What’s new with Unity Catalog at Data + AI Summit 2026

The agentic era is here. Hundreds of thousands of agents are now acting on enterprise data, querying it, reasoning over it, and making decisions with it in real time. That shift has changed what we ask of the catalog. The catalog has moved from a system of record to a runtime decision-maker for AI.

Making those decisions takes three things: control, so every action, human or agent, stays governed; context, so agents understand the business and stop hallucinating; and choice, so you're never locked into a single cloud, model, or format. Together, these are what governance has to mean in the agentic era.

Five years ago, Databricks pioneered data and AI governance by releasing Unity Catalog, the industry's only unified governance solution for data and AI across clouds, data formats, and data platforms. More than 14,000 organizations now govern their data and AI on Unity Catalog. 

Today, we're advancing Unity Catalog to deliver on all three: control, context, and choice. Here's what's new.

Control: AI governance for all your agents

For years, governing an asset meant governing access: who can query this table, who can call this model. But agents don't just access assets; they act through them, calling models, invoking tools, and connecting to MCP servers. To meet this shift, we are introducing a suite of capabilities built to govern the entire lifecycle of an agent's behavior.

Unity AI Gateway: govern every model, tool, and agent

Unity AI Gateway is our governance solution for enterprise AI. Built on Unity Catalog, it extends governance beyond data and AI assets to the runtime interactions between models, agents, MCPs, skills, and tools:

• Govern every AI asset in one place:  Register and govern Databricks-hosted and external models, MCP services, agents, and skills alongside your data, with the same access controls, discovery, lineage, and auditing you already use. Databricks provides foundation model services out of the box, plus managed MCP services for apps like Google Drive, Jira, Slack, and GitHub.
• Enforce what AI can do at runtime: Contextual Service Policies, now in Beta, extend governance from who can access a model or tool to what it can do in a given interaction. Admins can allow, deny, or require approval for actions like writing to sensitive folders or pushing code. Built-in guardrails protect against PII exposure, prompt injection, and unsafe content
• Control AI spend across providers: AI Gateway budgets now cover external providers, including bring-your-own-key connections, so you see AI spend across Databricks-hosted and external models in one place. Hard spend caps stop requests when a budget is reached, rather than just alerting after the fact.
• Monitor and investigate AI activity: Unified agent tracing in Unity AI Gateway captures model and MCP activity in one governed telemetry layer, and traces can be analyzed in Lakewatch, Databricks' lakehouse-native SIEM.

Read the full AI governance announcement. 

Governance Hub

Governance Hub, now in PrPr, provides a centralized command center for data stewards and admins to govern your Databricks estate: monitor your posture, identify risks, prioritize remediation, and scale governance operations across data, AI, cost, and performance from a single experience.

Attribute based access controls

Recently, we announced the General Availability of ABAC policies for row filtering and column masking, alongside Governed Tags and Data Classification, to help you protect sensitive data at scale. 

At Data + AI Summit, we are extending ABAC with:

• ABAC Grant Policies (Beta for models): Define attribute-based access once to automatically grant EXECUTE permissions across all matching models, eliminating per-model overhead. Future support will expand to other securables, including AI components (MCP services, agents), tables, and volumes. 
• Identity Attributes (Preview soon): Build access rules using live user properties (e.g., department, region, clearance) synced from your identity provider or managed in Databricks, moving beyond rigid group-based access.
• Context Attributes (Preview soon): Leverage request context, such as whether access originates from an agent, application, or workspace, to securely handle application- and agent-brokered access.
• Tag propagation (Private Preview available now): Automatically carry governed tags from source tables and columns to downstream tables and views as data is transformed, so your classification and access policies stay consistent without manual effort.

Role based access controls

Role-based access control (Public Preview coming soon) complements Databricks’ collaborative, inheritance-based identity and permission model by enabling customers to define groups that behave like roles. A role is just a group with a collection of permissions that users can assume. When a user assumes a role, they act as the role, and all actions, including data access are authorized as that role.

RBAC lets customers model new use cases, such as exclusive access, where roles provide data-isolation boundaries for projects that work with sensitive data where data sets should not be accessed in combination, e.g. clinical trials, or country-specific data, or when performing highly-privileged tasks, such as debugging access control issues. Users can easily switch between roles in the UI, or by specifying a role in client OAuth flows, and the workspace adapts to exactly what that role allows. 

Context: open and adaptive enterprise context

Agents are only as good as the context they have. Without a shared definition of what the business actually means, even a capable agent will guess. Unity Catalog Semantics provides agents and humans with a single, shared source of meaning. Concepts and business KPIs are defined once, organized by domain, and accessible via SQL, APIs, and MCPs, so any tool or agent can use them without lock-in.  Now we're extending Unity Catalog Semantics with new capabilities to define and organize context.

Glossary

Glossary lets you define authoritative concepts, terms, and taxonomies that help agents and people understand your business, or import the ones you already have. Glossary pages connect to the underlying data and to each other, capturing relationships. Genie Code drafts new Glossary pages, suggests refinements, and flags definitions that drift from how your data is actually used, while your whole team curates them together through suggestions, comments, and domain-level ownership. Preview of Glossary is coming soon.

Domains

Domains, now in Public Preview, organize your data and AI assets into business-aligned categories, giving agents scoped, relevant context instead of the entire catalog. Humans browse and agents query domains through an internal marketplace, with certification and stewardship signals showing what's reliable. AI-driven domain suggestions, coming soon in preview, propose domains for you automatically, so you don't have to organize everything from scratch.

