><tr><td>651</td><td>5000</td><td>2054.5</td><td>NY</td></tr><tr><td>652</td><td>5000</td><td>1783.81</td><td>FL</td></tr><tr><td>653</td><td>5000</td><td>2468.08</td><td>MA</td></tr><tr><td>654</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>655</td><td>5000</td><td>3068.64</td><td>FL</td></tr><tr><td>656</td><td>5000</td><td>2749.25</td><td>NY</td></tr><tr><td>657</td><td>5000</td><td>3177.23</td><td>OH</td></tr><tr><td>658</td><td>5000</td><td>3428.76</td><td>IL</td></tr><tr><td>659</td><td>5000</td><td>5000.0</td><td>FL</td></tr><tr><td>660</td><td>5000</td><td>1644.51</td><td>LA</td></tr><tr><td>661</td><td>5000</td><td>3648.47</td><td>NY</td></tr><tr><td>662</td><td>5000</td><td>1778.12</td><td>KY</td></tr><tr><td>663</td><td>5000</td><td>5000.0</td><td>AZ</td></tr><tr><td>664</td><td>5000</td><td>1644.51</td><td>IN</td></tr><tr><td>665</td><td>5000</td><td>2043.68</td><td>MI</td></tr><tr><td>666</td><td>5000</td><td>2062.67</td><td>NY</td></tr><tr><td>667</td><td>5000</td><td>1773.09</td><td>NY</td></tr><tr><td>668</td><td>5000</td><td>2180.41</td><td>IN</td></tr><tr><td>669</td><td>5000</td><td>2180.26</td><td>CA</td></tr><tr><td>670</td><td>5000</td><td>2180.41</td><td>NH</td></tr><tr><td>671</td><td>5000</td><td>2597.26</td><td>SC</td></tr><tr><td>672</td><td>5000</td><td>2597.26</td><td>OH</td></tr><tr><td>673</td><td>5000</td><td>2943.48</td><td>IL</td></tr><tr><td>674</td><td>5000</td><td>1372.84</td><td>FL</td></tr><tr><td>675</td><td>5000</td><td>2734.31</td><td>KY</td></tr><tr><td>676</td><td>5000</td><td>239.81</td><td>LA</td></tr><tr><td>677</td><td>5000</td><td>359.85</td><td>WI</td></tr><tr><td>678</td><td>5000</td><td>359.85</td><td>MO</td></tr><tr><td>679</td><td>5000</td><td>481.39</td><td>OK</td></tr><tr><td>680</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>681</td><td>5000</td><td>5000.0</td><td>MD</td></tr><tr><td>682</td><td>5000</td><td>359.47</td><td>OH</td></tr><tr><td>683</td><td>5000</td><td>979.85</td><td>FL</td></tr><tr><td>684</td><td>5000</td><td>1967.9</td><td>NC</td></tr><tr><td>685</td><td>5000</td><td>5000.0</td><td>NV</td></tr><tr><td>686</td><td>5000</td><td>1627.8</td><td>CO</td></tr><tr><td>687</td><td>5000</td><td>5000.0</td><td>WA</td></tr><tr><td>688</td><td>5000</td><td>2025.76</td><td>PA</td></tr><tr><td>689</td><td>5000</td><td>2025.76</td><td>CT</td></tr><tr><td>690</td><td>5000</td><td>1756.45</td><td>WA</td></tr><tr><td>691</td><td>5000</td><td>2438.26</td><td>NY</td></tr><tr><td>692</td><td>5000</td><td>2438.26</td><td>OH</td></tr><tr><td>693</td><td>5000</td><td>357.32</td><td>TX</td></tr><tr><td>694</td><td>5000</td><td>4677.11</td><td>MI</td></tr><tr><td>695</td><td>5000</td><td>3148.05</td><td>VA</td></tr><tr><td>696</td><td>5000</td><td>2858.61</td><td>VA</td></tr><tr><td>697</td><td>5000</td><td>1751.91</td><td>NM</td></tr><tr><td>698</td><td>5000</td><td>1619.52</td><td>WI</td></tr><tr><td>699</td><td>5000</td><td>1751.27</td><td>FL</td></tr><tr><td>700</td><td>5000</td><td>3282.44</td><td>CA</td></tr><tr><td>701</td><td>5000</td><td>1228.57</td><td>IN</td></tr><tr><td>702</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>703</td><td>5000</td><td>5000.0</td><td>NC</td></tr><tr><td>704</td><td>5000</td><td>843.86</td><td>MD</td></tr><tr><td>705</td><td>5000</td><td>843.86</td><td>CA</td></tr><tr><td>706</td><td>5000</td><td>5000.0</td><td>MD</td></tr><tr><td>707</td><td>5000</td><td>1222.95</td><td>NY</td></tr><tr><td>708</td><td>5000</td><td>969.03</td><td>MN</td></tr><tr><td>709</td><td>5000</td><td>843.33</td><td>CA</td></tr><tr><td>710</td><td>5000</td><td>843.33</td><td>IN</td></tr><tr><td>711</td><td>5000</td><td>5000.0</td><td>PA</td></tr><tr><td>712</td><td>5000</td><td>843.33</td><td>NY</td></tr><tr><td>713</td><td>5000</td><td>1094.75</td><td>MI</td></tr><tr><td>714</td><td>5000</td><td>843.33</td><td>IN</td></tr><tr><td>715</td><td>5000</td><td>968.44</td><td>PA</td></tr><tr><td>716</td><td>5000</td><td>2012.69</td><td>NV</td></tr><tr><td>717</td><td>5000</td><td>5000.0</td><td>AZ</td></tr><tr><td>718</td><td>5000</td><td>719.1</td><td>MI</td></tr><tr><td>719</td><td>5000</td><td>2012.69</td><td>TX</td></tr><tr><td>720</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>721</td><td>5000</td><td>1744.04</td><td>NE</td></tr><tr><td>722</td><td>5000</td><td>1221.74</td><td>NC</td></tr><tr><td>723</td><td>5000</td><td>474.71</td><td>TX</td></tr><tr><td>724</td><td>5000</td><td>842.41</td><td>MI</td></tr><tr><td>725</td><td>5000</td><td>967.85</td><td>WY</td></tr><tr><td>726</td><td>5000</td><td>967.85</td><td>GA</td></tr><tr><td>727</td><td>5000</td><td>5000.0</td><td>LA</td></tr><tr><td>728</td><td>5000</td><td>1180.77</td><td>MD</td></tr><tr><td>729</td><td>5000</td><td>718.93</td><td>CA</td></tr><tr><td>730</td><td>5000</td><td>1094.1</td><td>IL</td></tr><tr><td>731</td><td>5000</td><td>967.86</td><td>NY</td></tr><tr><td>732</td><td>5000</td><td>842.81</td><td>NY</td></tr><tr><td>733</td><td>5000</td><td>842.8</td><td>NJ</td></tr><tr><td>734</td><td>5000</td><td>5000.0</td><td>WI</td></tr><tr><td>735</td><td>5000</td><td>2706.19</td><td>NV</td></tr><tr><td>736</td><td>5000</td><td>1872.56</td><td>IL</td></tr><tr><td>737</td><td>5000</td><td>4674.41</td><td>NY</td></tr><tr><td>738</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>739</td><td>5000</td><td>2415.79</td><td>TX</td></tr><tr><td>740</td><td>5000</td><td>5000.0</td><td>IL</td></tr><tr><td>741</td><td>5000</td><td>2003.37</td><td>MD</td></tr><tr><td>742</td><td>5000</td><td>2003.37</td><td>IL</td></tr><tr><td>743</td><td>5000</td><td>1210.36</td><td>NY</td></tr><tr><td>744</td><td>5000</td><td>5000.0</td><td>NY</td></tr><tr><td>745</td><td>5000</td><td>2692.22</td><td>IL</td></tr><tr><td>746</td><td>5000</td><td>2834.25</td><td>PA</td></tr><tr><td>747</td><td>5000</td><td>2835.36</td><td>GA</td></tr><tr><td>748</td><td>5000</td><td>2835.36</td><td>PA</td></tr><tr><td>749</td><td>5000</td><td>5000.0</td><td>WI</td></tr><tr><td>750</td><td>5000</td><td>5000.0</td><td>NY</td></tr><tr><td>751</td><td>5000</td><td>3408.03</td><td>FL</td></tr><tr><td>752</td><td>5000</td><td>231.16</td><td>CA</td></tr><tr><td>753</td><td>5000</td><td>5000.0</td><td>NJ</td></tr><tr><td>754</td><td>5000</td><td>3119.24</td><td>VA</td></tr><tr><td>755</td><td>5000</td><td>2684.95</td><td>NV</td></tr><tr><td>756</td><td>5000</td><td>1204.08</td><td>PA</td></tr><tr><td>757</td><td>5000</td><td>5000.0</td><td>NY</td></tr><tr><td>758</td><td>5000</td><td>1204.07</td><td>CA</td></tr><tr><td>759</td><td>5000</td><td>829.41</td><td>FL</td></tr><tr><td>760</td><td>5000</td><td>952.98</td><td>NJ</td></tr><tr><td>761</td><td>5000</td><td>829.41</td><td>IN</td></tr><tr><td>762</td><td>5000</td><td>465.43</td><td>NY</td></tr><tr><td>763</td><td>5000</td><td>1721.61</td><td>PA</td></tr><tr><td>764</td><td>5000</td><td>585.42</td><td>CA</td></tr><tr><td>765</td><td>5000</td><td>1589.98</td><td>AZ</td></tr><tr><td>766</td><td>5000</td><td>1589.98</td><td>CA</td></tr><tr><td>767</td><td>5000</td><td>5000.0</td><td>CO</td></tr><tr><td>768</td><td>5000</td><td>1985.05</td><td>GA</td></tr><tr><td>769</td><td>5000</td><td>2121.29</td><td>LA</td></tr><tr><td>770</td><td>5000</td><td>1746.82</td><td>TX</td></tr><tr><td>771</td><td>5000</td><td>5000.0</td><td>FL</td></tr><tr><td>772</td><td>5000</td><td>2676.01</td><td>DC</td></tr><tr><td>773</td><td>5000</td><td>2534.18</td><td>NY</td></tr><tr><td>774</td><td>5000</td><td>2816.65</td><td>VA</td></tr><tr><td>775</td><td>5000</td><td>3108.3</td><td>CA</td></tr><tr><td>776</td><td>5000</td><td>2673.01</td><td>TN</td></tr><tr><td>777</td><td>5000