grants
Creates, updates, deletes, gets or lists a grants resource.
Overview
| Name | grants |
| Type | Resource |
| Id | databricks_workspace.catalog.grants |
Fields
The following fields are returned by SELECT queries:
- get
| Name | Datatype | Description |
|---|---|---|
next_page_token | string | |
privilege_assignments | array | The privileges assigned to each principal |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | securable_type, full_name, deployment_name | max_results, page_token, principal | Gets the permissions for a securable. Does not include inherited permissions. |
update | update | securable_type, full_name, deployment_name | Updates the permissions for a securable. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
deployment_name | string | The Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc) |
full_name | string | Full name of securable. |
securable_type | string | Type of securable. |
max_results | integer | Specifies the maximum number of privileges to return (page length). Every PrivilegeAssignment present in a single page response is guaranteed to contain all the privileges granted on the requested Securable for the respective principal. If not set, all the permissions are returned. If set to - lesser than 0: invalid parameter error - 0: page length is set to a server configured value - lesser than 150 but greater than 0: invalid parameter error (this is to ensure that server is able to return at least one complete PrivilegeAssignment in a single page response) - greater than (or equal to) 150: page length is the minimum of this value and a server configured value |
page_token | string | Opaque pagination token to go to next page based on previous query. |
principal | string | If provided, only the permissions for the specified principal (user or group) are returned. |
SELECT examples
- get
Gets the permissions for a securable. Does not include inherited permissions.
SELECT
next_page_token,
privilege_assignments
FROM databricks_workspace.catalog.grants
WHERE securable_type = '{{ securable_type }}' -- required
AND full_name = '{{ full_name }}' -- required
AND deployment_name = '{{ deployment_name }}' -- required
AND max_results = '{{ max_results }}'
AND page_token = '{{ page_token }}'
AND principal = '{{ principal }}'
;
UPDATE examples
- update
Updates the permissions for a securable.
UPDATE databricks_workspace.catalog.grants
SET
changes = '{{ changes }}'
WHERE
securable_type = '{{ securable_type }}' --required
AND full_name = '{{ full_name }}' --required
AND deployment_name = '{{ deployment_name }}' --required
RETURNING
privilege_assignments;