When you create a connection in a project, you create it using a single login or "service account". This reduces auditability and increases the likely hood that someone gains access to data they may not have the right to. When accessing a database like DB2, the user in DSX should have to authenticate using their own credentials to maintain security and auditability.
Today, my clients and users cannot use the "connections" faculty in DSX due to this restriction. We simply do not put in any external connections.
A better solution might be to add the connection and verify it works using a service account or admin user and optionally have a button for "user authentication". Then when doing code generation for a notebook, require that each user input their own credentials into the system. In doing this, the user continues to have an audit trail in the databases they're working in and data inside external connections can remain secure.
Why is it useful?
|Who would benefit from this IDEA?||Big Data Scientist|
How should it work?