</td><td>3406.19</td><td>CA</td></tr><tr><td>778</td><td>5000</td><td>1193.66</td><td>NC</td></tr><tr><td>779</td><td>5000</td><td>944.14</td><td>CA</td></tr><tr><td>780</td><td>5000</td><td>5000.0</td><td>WA</td></tr><tr><td>781</td><td>5000</td><td>944.14</td><td>FL</td></tr><tr><td>782</td><td>5000</td><td>1578.57</td><td>NJ</td></tr><tr><td>783</td><td>5000</td><td>700.13</td><td>WI</td></tr><tr><td>784</td><td>5000</td><td>344.2</td><td>WA</td></tr><tr><td>785</td><td>5000</td><td>2108.09</td><td>NV</td></tr><tr><td>786</td><td>5000</td><td>5000.0</td><td>MS</td></tr><tr><td>787</td><td>5000</td><td>2108.9</td><td>CA</td></tr><tr><td>788</td><td>5000</td><td>2666.97</td><td>HI</td></tr><tr><td>789</td><td>5000</td><td>5000.0</td><td>NY</td></tr><tr><td>790</td><td>5000</td><td>2384.78</td><td>OH</td></tr><tr><td>791</td><td>5000</td><td>5000.0</td><td>VA</td></tr><tr><td>792</td><td>5000</td><td>1186.72</td><td>NJ</td></tr><tr><td>793</td><td>5000</td><td>1186.72</td><td>AK</td></tr><tr><td>794</td><td>5000</td><td>5000.0</td><td>PA</td></tr><tr><td>795</td><td>5000</td><td>1568.22</td><td>NY</td></tr><tr><td>796</td><td>5000</td><td>816.15</td><td>NJ</td></tr><tr><td>797</td><td>5000</td><td>816.15</td><td>NY</td></tr><tr><td>798</td><td>5000</td><td>1890.65</td><td>MD</td></tr><tr><td>799</td><td>5000</td><td>3097.08</td><td>TN</td></tr><tr><td>800</td><td>5000</td><td>5000.0</td><td>CT</td></tr><tr><td>801</td><td>5000</td><td>1956.57</td><td>TX</td></tr><tr><td>802</td><td>5000</td><td>5000.0</td><td>SC</td></tr><tr><td>803</td><td>5000</td><td>4496.36</td><td>NY</td></tr><tr><td>804</td><td>5000</td><td>1552.32</td><td>TX</td></tr><tr><td>805</td><td>5000</td><td>805.65</td><td>NY</td></tr><tr><td>806</td><td>5000</td><td>686.23</td><td>GA</td></tr><tr><td>807</td><td>5000</td><td>336.41</td><td>NY</td></tr><tr><td>808</td><td>5000</td><td>1943.68</td><td>MO</td></tr><tr><td>809</td><td>5000</td><td>1944.13</td><td>CA</td></tr><tr><td>810</td><td>5000</td><td>1944.12</td><td>CA</td></tr><tr><td>811</td><td>5000</td><td>1544.45</td><td>WA</td></tr><tr><td>812</td><td>5000</td><td>1544.45</td><td>FL</td></tr><tr><td>813</td><td>5000</td><td>5000.0</td><td>WI</td></tr><tr><td>814</td><td>5000</td><td>795.24</td><td>NC</td></tr><tr><td>815</td><td>5000</td><td>1159.28</td><td>OR</td></tr><tr><td>816</td><td>5000</td><td>1786.24</td><td>NY</td></tr><tr><td>817</td><td>5000</td><td>5000.0</td><td>NM</td></tr><tr><td>818</td><td>5000</td><td>1650.88</td><td>CA</td></tr><tr><td>819</td><td>5000</td><td>5000.0</td><td>NM</td></tr><tr><td>820</td><td>5000</td><td>213.58</td><td>CA</td></tr><tr><td>821</td><td>5000</td><td>5000.0</td><td>OH</td></tr><tr><td>822</td><td>5000</td><td>2026.3</td><td>TX</td></tr><tr><td>823</td><td>5000</td><td>1877.86</td><td>CA</td></tr><tr><td>824</td><td>5000</td><td>754.43</td><td>NY</td></tr><tr><td>825</td><td>5000</td><td>5000.0</td><td>CA</td></tr><tr><td>826</td><td>5000</td><td>287.7</td><td>CA</td></tr><tr><td>827</td><td>5050</td><td>1822.02</td><td>FL</td></tr><tr><td>828</td><td>5050</td><td>1761.5</td><td>FL</td></tr><tr><td>829</td><td>5050</td><td>1088.66</td><td>GA</td></tr><tr><td>830</td><td>5100</td><td>1998.39</td><td>NY</td></tr><tr><td>831</td><td>5100</td><td>3238.26</td><td>NY</td></tr><tr><td>832</td><td>5100</td><td>833.81</td><td>IL</td></tr><tr><td>833</td><td>5125</td><td>380.54</td><td>WI</td></tr><tr><td>834</td><td>5125</td><td>5125.0</td><td>GA</td></tr><tr><td>835</td><td>5200</td><td>4872.59</td><td>CT</td></tr><tr><td>836</td><td>5200</td><td>4867.83</td><td>CT</td></tr><tr><td>837</td><td>5200</td><td>1137.92</td><td>CA</td></tr><tr><td>838</td><td>5200</td><td>3244.04</td><td>MI</td></tr><tr><td>839</td><td>5200</td><td>5200.0</td><td>FL</td></tr><tr><td>840</td><td>5200</td><td>109.57</td><td>AL</td></tr><tr><td>841</td><td>5275</td><td>2473.35</td><td>CA</td></tr><tr><td>842</td><td>5275</td><td>1726.48</td><td>AR</td></tr><tr><td>843</td><td>5300</td><td>1246.97</td><td>NC</td></tr><tr><td>844</td><td>5300</td><td>400.6</td><td>TX</td></tr><tr><td>845</td><td>5300</td><td>853.23</td><td>OH</td></tr><tr><td>846</td><td>5325</td><td>1064.02</td><td>NJ</td></tr><tr><td>847</td><td>5350</td><td>5350.0</td><td>MD</td></tr><tr><td>848</td><td>5375</td><td>1141.34</td><td>OK</td></tr><tr><td>849</td><td>5375</td><td>971.18</td><td>WA</td></tr><tr><td>850</td><td>5375</td><td>201.62</td><td>WI</td></tr><tr><td>851</td><td>5400</td><td>3197.27</td><td>VA</td></tr><tr><td>852</td><td>5400</td><td>1821.23</td><td>TN</td></tr><tr><td>853</td><td>5400</td><td>5400.0</td><td>NJ</td></tr><tr><td>854</td><td>5400</td><td>383.23</td><td>NC</td></tr><tr><td>855</td><td>5400</td><td>910.23</td><td>CA</td></tr><tr><td>856</td><td>5400</td><td>639.58</td><td>MD</td></tr><tr><td>857</td><td>5400</td><td>2551.69</td><td>IL</td></tr><tr><td>858</td><td>5425</td><td>2217.67</td><td>TX</td></tr><tr><td>859</td><td>5450</td><td>3505.54</td><td>IL</td></tr><tr><td>860</td><td>5450</td><td>2015.06</td><td>IL</td></tr><tr><td>861</td><td>5500</td><td>2464.58</td><td>VA</td></tr><tr><td>862</td><td>5500</td><td>2056.83</td><td>NC</td></tr><tr><td>863</td><td>5500</td><td>2488.45</td><td>VA</td></tr><tr><td>864</td><td>5500</td><td>5500.0</td><td>NV</td></tr><tr><td>865</td><td>5500</td><td>3062.49</td><td>PA</td></tr><tr><td>866</td><td>5500</td><td>2740.67</td><td>IL</td></tr><tr><td>867</td><td>5500</td><td>5500.0</td><td>NY</td></tr><tr><td>868</td><td>5500</td><td>1351.46</td><td>NJ</td></tr><tr><td>869</td><td>5500</td><td>1772.5</td><td>OH</td></tr><tr><td>870</td><td>5500</td><td>2333.51</td><td>DE</td></tr><tr><td>871</td><td>5500</td><td>5500.0</td><td>TX</td></tr><tr><td>872</td><td>5500</td><td>2940.62</td><td>AR</td></tr><tr><td>873</td><td>5500</td><td>3418.5</td><td>NC</td></tr><tr><td>874</td><td>5500</td><td>1839.18</td><td>AR</td></tr><tr><td>875</td><td>5525</td><td>5525.0</td><td>SD</td></tr><tr><td>876</td><td>5550</td><td>2268.61</td><td>NY</td></tr><tr><td>877</td><td>5575</td><td>348.61</td><td>CA</td></tr><tr><td>878</td><td>5600</td><td>5600.0</td><td>VA</td></tr><tr><td>879</td><td>5600</td><td>2300.94</td><td>OH</td></tr><tr><td>880</td><td>5600</td><td>1997.79</td><td>CA</td></tr><tr><td>881</td><td>5600</td><td>2764.1</td><td>IL</td></tr><tr><td>882</td><td>5600</td><td>5600.0</td><td>MN</td></tr><tr><td>883</td><td>5600</td><td>1986.34</td><td>NE</td></tr><tr><td>884</td><td>5600</td><td>5600.0</td><td>MD</td></tr><tr><td>885</td><td>5600</td><td>5600.0</td><td>HI</td></tr><tr><td>886</td><td>5600</td><td>1961.29</td><td>MN</td></tr><tr><td>887</td><td>5600</td><td>5600.0</td><td>OH</td></tr><tr><td>888</td><td>5600</td><td>928.93</td><td>NY</td></tr><tr><td>889</td><td>5600</td><td>928.93</td><td>MN</td></tr><tr><td>890</td><td>5600</td><td>5600.0</td><td>WA</td></tr><tr><td>891</td><td>5600</td><td>1862.16</td><td>NY</td></tr><tr><td>892</td><td>5600</td><td>5212.88</td><td>MD</td></tr><tr><td>893</td><td>5600</td><td>5600.0</td><td>VA</td></tr><tr><td>894</td><td>5600</td><td>2094.18</td><td>NY</td></tr><tr><td>895</td><td>5625</td><td>1055.48</td><td>TN</td></tr><tr><td>896</td><td>5700</td><td>1262.21</td><td>NY</td></tr><tr><td>897</td><td>5700</td><td>5700.0</td><td>GA</td></tr><tr><td>898</td><td>5700</td><td>2350.24</td><td>NY</td></tr><tr><td>899</td><td>5700</td><td>1653.81</td><td>WI</td></tr><tr><td>900</td><td>5750</td><td>3325.17</td><td>MN</td></tr><tr><td>901</td><td>5825</td><td>769.02</td><td>GA</td></tr><tr><td>902</td><td>5825</td><td>1877.16</td><td>TX</td></tr><tr><td>903</td><td>5825</td><td>5428.77</td