effective_grants
Creates, updates, deletes, gets or lists an effective_grants resource.
Overview
| Name | effective_grants |
| Type | Resource |
| Id | databricks_workspace.catalog.effective_grants |
Fields
The following fields are returned by SELECT queries:
- get
| Name | Datatype | Description |
|---|---|---|
next_page_token | string | |
privilege_assignments | array | The privileges conveyed to each principal (either directly or via inheritance) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | securable_type, full_name, deployment_name | max_results, page_token, principal | Gets the effective permissions for a securable. Includes inherited permissions from any parent |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
deployment_name | string | The Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc) |
full_name | string | Full name of securable. |
securable_type | string | Type of securable. |
max_results | integer | Specifies the maximum number of privileges to return (page length). Every EffectivePrivilegeAssignment present in a single page response is guaranteed to contain all the effective privileges granted on (or inherited by) the requested Securable for the respective principal. If not set, all the effective permissions are returned. If set to - lesser than 0: invalid parameter error - 0: page length is set to a server configured value - lesser than 150 but greater than 0: invalid parameter error (this is to ensure that server is able to return at least one complete EffectivePrivilegeAssignment in a single page response) - greater than (or equal to) 150: page length is the minimum of this value and a server configured value |
page_token | string | Opaque token for the next page of results (pagination). |
principal | string | If provided, only the effective permissions for the specified principal (user or group) are returned. |
SELECT examples
- get
Gets the effective permissions for a securable. Includes inherited permissions from any parent
SELECT
next_page_token,
privilege_assignments
FROM databricks_workspace.catalog.effective_grants
WHERE securable_type = '{{ securable_type }}' -- required
AND full_name = '{{ full_name }}' -- required
AND deployment_name = '{{ deployment_name }}' -- required
AND max_results = '{{ max_results }}'
AND page_token = '{{ page_token }}'
AND principal = '{{ principal }}'
;