This user-defined semantic foundation in Unity Catalog feeds the Genie Ontology, a continuously learned enterprise context layer in the Databricks Platform. Learn more about Genie Ontology in this announcement blog.

Metrics

Metrics in Unity Catalog let you define your business KPIs like revenue, churn, active users, margin, once as governed, reusable objects, then query them consistently from SQL, BI tools, APIs, and agents. We're significantly expanding what you can model and how you author it:

• Richer semantic modeling: Go beyond single-table measures with multi-fact relationships (Public Preview in Dashboards), level-of-detail (LOD) calculations that compute at the granularity you choose, parameterized metrics that adapt to runtime inputs, and improved window measures for easier period-over-period analysis.
• Agentic and UI-driven authoring: Build and refine metric models visually in the UI, or let agents draft and suggest definitions for you  lowering the barrier to creating well-defined semantics.
• Faster queries with Materialization (Public Preview): Precompute metric results so dashboards and agent queries return faster, without changing how metrics are defined.
• Import from third-party tools (Beta): Bootstrap from the tools you already use by importing existing models from Power BI and Tableau directly into Databricks.

Metrics is also open: it's open source, available in Apache Spark and Unity Catalog OSS, and its Open Semantic Interchange (OSI) ready.

External lineage

External lineage, now generally available, extends Lineage in Unity Catalog to assets beyond Databricks. You can register upstream source systems and downstream BI reports so a single lineage graph spans your full data flow end-to-end. As part of this release, Lakeflow Connect managed ingestion pipelines automatically record lineage from source tables to their destination tables in Unity Catalog. This gives agents a fuller picture of where your data comes from and how it moves, so they can reason about it more reliably.

Table insights and popularity

Table Insights in Unity Catalog now include a new derived signal: Column-level Popularity. From a table's overview page in Catalog Explorer, you can see the relative popularity of each column, measured by how many historical queries against the table read from it. This signal also feeds the Genie Ontology, giving it a sharper sense of which columns matter most when reasoning over your tables.

Choice: leveraging open infrastructure for the agentic era

In the agentic era, you can't afford to be locked in. Compute is scarce, models change fast, and your data spans multiple clouds, regions, and formats. Your infrastructure has to flex across all of it, so you can run wherever capacity exists, keep data in the right region, work across formats, and adopt new models as they arrive, all without re-platforming. We are announcing several new capabilities to make that real.

Cross-cloud, cross-region addressability

Unity Catalog is now extending governance across a customer's entire Databricks footprint, spanning accounts, regions, and clouds. A new four-level namespace (metastore.catalog.schema.table) gives every asset a single address across the entire estate, giving customers a unified discovery experience, one set of access policies enforced consistently, one audit trail, and column-level lineage end to end. 

Cross-region governance is coming soon in preview. Cross-cloud and cross-account governance will follow. You can bring your Databricks workloads to whichever cloud and region has the right capacity, GPUs, or proximity to your data, and governance stays consistent everywhere those workloads run.

Managed disaster recovery

Managed Disaster Recovery, providing customers with resilience for their mission-critical workloads. It enables you to replicate the critical parts of your Databricks deployment to a secondary region and fail over to it within minutes of a disaster. Managed Disaster Recovery requires the new Mission Critical add-on, which unlocks both Managed Disaster Recovery and our existing Enhanced Security and Compliance capabilities.

Cross-format, cross-platform interopability

Unity Catalog is the most comprehensive and open catalog across the Delta Lake and Apache Iceberg ecosystems, with recent advancements including Iceberg v3 GA, Managed Iceberg GA, new federation connectors, and cross-engine ABAC. At Data + AI Summit, we're going further:

• External access to managed Delta tables (Public Preview): external engines like Spark and Flink can now create and write to Unity Catalog managed Delta tables.
• Multimodal data in open formats (Beta): a new FILE type lets managed Delta and Iceberg tables natively govern unstructured data like PDFs, images, audio, and video.
• Geospatial types in Delta and Iceberg v3 (GA): native geospatial support for use cases like route optimization, fleet analysis, and geofenced risk monitoring.

Open sharing and collaboration ecosystem

Five years ago, we pioneered open sharing and collaboration with the Delta Sharing protocol - it is now the most widely adopted open protocol for secure zero-copy data sharing used by thousands of enterprises. Building on this momentum, last week, we announced OpenSharing, the next evolution of Delta Sharing. OpenSharing, now a project of the Linux Foundation, introduces the first open, vendor-neutral protocol for securely sharing AI assets, including Agent Skills, AI models, and unstructured data.

We're now announcing a number of capabilities to enable collaboration:

• Cross-cloud sharing:  SecureConnect is a first-of-its-kind capability to enable secure connectivity across clouds with zero-copy data sharing. Global Distribution enables automated replication across clouds and regions. 
• Multi-modal collaboration: Beyond data, you can now collaborate on AI assets and Applications. Genie Sharing enables cross-organization collaboration on Genie Agents. 3rd Party Apps are also now available on Databricks Marketplace ,

Get started with Unity Catalog

Unity Catalog continues evolving as the industry’s only unified governance layer, the foundation for secure, intelligent, and business-aware data platforms. Whether you’re building AI agents, delivering BI dashboards, or sharing data across organizations, Unity Catalog connects it all through a single, open catalog.

To get started, follow the Unity Catalog guides for AWS, Azure, and GCP. 

Register for Data + AI Summit and explore our Governance and Security Sessions.