><td>OH</td></tr><tr><td>904</td><td>5825</td><td>1177.99</td><td>CO</td></tr><tr><td>905</td><td>5850</td><td>2807.36</td><td>MN</td></tr><tr><td>906</td><td>5925</td><td>2613.06</td><td>NJ</td></tr><tr><td>907</td><td>5925</td><td>1319.57</td><td>PA</td></tr><tr><td>908</td><td>5950</td><td>2172.28</td><td>PA</td></tr><tr><td>909</td><td>6000</td><td>2503.88</td><td>OH</td></tr><tr><td>910</td><td>6000</td><td>2452.77</td><td>SC</td></tr><tr><td>911</td><td>6000</td><td>2252.11</td><td>VA</td></tr><tr><td>912</td><td>6000</td><td>1111.87</td><td>CA</td></tr><tr><td>913</td><td>6000</td><td>6000.0</td><td>FL</td></tr><tr><td>914</td><td>6000</td><td>1183.8</td><td>NY</td></tr><tr><td>915</td><td>6000</td><td>2234.24</td><td>IL</td></tr><tr><td>916</td><td>6000</td><td>1023.4</td><td>SC</td></tr><tr><td>917</td><td>6000</td><td>1252.02</td><td>SC</td></tr><tr><td>918</td><td>6000</td><td>2549.14</td><td>CA</td></tr><tr><td>919</td><td>6000</td><td>1252.02</td><td>MI</td></tr><tr><td>920</td><td>6000</td><td>6000.0</td><td>OR</td></tr><tr><td>921</td><td>6000</td><td>2549.14</td><td>CO</td></tr><tr><td>922</td><td>6000</td><td>2549.14</td><td>TX</td></tr><tr><td>923</td><td>6000</td><td>2549.14</td><td>CA</td></tr><tr><td>924</td><td>6000</td><td>2549.13</td><td>OH</td></tr><tr><td>925</td><td>6000</td><td>6000.0</td><td>VA</td></tr><tr><td>926</td><td>6000</td><td>5637.76</td><td>CA</td></tr><tr><td>927</td><td>6000</td><td>3532.84</td><td>IL</td></tr><tr><td>928</td><td>6000</td><td>4961.58</td><td>NY</td></tr><tr><td>929</td><td>6000</td><td>2523.52</td><td>CO</td></tr><tr><td>930</td><td>6000</td><td>2688.58</td><td>IL</td></tr><tr><td>931</td><td>6000</td><td>3570.23</td><td>CA</td></tr><tr><td>932</td><td>6000</td><td>6000.0</td><td>TX</td></tr><tr><td>933</td><td>6000</td><td>1070.59</td><td>NY</td></tr><tr><td>934</td><td>6000</td><td>3010.27</td><td>TX</td></tr><tr><td>935</td><td>6000</td><td>6000.0</td><td>CA</td></tr><tr><td>936</td><td>6000</td><td>1067.27</td><td>CA</td></tr><tr><td>937</td><td>6000</td><td>1538.61</td><td>CT</td></tr><tr><td>938</td><td>6000</td><td>2506.68</td><td>IL</td></tr><tr><td>939</td><td>6000</td><td>6000.0</td><td>OH</td></tr><tr><td>940</td><td>6000</td><td>2173.8</td><td>NY</td></tr><tr><td>941</td><td>6000</td><td>2177.28</td><td>VA</td></tr><tr><td>942</td><td>6000</td><td>2503.88</td><td>LA</td></tr><tr><td>943</td><td>6000</td><td>2177.28</td><td>MI</td></tr><tr><td>944</td><td>6000</td><td>2668.69</td><td>AZ</td></tr><tr><td>945</td><td>6000</td><td>1219.68</td><td>WA</td></tr><tr><td>946</td><td>6000</td><td>1376.44</td><td>NY</td></tr><tr><td>947</td><td>6000</td><td>1532.52</td><td>MI</td></tr><tr><td>948</td><td>6000</td><td>904.37</td><td>OH</td></tr><tr><td>949</td><td>6000</td><td>3840.98</td><td>NJ</td></tr><tr><td>950</td><td>6000</td><td>3840.98</td><td>MA</td></tr><tr><td>951</td><td>6000</td><td>2657.63</td><td>GA</td></tr><tr><td>952</td><td>6000</td><td>2989.66</td><td>FL</td></tr><tr><td>953</td><td>6000</td><td>447.23</td><td>PA</td></tr><tr><td>954</td><td>6000</td><td>3259.17</td><td>GA</td></tr><tr><td>955</td><td>6000</td><td>2003.45</td><td>NY</td></tr><tr><td>956</td><td>6000</td><td>2164.84</td><td>TX</td></tr><tr><td>957</td><td>6000</td><td>447.12</td><td>PA</td></tr><tr><td>958</td><td>6000</td><td>6000.0</td><td>NJ</td></tr><tr><td>959</td><td>6000</td><td>447.11</td><td>MN</td></tr><tr><td>960</td><td>6000</td><td>1208.67</td><td>AZ</td></tr><tr><td>961</td><td>6000</td><td>1364.46</td><td>FL</td></tr><tr><td>962</td><td>6000</td><td>6000.0</td><td>AR</td></tr><tr><td>963</td><td>6000</td><td>1515.27</td><td>WA</td></tr><tr><td>964</td><td>6000</td><td>2201.19</td><td>NV</td></tr><tr><td>965</td><td>6000</td><td>2629.57</td><td>NJ</td></tr><tr><td>966</td><td>6000</td><td>2629.57</td><td>CA</td></tr><tr><td>967</td><td>6000</td><td>2465.3</td><td>IL</td></tr><tr><td>968</td><td>6000</td><td>2465.3</td><td>OR</td></tr><tr><td>969</td><td>6000</td><td>2465.3</td><td>NJ</td></tr><tr><td>970</td><td>6000</td><td>2629.57</td><td>KY</td></tr><tr><td>971</td><td>6000</td><td>3450.57</td><td>NY</td></tr><tr><td>972</td><td>6000</td><td>2961.69</td><td>NY</td></tr><tr><td>973</td><td>6000</td><td>3299.1</td><td>MI</td></tr><tr><td>974</td><td>6000</td><td>3299.1</td><td>CA</td></tr><tr><td>975</td><td>6000</td><td>3814.95</td><td>OR</td></tr><tr><td>976</td><td>6000</td><td>2031.1</td><td>NJ</td></tr><tr><td>977</td><td>6000</td><td>2616.49</td><td>NY</td></tr><tr><td>978</td><td>6000</td><td>2128.22</td><td>CA</td></tr><tr><td>979</td><td>6000</td><td>2947.74</td><td>CA</td></tr><tr><td>980</td><td>6000</td><td>2947.74</td><td>NY</td></tr><tr><td>981</td><td>6000</td><td>3111.55</td><td>CA</td></tr><tr><td>982</td><td>6000</td><td>6000.0</td><td>FL</td></tr><tr><td>983</td><td>6000</td><td>1322.03</td><td>NY</td></tr><tr><td>984</td><td>6000</td><td>1482.8</td><td>MT</td></tr><tr><td>985</td><td>6000</td><td>2594.63</td><td>FL</td></tr><tr><td>986</td><td>6000</td><td>2107.71</td><td>NY</td></tr><tr><td>987</td><td>6000</td><td>428.76</td><td>CA</td></tr><tr><td>988</td><td>6000</td><td>1943.5</td><td>FL</td></tr><tr><td>989</td><td>6000</td><td>6000.0</td><td>IL</td></tr><tr><td>990</td><td>6000</td><td>1012.67</td><td>NY</td></tr><tr><td>991</td><td>6000</td><td>1314.53</td><td>UT</td></tr><tr><td>992</td><td>6000</td><td>1162.15</td><td>DE</td></tr><tr><td>993</td><td>6000</td><td>1466.73</td><td>OH</td></tr><tr><td>994</td><td>6000</td><td>1012.01</td><td>CA</td></tr><tr><td>995</td><td>6000</td><td>1012.01</td><td>AZ</td></tr><tr><td>996</td><td>6000</td><td>1466.73</td><td>AZ</td></tr><tr><td>997</td><td>6000</td><td>2414.39</td><td>CA</td></tr><tr><td>998</td><td>6000</td><td>2578.88</td><td>OK</td></tr><tr><td>999</td><td>6000</td><td>2415.37</td><td>FL</td></tr></tbody></table>Showing the first 1000 rows.</div>"]},"transient":null}],"execution_count":0},{"cell_type":"code","source":["iot_devices = spark.read\\\n  .format(\"delta\")\\\n  .load(\"abfss://test-container@rrdemostorageacc.dfs.core.windows.net/iot-devices\")\n\ndisplay(iot_devices)"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"086f47dd-9611-4f69-842c-56877c8cf00a"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"datasetInfos":[],"data":"<div class=\"ansiout\"></div>","removedWidgets":[],"addedWidgets":{},"metadata":{},"type":"html","arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .ansiout {\n    display: block;\n    unicode-bidi: embed;\n    white-space: pre-wrap;\n    word-wrap: break-word;\n    word-break: break-all;\n    font-family: \"Source Code Pro\", \"Menlo\", monospace;;\n    font-size: 13px;\n    color: #555;\n    margin-left: 4px;\n    line-height: 19px;\n  }\n</style>\n<div class=\"ansiout\"></div>"]},"transient":null},{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"data":"<div class=\"ansiout\"><span class=\"ansi-red-fg\">---------------------------------------------------------------------------</span>\n<span class=\"ansi-red-fg\">AnalysisException</span>                         Traceback (most recent call last)\n<span class=\"ansi-green-fg\">&lt;command-4023870332312377&gt;</span> in <span class=\"ansi-cyan-fg\">&lt;module&gt;</span>\n<span class=\"ansi-green-fg\">----&gt; 1</span><span class=\"ansi-red-fg\"> </span>iot_devices <span class=\"ansi-blue-fg\">=</span> spark<span class=\"ansi-blue-fg\">.</span>read<span class=\"ansi-red-fg\">\\</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">      2</span>   <span class=\"ansi-blue-fg\">.</span>format<span class=\"ansi-blue-fg\">(</span><span class=\"ansi-blue-fg\">&#34;delta&#34;</span><span class=\"ansi-blue-fg\">)</span><span class=\"ansi-red-fg\">\\</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">      3</span>   <span class=\"ansi-blue-fg\">.</span>load<span class=\"ansi-blue-fg\">(</span><span class=\"ansi-blue-fg\">&#34;abfss://test-container@rrdemostorageacc.dfs.core.windows.net/iot-devices&#34;</span><span class=\"ansi-blue-fg\">)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">      4</span> \n<span class=\"ansi-green-intense-fg ansi-bold\">      5</span> display<span class=\"ansi-blue-fg\">(</span>iot_devices<span class=\"ansi-blue-fg\">)</span>\n\n<span class=\"ansi-green-fg\">/databricks/spark/python/pyspark/sql/readwriter.py</span> in <span class=\"ansi-cyan-fg\">load</span><span class=\"ansi-blue-fg\">(self, path, format, schema, **options)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    202</span>         self<span class=\"ansi-blue-fg\">.</span>options<span class=\"ansi-blue-fg\">(</span><span class=\"ansi-blue-fg\">**</span>options<span class=\"ansi-blue-fg\">)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    203</span>         <span class=\"ansi-green-fg\">if</span> isinstance<span class=\"ansi-blue-fg\">(</span>path<span class=\"ansi-blue-fg\">,</span> str<span class=\"ansi-blue-fg\">)</span><span class=\"ansi-blue-fg\">:</span>\n<span class=\"ansi-green-fg\">--&gt; 204</span><span class=\"ansi-red-fg\">             </span><span class=\"ansi-green-fg\">return</span> self<span class=\"ansi-blue-fg\">.</span>_df<span class=\"ansi-blue-fg\">(</span>self<span class=\"ansi-blue-fg\">.</span>_jreader<span class=\"ansi-blue-fg\">.</span>load<span class=\"ansi-blue-fg\">(</span>path<span class=\"ansi-blue-fg\">)</span><span class=\"ansi-blue-fg\">)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    205</span>         <span class=\"ansi-green-fg\">elif</span> path <span class=\"ansi-green-fg\">is</span> <span class=\"ansi-green-fg\">not</span> <span class=\"ansi-green-fg\">None</span><span class=\"ansi-blue-fg\">:</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    206</span>             <span class=\"ansi-green-fg\">if</span> type<span class=\"ansi-blue-fg\">(</span>path<span class=\"ansi-blue-fg\">)</span> <span class=\"ansi-blue-fg\">!=</span> list<span class=\"ansi-blue-fg\">:</span>\n\n<span class=\"ansi-green-fg\">/databricks/spark/python/lib/py4j-0.10.9-src.zip/py4j/java_gateway.py</span> in <span class=\"ansi-cyan-fg\">__call__</span><span class=\"ansi-blue-fg\">(self, *args)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">   1302</span> \n<span class=\"ansi-green-intense-fg ansi-bold\">   1303</span>         answer <span class=\"ansi-blue-fg\">=</span> self<span class=\"ansi-blue-fg\">.</span>gateway_client<span class=\"ansi-blue-fg\">.</span>send_command<span class=\"ansi-blue-fg\">(</span>command<span class=\"ansi-blue-fg\">)</span>\n<span class=\"ansi-green-fg\">-&gt; 1304</span><span class=\"ansi-red-fg\">         return_value = get_return_value(\n</span><span class=\"ansi-green-intense-fg ansi-bold\">   1305</span>             answer, self.gateway_client, self.target_id, self.name)\n<span class=\"ansi-green-intense-fg ansi-bold\">   1306</span> \n\n<span class=\"ansi-green-fg\">/databricks/spark/python/pyspark/sql/utils.py</span> in <span class=\"ansi-cyan-fg\">deco</span><span class=\"ansi-blue-fg\">(*a, **kw)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    121</span>                 <span class=\"ansi-red-fg\"># Hide where the exception came from that shows a non-Pythonic</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    122</span>                 <span class=\"ansi-red-fg\"># JVM exception message.</span>\n<span class=\"ansi-green-fg\">--&gt; 123</span><span class=\"ansi-red-fg\">                 </span><span class=\"ansi-green-fg\">raise</span> converted <span class=\"ansi-green-fg\">from</span> <span class=\"ansi-green-fg\">None</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    124</span>             <span class=\"ansi-green-fg\">else</span><span class=\"ansi-blue-fg\">:</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    125</span>                 <span class=\"ansi-green-fg\">raise</span>\n\n<span class=\"ansi-red-fg\">AnalysisException</span>: Incompatible format detected.\n\nYou are trying to read from `abfss://test-container@rrdemostorageacc.dfs.core.windows.net/iot-devices` using Databricks Delta, but there is no\ntransaction log present. Check the upstream job to make sure that it is writing\nusing format(&#34;delta&#34;) and that you are trying to read from the table base path.\n\nTo disable this check, SET spark.databricks.delta.formatCheck.enabled=false\nTo learn more about Delta, see https://docs.microsoft.com/azure/databricks/delta/index\n</div>","errorSummary":"<span class=\"ansi-red-fg\">AnalysisException</span>: Incompatible format detected.","metadata":{},"errorTraceType":"html","type":"ipynbError","arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .ansiout {\n    display: block;\n    unicode-bidi: embed;\n    white-space: pre-wrap;\n    word-wrap: break-word;\n    word-break: break-all;\n    font-family: \"Source Code Pro\", \"Menlo\", monospace;;\n    font-size: 13px;\n    color: #555;\n    margin-left: 4px;\n    line-height: 19px;\n  }\n</style>\n<div class=\"ansiout\"><span class=\"ansi-red-fg\">---------------------------------------------------------------------------</span>\n<span class=\"ansi-red-fg\">AnalysisException</span>                         Traceback (most recent call last)\n<span class=\"ansi-green-fg\">&lt;command-4023870332312377&gt;</span> in <span class=\"ansi-cyan-fg\">&lt;module&gt;</span>\n<span class=\"ansi-green-fg\">----&gt; 1</span><span class=\"ansi-red-fg\"> </span>iot_devices <span class=\"ansi-blue-fg\">=</span> spark<span class=\"ansi-blue-fg\">.</span>read<span class=\"ansi-red-fg\">\\</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">      2</span>   <span class=\"ansi-blue-fg\">.</span>format<span class=\"ansi-blue-fg\">(</span><span class=\"ansi-blue-fg\">&#34;delta&#34;</span><span class=\"ansi-blue-fg\">)</span><span class=\"ansi-red-fg\">\\</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">      3</span>   <span class=\"ansi-blue-fg\">.</span>load<span class=\"ansi-blue-fg\">(</span><span class=\"ansi-blue-fg\">&#34;abfss://test-container@rrdemostorageacc.dfs.core.windows.net/iot-devices&#34;</span><span class=\"ansi-blue-fg\">)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">      4</span> \n<span class=\"ansi-green-intense-fg ansi-bold\">      5</span> display<span class=\"ansi-blue-fg\">(</span>iot_devices<span class=\"ansi-blue-fg\">)</span>\n\n<span class=\"ansi-green-fg\">/databricks/spark/python/pyspark/sql/readwriter.py</span> in <span class=\"ansi-cyan-fg\">load</span><span class=\"ansi-blue-fg\">(self, path, format, schema, **options)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    202</span>         self<span class=\"ansi-blue-fg\">.</span>options<span class=\"ansi-blue-fg\">(</span><span class=\"ansi-blue-fg\">**</span>options<span class=\"ansi-blue-fg\">)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    203</span>         <span class=\"ansi-green-fg\">if</span> isinstance<span class=\"ansi-blue-fg\">(</span>path<span class=\"ansi-blue-fg\">,</span> str<span class=\"ansi-blue-fg\">)</span><span class=\"ansi-blue-fg\">:</span>\n<span class=\"ansi-green-fg\">--&gt; 204</span><span class=\"ansi-red-fg\">             </span><span class=\"ansi-green-fg\">return</span> self<span class=\"ansi-blue-fg\">.</span>_df<span class=\"ansi-blue-fg\">(</span>self<span class=\"ansi-blue-fg\">.</span>_jreader<span class=\"ansi-blue-fg\">.</span>load<span class=\"ansi-blue-fg\">(</span>path<span class=\"ansi-blue-fg\">)</span><span class=\"ansi-blue-fg\">)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    205</span>         <span class=\"ansi-green-fg\">elif</span> path <span class=\"ansi-green-fg\">is</span> <span class=\"ansi-green-fg\">not</span> <span class=\"ansi-green-fg\">None</span><span class=\"ansi-blue-fg\">:</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    206</span>             <span class=\"ansi-green-fg\">if</span> type<span class=\"ansi-blue-fg\">(</span>path<span class=\"ansi-blue-fg\">)</span> <span class=\"ansi-blue-fg\">!=</span> list<span class=\"ansi-blue-fg\">:</span>\n\n<span class=\"ansi-green-fg\">/databricks/spark/python/lib/py4j-0.10.9-src.zip/py4j/java_gateway.py</span> in <span class=\"ansi-cyan-fg\">__call__</span><span class=\"ansi-blue-fg\">(self, *args)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">   1302</span> \n<span class=\"ansi-green-intense-fg ansi-bold\">   1303</span>         answer <span class=\"ansi-blue-fg\">=</span> self<span class=\"ansi-blue-fg\">.</span>gateway_client<span class=\"ansi-blue-fg\">.</span>send_command<span class=\"ansi-blue-fg\">(</span>command<span class=\"ansi-blue-fg\">)</span>\n<span class=\"ansi-green-fg\">-&gt; 1304</span><span class=\"ansi-red-fg\">         return_value = get_return_value(\n</span><span class=\"ansi-green-intense-fg ansi-bold\">   1305</span>             answer, self.gateway_client, self.target_id, self.name)\n<span class=\"ansi-green-intense-fg ansi-bold\">   1306</span> \n\n<span class=\"ansi-green-fg\">/databricks/spark/python/pyspark/sql/utils.py</span> in <span class=\"ansi-cyan-fg\">deco</span><span class=\"ansi-blue-fg\">(*a, **kw)</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    121</span>                 <span class=\"ansi-red-fg\"># Hide where the exception came from that shows a non-Pythonic</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    122</span>                 <span class=\"ansi-red-fg\"># JVM exception message.</span>\n<span class=\"ansi-green-fg\">--&gt; 123</span><span class=\"ansi-red-fg\">                 </span><span class=\"ansi-green-fg\">raise</span> converted <span class=\"ansi-green-fg\">from</span> <span class=\"ansi-green-fg\">None</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    124</span>             <span class=\"ansi-green-fg\">else</span><span class=\"ansi-blue-fg\">:</span>\n<span class=\"ansi-green-intense-fg ansi-bold\">    125</span>                 <span class=\"ansi-green-fg\">raise</span>\n\n<span class=\"ansi-red-fg\">AnalysisException</span>: Incompatible format detected.\n\nYou are trying to read from `abfss://test-container@rrdemostorageacc.dfs.core.windows.net/iot-devices` using Databricks Delta, but there is no\ntransaction log present. Check the upstream job to make sure that it is writing\nusing format(&#34;delta&#34;) and that you are trying to read from the table base path.\n\nTo disable this check, SET spark.databricks.delta.formatCheck.enabled=false\nTo learn more about Delta, see https://docs.microsoft.com/azure/databricks/delta/index\n</div>"]},"transient":null}],"execution_count":0}],"metadata":{"application/vnd.databricks.v1+notebook":{"notebookName":"pattern 4- cluster scoped principals - loans","dashboards":[],"notebookMetadata":{"pythonIndentUnit":4},"language":"python","widgets":{},"notebookOrigID":4023870332312374}},"nbformat":4,"nbformat_minor":0}
2 | 


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/Pattern6.md:
--------------------------------------------------------------------------------
  1 | # Tutorial for Pattern 6: Databricks Tables Access Control
  2 | 
  3 | **Summary:**
  4 | 
  5 | This document provides links to a tutorial on implementing Pattern 6: Databricks Tables Access Control.
  6 | It is highly recommended to check [Databricks SQL security model and data access overview](https://docs.microsoft.com/en-us/azure/databricks/sql/user/security/data-access-overview) to gain better understanding of this approach.
  7 | 
  8 | **Versions:**
  9 | 
 10 | | **Name** | **Title** | **Notes** | **Date** |
 11 | | --- | --- | --- | --- |
 12 | | Anil Sener | Microsoft Cloud Solution Architect – Data &amp; AI | Original | 01 December 2021 |
 13 | |   |   |   |   |
 14 | 
 15 | # Contents
 16 | 
 17 | [Pre-requisites](#Pre-requisites)
 18 | 
 19 | [Tutorial Steps](#Tutorial-Steps)
 20 | 
 21 | [License/Terms of Use](#License/Terms-of-Use)
 22 | 
 23 | ## Pre-requisites
 24 | 
 25 | This tutorial requires the completion of the steps in [Connecting securely to ADLS from ADB](../../Readme.md#connecting-securely-to-adls-from-adb) section.
 26 | 
 27 | This tutorial requires the completion of the steps in the [preparation](../preparation/Readme.md) section.
 28 | 
 29 | This tutorial requires a premium Databricks Workspace.
 30 | 
 31 | ## Tutorial Steps
 32 | 1. Navigate to the <b>premium Azure Databricks Workspace > Overview</b> on Azure Portal and click <b>Launch Workspace</b> button, choose and <b>admin user</b> to login. When Azure Databricks Workspace is displayed, navigate to <b>Compute</b> and then create a <b>High Concurrency</b> cluster, enable Table Access Control for this cluster and set the Spark Configuration as below. Set the permissions to allow <b>LoanGroup</b> and <b>IoTDevicesGroup</b> to attach this cluster:
 33 | 
 34 | <p align="center">
 35 |   <img width="850" src="media/pattern_6_step_1.png" />
 36 | </p>
 37 | 
 38 | <p align="center">
 39 |   <img width="450" src="media/pattern_6_step_1_a.png" />
 40 | </p>
 41 | 
 42 | 2. Navigate to <b>SQL</b> on Databricks Menu:
 43 | <p align="center">
 44 |   <img width="850" src="media/pattern_6_step_2.png" />
 45 | </p>
 46 | 
 47 | 3. Navigate to <b>Configure data access > SQL Endpoint Settings</b> and [add a Service Principal](https://docs.microsoft.com/en-us/azure/databricks/sql/admin/data-access-configuration#storage-access) as follows. Please remember to replace `<storage-account-name>`,`<app-registration-client-id>`,`<databricks-secret-scope-name>`,`<databricks-secret-key>` and `<Directory-ID>` (your Azure Tenant ID). You can use the `<app-registration-client-id>`,`<databricks-secret-scope-name>` and `<databricks-secret-key>` from the App Registration and ADB Secrets in [Connecting securely to ADLS from ADB](../../Readme.md#connecting-securely-to-adls-from-adb) section:
 48 | 
 49 | ```
 50 | spark.hadoop.fs.azure.account.auth.type.<storage-account-name>.dfs.core.windows.net OAuth
 51 | spark.hadoop.fs.azure.account.oauth.provider.type.<storage-account-name>.dfs.core.windows.net org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider
 52 | spark.hadoop.fs.azure.account.oauth2.client.id.<storage-account-name>.dfs.core.windows.net <app-registration-client-id>
 53 | spark.hadoop.fs.azure.account.oauth2.client.secret.<storage-account-name>.dfs.core.windows.net {{secrets/<databricks-secret-scope-name>/<databricks-secret-key>}}
 54 | spark.hadoop.fs.azure.account.oauth2.client.endpoint.<storage-account-name>.dfs.core.windows.net https://login.microsoftonline.com/<Directory-ID>/oauth2/token
 55 | ```
 56 | 
 57 | <p align="center">
 58 |   <img width="850" src="media/pattern_6_step_3.png" />
 59 | </p>
 60 | 
 61 | 
 62 | 4. Navigate back to the main SQL screen and then navigate to <b>Review SQL endpoints</b> on the home screen (or navigate to SQL Endpoints in the Databricks Menu on the left) and click <b>Create SQL Enpoint</b> button to create and SQL endpoint with the following settings.
 63 | <p align="center">
 64 |   <img width="450" src="media/pattern_6_step_4.png" />
 65 | </p>
 66 | 
 67 | 5. Start the SQL Endpoint clicking on start button next to the SQL endpoint that you have created. It might take few minutes to observe the SQL Endpoint to move to Running State:
 68 | <p align="center">
 69 |   <img width="850" src="media/pattern_6_step_5.png" />
 70 | </p>
 71 | 
 72 | <p align="center">
 73 |   <img width="850" src="media/pattern_6_step_5_a.png" />
 74 | </p>
 75 | 
 76 | 
 77 | 6. When the SQL endpoint started, navigate to <b>Queries</b> in the Databricks Menu and click <b>Create Query</b> button:
 78 | <p align="center">
 79 |   <img width="850" src="media/pattern_6_step_6.png" />
 80 | </p>
 81 | 
 82 | 7. Select the created and started SQL Endpoint in the New Query Editor:
 83 | <p align="center">
 84 |   <img width="850" src="media/pattern_6_step_7.png" />
 85 | </p>
 86 | 
 87 | 8. Copy and select the commands below in the Query Editor and the click <b>Run Selected</b> button to execute the commands:
 88 | ```
 89 | GRANT  USAGE
 90 |   ON DATABASE testdb
 91 |   TO
 92 | `LoanGroup`;
 93 | 
 94 | GRANT  USAGE
 95 |   ON DATABASE testdb
 96 |   TO
 97 | `IoTDevicesGroup`;
 98 | 
 99 | GRANT READ_METADATA,`SELECT`, MODIFY
100 | ON TABLE testdb.iot_devices 
101 |   TO
102 | `IoTDevicesGroup`;
103 | 
104 | 
105 | GRANT READ_METADATA,`SELECT`, MODIFY
106 | ON TABLE testdb.loans 
107 |   TO
108 | `LoanGroup`;
109 | 
110 | DENY READ_METADATA,`SELECT`, MODIFY
111 | ON TABLE testdb.iot_devices 
112 |   TO
113 | `LoanGroup`;
114 | 
115 | DENY READ_METADATA,`SELECT`, MODIFY
116 | ON TABLE testdb.loans 
117 |   TO
118 | `IoTDevicesGroup`;
119 | ```
120 | 
121 | <p align="center">
122 |   <img width="850" src="media/pattern_6_step_8.png" />
123 | </p>
124 | 
125 | 9. (Optional) Click to <b>Grant Permissions</b> item on the popup menu near the Databricks Menu, find `testdb` and check permissions. Check the permissions for the tables as well:
126 | <p align="center">
127 |   <img width="650" src="media/pattern_6_step_8_a.png" />
128 | </p>
129 | 
130 | <p align="center">
131 |   <img width="650" src="media/pattern_6_step_8_b.png" />
132 | </p>
133 | 
134 | <p align="center">
135 |   <img width="650" src="media/pattern_6_step_8_c.png" />
136 | </p>
137 | 
138 | 
139 | 10. Navigate to the premium Azure Databricks <b>Workspace > Overview</b> on Azure Portal and click Launch Workspace button, choose and <b>TestUser1</b> user to login. When Azure Databricks Workspace is displayed, navigate to <b>Workspace</b>, then upload [pattern6-table-access-control.ipynb](notebooks/testuser1/pattern6-table-access-control.ipynb) notebook to the Databricks Workspace and open the notebook, attach & start the cluster created in step 1 and then run all cells: 
140 | <p align="center">
141 |   <img width="850" src="media/pattern_6_step_9.png" />
142 | </p>
143 | 
144 | <p align="center">
145 |   <img width="850" src="media/pattern_6_step_9_a.png" />
146 | </p>
147 | 
148 | <i>RESULT: Neither of the file paths are directly accessible anymore. IotDevicesGroup Databricks Group users can only access to `testdb.iot_devices` table, the user received an explicity privilidge exception for `testdb.loans` table. These permissions are limited thanks to the privileges granted & denied by Databricks Table Control.</i> 
149 | 
150 | 
151 | 11. Navigate to the premium Azure Databricks <b>Workspace > Overview</b> on Azure Portal and click Launch Workspace button, choose and <b>TestUser2</b> user to login. When Azure Databricks Workspace is displayed, navigate to <b>Workspace</b>, then upload [pattern6-table-access-control.ipynb](notebooks/testuser2/pattern6-table-access-control.ipynb) notebook to the Databricks Workspace and open the notebook, attach & start the cluster created in step 1 and then run all cells: 
152 | <p align="center">
153 |   <img width="850" src="media/pattern_6_step_10.png" />
154 | </p>
155 | 
156 | <p align="center">
157 |   <img width="850" src="media/pattern_6_step_10_a.png" />
158 | </p>
159 | 
160 | <i>RESULT: Neither of the file paths are directly accessible anymore. LoansGroup Databricks Group users can only access to `testdb.loans` table, the user received an explicity privilidge exception for `testdb.iot_devices` table. These permissions are limited thanks to the privileges granted & denied by Databricks Table Control.</i> 
161 | 
162 | 
163 | ## License/Terms of Use
164 | 
165 | This is a free white paper released into the public domain.
166 | 
167 | Anyone is free to use or distribute this white paper, for any purpose,
168 | commercial or non-commercial, and by any means.
169 | 
170 | THE WHITE PAPER IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND,
171 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
172 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
173 | 
174 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
175 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
176 | FROM, OUT OF OR IN CONNECTION WITH THE WHITE PAPER.
177 | 
178 | 


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_1.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_10.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_10_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_10_a.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_1_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_1_a.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_2.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_3.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_4.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_5.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_5_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_5_a.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_6.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_7.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_8.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_8_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_8_a.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_8_b.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_8_b.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_8_c.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_8_c.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_9.png


--------------------------------------------------------------------------------
/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_9_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/pattern_6_Databricks_Table_Access_Control/media/pattern_6_step_9_a.png


--------------------------------------------------------------------------------
/tutorials/preparation/Preparation.md:
--------------------------------------------------------------------------------
  1 | # Preparation Steps 
  2 | 
  3 | **Summary:**
  4 | 
  5 | This document provides the preparation steps required to execute all tutorials.
  6 | 
  7 | **Versions:**
  8 | 
  9 | | **Name** | **Title** | **Notes** | **Date** |
 10 | | --- | --- | --- | --- |
 11 | | Anil Sener | Microsoft Cloud Solution Architect – Data &amp; AI | Original | 01 December 2021 |
 12 | |   |   |   |   |
 13 | 
 14 | # Contents
 15 | 
 16 | [Pre-requisites](#Pre-requisites)
 17 | 
 18 | [Tutorial Steps](#Tutorial-Steps)
 19 | 
 20 | [License/Terms of Use](#License/Terms-of-Use)
 21 | 
 22 | ## Pre-requisites
 23 | 
 24 | This tutorial requires the completion of the steps in [Connecting securely to ADLS from ADB](../../Readme.md#connecting-securely-to-adls-from-adb) section.
 25 | 
 26 | ## Tutorial Steps
 27 | 1. Navigate to <b>Azure Active Directory > Users</b> and then create two users as below:
 28 | <p align="center">
 29 |   <img width="850" src="media/preparation_step_1.png" />
 30 | </p>
 31 | 
 32 | 2. Navigate to <b>Azure Active Directory > Groups</b> and then create two users as below:
 33 | <p align="center">
 34 |   <img width="850" src="media/preparation_step_2.png" />
 35 | </p>
 36 | 
 37 | 3. Click on <b>group1</b> and then navigate to members and add <b>TestUser1</b>:
 38 | <p align="center">
 39 |   <img width="850" src="media/preparation_step_2_a.png" />
 40 | </p>
 41 | 
 42 | 4. Click on <b>group2</b> and then navigate to members and add <b>TestUser2</b>:
 43 | <p align="center">
 44 |   <img width="850" src="media/preparation_step_2_b.png" />
 45 | </p>
 46 | 
 47 | 5. Navigate to the <b>Storage Accounts</b>, drill down to the storage account created in the setup steps and navigate to Containers. Then, create a container called <b>test_container</b> with the following settings.
 48 | <p align="center">
 49 |   <img width="850" src="media/preparation_step_3.png" />
 50 | </p>
 51 | 
 52 | 6. Navigate to the premium Azure Databricks Workspace created, navigate to <b>Access Control (IAM) > Role Assignments</b> tab and then add both of the AD groups as a Contributor:
 53 | <p align="center">
 54 |   <img width="850" src="media/preparation_step_4.png" />
 55 | </p>
 56 | 
 57 | 7. Navigate to the <b>premium Azure Databricks Workspace > Overview</b> and click <b>Launch Workspace</b> button, choose and <b>admin user</b> to login. When Azure Databricks Workspace is displayed, navigate to <b>Settings > Admin Console > Users</b>. Then, add two AD users created using their emails. Please ensure that they are not Admin users and they cannot create any cluster:
 58 | <p align="center">
 59 |   <img width="850" src="media/preparation_step_5.png" />
 60 | </p>
 61 | 
 62 | 8. Navigate to <b>Settings > Admin Console > Groups</b>. Create two Databricks user groups called <b>IoTDevicesGroup</b> and <b>LoanGroup</b>.
 63 | Then, add two AD users created using their emails. Please ensure that they are not Admin users and they cannot create any cluster:
 64 | <p align="center">
 65 |   <img width="850" src="media/preparation_step_6.png" />
 66 | </p>
 67 | 
 68 | 9. Click <b>IoTDevicesGroup</b> group and add <b>testuser1</b> as a member to the group:
 69 | <p align="center">
 70 |   <img width="450" src="media/preparation_step_6_a.png" />
 71 | </p>
 72 | 
 73 | 10. Click <b>LoanGroup</b> group and add <b>testuser2</b> as a member to the group:
 74 | <p align="center">
 75 |   <img width="450" src="media/preparation_step_6_b.png" />
 76 | </p>
 77 | 
 78 | 11. Navigate to <b>Settings > Admin Console > Workspace Settings</b>. Please ensure that all the following access control settings are enabled:
 79 | <p align="center">
 80 |   <img width="850" src="media/preparation_step_7.png" />
 81 | </p>
 82 | 
 83 | 12. Navigate to <b>Compute</b> and create a single node cluster with the following settings:
 84 | <p align="center">
 85 |   <img width="850" src="media/preparation_step_8.png" />
 86 | </p>
 87 | 
 88 | 13. Navigate to <b>Workspace</b> and upload [Preparation.ipynb](notebooks/Preparation.ipynb) to the Databricks Workspace and open the notebook, attach the cluster created in the previous step and start the cluster. When the cluster is ready please run all the cells in the notebook:
 89 | <p align="center">
 90 |   <img width="850" src="media/preparation_step_9.png" />
 91 | </p>
 92 | 
 93 | <i>RESULT: This notebook will create <b>iot_devices</b> and <b>loans</b> folders under <b>test_container</b> using example databricks-datasets which will be essential for all patterns demonstrated in the tutorials. Last cell which creates two databricks tables is a pre-condition for only pattern 6.</i>
 94 | 
 95 | 
 96 | ## License/Terms of Use
 97 | 
 98 | This is a free white paper released into the public domain.
 99 | 
100 | Anyone is free to use or distribute this white paper, for any purpose,
101 | commercial or non-commercial, and by any means.
102 | 
103 | THE WHITE PAPER IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND,
104 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
105 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
106 | 
107 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
108 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
109 | FROM, OUT OF OR IN CONNECTION WITH THE WHITE PAPER.
110 | 
111 | 


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_1.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_2.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_2_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_2_a.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_2_b.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_2_b.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_3.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_4.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_5.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_6.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_6_a.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_6_a.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_6_b.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_6_b.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_7.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_8.png


--------------------------------------------------------------------------------
/tutorials/preparation/media/preparation_step_9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hurtn/datalake-ADLS-access-patterns-with-Databricks/b990dfdbdcfa7044dad83bf2fa45f2d4b7a37fff/tutorials/preparation/media/preparation_step_9.png


--------------------------------------------------------------------------------
/tutorials/preparation/notebooks/Preparation.ipynb:
--------------------------------------------------------------------------------
1 | {"cells":[{"cell_type":"markdown","source":["# Preparation"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"c2b51a9b-baf6-458d-b312-fb2f93e48839"}}},{"cell_type":"code","source":["%sh\n\nnslookup rrdemostorageacc.dfs.core.windows.net"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"2ea31503-bbe1-4d78-9e93-e0b72919491e"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"datasetInfos":[],"data":"<div class=\"ansiout\">Server:\t\t168.63.129.16\nAddress:\t168.63.129.16#53\n\nNon-authoritative answer:\nrrdemostorageacc.dfs.core.windows.net\tcanonical name = rrdemostorageacc.privatelink.dfs.core.windows.net.\nName:\trrdemostorageacc.privatelink.dfs.core.windows.net\nAddress: 10.1.0.4\n\n</div>","removedWidgets":[],"addedWidgets":{},"metadata":{},"type":"html","arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .ansiout {\n    display: block;\n    unicode-bidi: embed;\n    white-space: pre-wrap;\n    word-wrap: break-word;\n    word-break: break-all;\n    font-family: \"Source Code Pro\", \"Menlo\", monospace;;\n    font-size: 13px;\n    color: #555;\n    margin-left: 4px;\n    line-height: 19px;\n  }\n</style>\n<div class=\"ansiout\">Server:\t\t168.63.129.16\nAddress:\t168.63.129.16#53\n\nNon-authoritative answer:\nrrdemostorageacc.dfs.core.windows.net\tcanonical name = rrdemostorageacc.privatelink.dfs.core.windows.net.\nName:\trrdemostorageacc.privatelink.dfs.core.windows.net\nAddress: 10.1.0.4\n\n</div>"]},"transient":null}],"execution_count":0},{"cell_type":"code","source":["tenant_id=\"8a7b0420-a9f1-4cb9-8567-8a5b02d42bd2\"\nscope=\"rr-demo-secret-scope\"\nsecret=\"rr-demo-secret-key\"\nservice_principal_id=\"15317507-66ff-48e8-89ac-fca37c38f38e\"\n\nmount_path=\"/mnt/test-mount\""],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"541b1372-ad41-4d8f-ace2-b0d1c30d56b8"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"datasetInfos":[],"data":"<div class=\"ansiout\"></div>","removedWidgets":[],"addedWidgets":{},"metadata":{},"type":"html","arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .ansiout {\n    display: block;\n    unicode-bidi: embed;\n    white-space: pre-wrap;\n    word-wrap: break-word;\n    word-break: break-all;\n    font-family: \"Source Code Pro\", \"Menlo\", monospace;;\n    font-size: 13px;\n    color: #555;\n    margin-left: 4px;\n    line-height: 19px;\n  }\n</style>\n<div class=\"ansiout\"></div>"]},"transient":null}],"execution_count":0},{"cell_type":"code","source":["#https://docs.microsoft.com/en-gb/azure/databricks/data/data-sources/azure/adls-gen2/azure-datalake-gen2-sp-access\n\nconfigs = {\n  \"fs.azure.account.auth.type\": \"OAuth\",\n  \"fs.azure.account.oauth.provider.type\": \"org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider\",\n  \"fs.azure.account.oauth2.client.id\": service_principal_id,\n \"fs.azure.account.oauth2.client.secret\": dbutils.secrets.get(scope = scope, key = secret),\n  \"fs.azure.account.oauth2.client.endpoint\": \"https://login.microsoftonline.com/\"+tenant_id+\"/oauth2/token\"\n}\n\ndbutils.fs.unmount(\n     mount_point = mount_path\n)\ndbutils.fs.mount(\n  source = \"abfss://test-container@rrdemostorageacc.dfs.core.windows.net/\",\n  mount_point = mount_path,\n  extra_configs= configs\n)"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"936ec12c-49f5-404a-8c29-1f671ac368ef"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"datasetInfos":[],"data":"<div class=\"ansiout\">/mnt/test-mount has been unmounted.\nOut[2]: True</div>","removedWidgets":[],"addedWidgets":{},"metadata":{},"type":"html","arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .ansiout {\n    display: block;\n    unicode-bidi: embed;\n    white-space: pre-wrap;\n    word-wrap: break-word;\n    word-break: break-all;\n    font-family: \"Source Code Pro\", \"Menlo\", monospace;;\n    font-size: 13px;\n    color: #555;\n    margin-left: 4px;\n    line-height: 19px;\n  }\n</style>\n<div class=\"ansiout\">/mnt/test-mount has been unmounted.\nOut[2]: True</div>"]},"transient":null}],"execution_count":0},{"cell_type":"code","source":["\n\ndisplay(dbutils.fs.ls('/databricks-datasets'))"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"7fd2b642-41bb-40f9-8c18-9cfb53cf6746"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"overflow":false,"datasetInfos":[],"data":[["dbfs:/databricks-datasets/COVID/","COVID/",0],["dbfs:/databricks-datasets/README.md","README.md",976],["dbfs:/databricks-datasets/Rdatasets/","Rdatasets/",0],["dbfs:/databricks-datasets/SPARK_README.md","SPARK_README.md",3359],["dbfs:/databricks-datasets/adult/","adult/",0],["dbfs:/databricks-datasets/airlines/","airlines/",0],["dbfs:/databricks-datasets/amazon/","amazon/",0],["dbfs:/databricks-datasets/asa/","asa/",0],["dbfs:/databricks-datasets/atlas_higgs/","atlas_higgs/",0],["dbfs:/databricks-datasets/bikeSharing/","bikeSharing/",0],["dbfs:/databricks-datasets/cctvVideos/","cctvVideos/",0],["dbfs:/databricks-datasets/credit-card-fraud/","credit-card-fraud/",0],["dbfs:/databricks-datasets/cs100/","cs100/",0],["dbfs:/databricks-datasets/cs110x/","cs110x/",0],["dbfs:/databricks-datasets/cs190/","cs190/",0],["dbfs:/databricks-datasets/data.gov/","data.gov/",0],["dbfs:/databricks-datasets/definitive-guide/","definitive-guide/",0],["dbfs:/databricks-datasets/delta-sharing/","delta-sharing/",0],["dbfs:/databricks-datasets/flights/","flights/",0],["dbfs:/databricks-datasets/flower_photos/","flower_photos/",0],["dbfs:/databricks-datasets/flowers/","flowers/",0],["dbfs:/databricks-datasets/genomics/","genomics/",0],["dbfs:/databricks-datasets/hail/","hail/",0],["dbfs:/databricks-datasets/iot/","iot/",0],["dbfs:/databricks-datasets/iot-stream/","iot-stream/",0],["dbfs:/databricks-datasets/learning-spark/","learning-spark/",0],["dbfs:/databricks-datasets/learning-spark-v2/","learning-spark-v2/",0],["dbfs:/databricks-datasets/lending-club-loan-stats/","lending-club-loan-stats/",0],["dbfs:/databricks-datasets/med-images/","med-images/",0],["dbfs:/databricks-datasets/mnist-digits/","mnist-digits/",0],["dbfs:/databricks-datasets/news20.binary/","news20.binary/",0],["dbfs:/databricks-datasets/nyctaxi/","nyctaxi/",0],["dbfs:/databricks-datasets/nyctaxi-with-zipcodes/","nyctaxi-with-zipcodes/",0],["dbfs:/databricks-datasets/online_retail/","online_retail/",0],["dbfs:/databricks-datasets/overlap-join/","overlap-join/",0],["dbfs:/databricks-datasets/power-plant/","power-plant/",0],["dbfs:/databricks-datasets/retail-org/","retail-org/",0],["dbfs:/databricks-datasets/rwe/","rwe/",0],["dbfs:/databricks-datasets/sai-summit-2019-sf/","sai-summit-2019-sf/",0],["dbfs:/databricks-datasets/sample_logs/","sample_logs/",0],["dbfs:/databricks-datasets/samples/","samples/",0],["dbfs:/databricks-datasets/sfo_customer_survey/","sfo_customer_survey/",0],["dbfs:/databricks-datasets/sms_spam_collection/","sms_spam_collection/",0],["dbfs:/databricks-datasets/songs/","songs/",0],["dbfs:/databricks-datasets/structured-streaming/","structured-streaming/",0],["dbfs:/databricks-datasets/timeseries/","timeseries/",0],["dbfs:/databricks-datasets/tpch/","tpch/",0],["dbfs:/databricks-datasets/weather/","weather/",0],["dbfs:/databricks-datasets/wiki/","wiki/",0],["dbfs:/databricks-datasets/wikipedia-datasets/","wikipedia-datasets/",0],["dbfs:/databricks-datasets/wine-quality/","wine-quality/",0]],"plotOptions":{"displayType":"table","customPlotOptions":{},"pivotColumns":null,"pivotAggregation":null,"xColumns":null,"yColumns":null},"columnCustomDisplayInfos":{},"aggType":"","isJsonSchema":true,"removedWidgets":[],"aggSchema":[],"schema":[{"name":"path","type":"\"string\"","metadata":"{}"},{"name":"name","type":"\"string\"","metadata":"{}"},{"name":"size","type":"\"long\"","metadata":"{}"}],"aggError":"","aggData":[],"addedWidgets":{},"metadata":{},"dbfsResultPath":null,"type":"table","aggOverflow":false,"aggSeriesLimitReached":false,"arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .table-result-container {\n    max-height: 300px;\n    overflow: auto;\n  }\n  table, th, td {\n    border: 1px solid black;\n    border-collapse: collapse;\n  }\n  th, td {\n    padding: 5px;\n  }\n  th {\n    text-align: left;\n  }\n</style><div class='table-result-container'><table class='table-result'><thead style='background-color: white'><tr><th>path</th><th>name</th><th>size</th></tr></thead><tbody><tr><td>dbfs:/databricks-datasets/COVID/</td><td>COVID/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/README.md</td><td>README.md</td><td>976</td></tr><tr><td>dbfs:/databricks-datasets/Rdatasets/</td><td>Rdatasets/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/SPARK_README.md</td><td>SPARK_README.md</td><td>3359</td></tr><tr><td>dbfs:/databricks-datasets/adult/</td><td>adult/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/airlines/</td><td>airlines/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/amazon/</td><td>amazon/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/asa/</td><td>asa/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/atlas_higgs/</td><td>atlas_higgs/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/bikeSharing/</td><td>bikeSharing/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/cctvVideos/</td><td>cctvVideos/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/credit-card-fraud/</td><td>credit-card-fraud/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/cs100/</td><td>cs100/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/cs110x/</td><td>cs110x/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/cs190/</td><td>cs190/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/data.gov/</td><td>data.gov/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/definitive-guide/</td><td>definitive-guide/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/delta-sharing/</td><td>delta-sharing/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/flights/</td><td>flights/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/flower_photos/</td><td>flower_photos/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/flowers/</td><td>flowers/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/genomics/</td><td>genomics/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/hail/</td><td>hail/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/iot/</td><td>iot/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/iot-stream/</td><td>iot-stream/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/learning-spark/</td><td>learning-spark/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/learning-spark-v2/</td><td>learning-spark-v2/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/lending-club-loan-stats/</td><td>lending-club-loan-stats/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/med-images/</td><td>med-images/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/mnist-digits/</td><td>mnist-digits/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/news20.binary/</td><td>news20.binary/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/nyctaxi/</td><td>nyctaxi/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/nyctaxi-with-zipcodes/</td><td>nyctaxi-with-zipcodes/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/online_retail/</td><td>online_retail/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/overlap-join/</td><td>overlap-join/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/power-plant/</td><td>power-plant/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/retail-org/</td><td>retail-org/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/rwe/</td><td>rwe/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/sai-summit-2019-sf/</td><td>sai-summit-2019-sf/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/sample_logs/</td><td>sample_logs/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/samples/</td><td>samples/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/sfo_customer_survey/</td><td>sfo_customer_survey/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/sms_spam_collection/</td><td>sms_spam_collection/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/songs/</td><td>songs/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/structured-streaming/</td><td>structured-streaming/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/timeseries/</td><td>timeseries/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/tpch/</td><td>tpch/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/weather/</td><td>weather/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/wiki/</td><td>wiki/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/wikipedia-datasets/</td><td>wikipedia-datasets/</td><td>0</td></tr><tr><td>dbfs:/databricks-datasets/wine-quality/</td><td>wine-quality/</td><td>0</td></tr></tbody></table></div>"]},"transient":null}],"execution_count":0},{"cell_type":"code","source":["read_format = 'json'\nwrite_format = 'delta'\nload_path = '/databricks-datasets/learning-spark-v2/iot-devices/iot_devices.json'\nsave_path = mount_path+'/iot-devices'\ntable_name = 'default.iot_devices'\n\n# Load the data from its source.\niot_devices = spark \\\n  .read \\\n  .format(read_format) \\\n  .load(load_path)\n\n# Write the data to its target.\niot_devices.write \\\n  .format(write_format) \\\n  .mode(\"overwrite\") \\\n  .save(save_path)"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"52ddf5b2-9d5a-47b4-a910-8f38e4aac189"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"datasetInfos":[],"data":"<div class=\"ansiout\"></div>","removedWidgets":[],"addedWidgets":{},"metadata":{},"type":"html","arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .ansiout {\n    display: block;\n    unicode-bidi: embed;\n    white-space: pre-wrap;\n    word-wrap: break-word;\n    word-break: break-all;\n    font-family: \"Source Code Pro\", \"Menlo\", monospace;;\n    font-size: 13px;\n    color: #555;\n    margin-left: 4px;\n    line-height: 19px;\n  }\n</style>\n<div class=\"ansiout\"></div>"]},"transient":null}],"execution_count":0},{"cell_type":"code","source":["\ndisplay(dbutils.fs.ls(mount_path))"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"61e734c3-7fb2-408d-bc8a-4d9280916dd3"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"overflow":false,"datasetInfos":[],"data":[["dbfs:/mnt/test-mount/loans/","loans/",0],["dbfs:/mnt/test-mount/people-10m/","people-10m/",0]],"plotOptions":{"displayType":"table","customPlotOptions":{},"pivotColumns":null,"pivotAggregation":null,"xColumns":null,"yColumns":null},"columnCustomDisplayInfos":{},"aggType":"","isJsonSchema":true,"removedWidgets":[],"aggSchema":[],"schema":[{"name":"path","type":"\"string\"","metadata":"{}"},{"name":"name","type":"\"string\"","metadata":"{}"},{"name":"size","type":"\"long\"","metadata":"{}"}],"aggError":"","aggData":[],"addedWidgets":{},"metadata":{},"dbfsResultPath":null,"type":"table","aggOverflow":false,"aggSeriesLimitReached":false,"arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .table-result-container {\n    max-height: 300px;\n    overflow: auto;\n  }\n  table, th, td {\n    border: 1px solid black;\n    border-collapse: collapse;\n  }\n  th, td {\n    padding: 5px;\n  }\n  th {\n    text-align: left;\n  }\n</style><div class='table-result-container'><table class='table-result'><thead style='background-color: white'><tr><th>path</th><th>name</th><th>size</th></tr></thead><tbody><tr><td>dbfs:/mnt/test-mount/loans/</td><td>loans/</td><td>0</td></tr><tr><td>dbfs:/mnt/test-mount/people-10m/</td><td>people-10m/</td><td>0</td></tr></tbody></table></div>"]},"transient":null}],"execution_count":0},{"cell_type":"code","source":["read_format = 'parquet'\nwrite_format = 'delta'\nload_path = '/databricks-datasets/learning-spark-v2/loans/loan-risks.snappy.parquet'\nsave_path = mount_path+'/loans'\ntable_name = 'default.loans'\n\n# Load the data from its source.\nloans = spark \\\n  .read \\\n  .format(read_format) \\\n  .load(load_path)\n\n# Write the data to its target.\nloans.write \\\n  .format(write_format) \\\n  .mode(\"overwrite\") \\\n  .save(save_path)"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"99733bc9-4779-4379-893a-ac59633d3e32"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"datasetInfos":[],"data":"<div class=\"ansiout\"></div>","removedWidgets":[],"addedWidgets":{},"metadata":{},"type":"html","arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .ansiout {\n    display: block;\n    unicode-bidi: embed;\n    white-space: pre-wrap;\n    word-wrap: break-word;\n    word-break: break-all;\n    font-family: \"Source Code Pro\", \"Menlo\", monospace;;\n    font-size: 13px;\n    color: #555;\n    margin-left: 4px;\n    line-height: 19px;\n  }\n</style>\n<div class=\"ansiout\"></div>"]},"transient":null}],"execution_count":0},{"cell_type":"code","source":["%sql\n\nCREATE DATABASE testdb;\n\nCREATE TABLE testdb.iot_devices\n  USING DELTA\n  LOCATION '/mnt/test-mount/iot-devices';\n  \nCREATE TABLE testdb.loans\n  USING DELTA\n  LOCATION '/mnt/test-mount/loans';"],"metadata":{"application/vnd.databricks.v1+cell":{"title":"","showTitle":false,"inputWidgets":{},"nuid":"a46de3a8-088e-4c9a-ab70-cc0c334b0b5b"}},"outputs":[{"output_type":"display_data","metadata":{"application/vnd.databricks.v1+output":{"overflow":false,"datasetInfos":[],"data":[],"plotOptions":{"displayType":"table","customPlotOptions":{},"pivotColumns":null,"pivotAggregation":null,"xColumns":null,"yColumns":null},"columnCustomDisplayInfos":{},"aggType":"","isJsonSchema":true,"removedWidgets":[],"aggSchema":[],"schema":[],"aggError":"","aggData":[],"addedWidgets":{},"metadata":{},"dbfsResultPath":null,"type":"table","aggOverflow":false,"aggSeriesLimitReached":false,"arguments":{}}},"output_type":"display_data","data":{"text/html":["<style scoped>\n  .table-result-container {\n    max-height: 300px;\n    overflow: auto;\n  }\n  table, th, td {\n    border: 1px solid black;\n    border-collapse: collapse;\n  }\n  th, td {\n    padding: 5px;\n  }\n  th {\n    text-align: left;\n  }\n</style><div class='table-result-container'><table class='table-result'><thead style='background-color: white'><tr></tr></thead><tbody></tbody></table></div>"]},"transient":null}],"execution_count":0}],"metadata":{"application/vnd.databricks.v1+notebook":{"notebookName":"Preparation","dashboards":[],"notebookMetadata":{"pythonIndentUnit":4},"language":"python","widgets":{},"notebookOrigID":3151386918101723}},"nbformat":4,"nbformat_minor":0}
2 | 


--------------------------------------------------------------------------------