Skip to main content

rfa

Creates, updates, deletes, gets or lists a rfa resource.

Overview

Namerfa
TypeResource
Iddatabricks_workspace.catalog.rfa

Fields

The following fields are returned by SELECT queries:

NameDatatypeDescription
full_namestringThe full name of the securable. Redundant with the name in the securable object, but necessary for Terraform integration
are_any_destinations_hiddenbooleanIndicates whether any destinations are hidden from the caller due to a lack of permissions. This value is true if the caller does not have permission to see all destinations.
destination_source_securableobjectGeneric definition of a securable, which is uniquely defined in a metastore by its type and full<br /> name.
destinationsarrayThe access request destinations for the securable.
securableobjectGeneric definition of a securable, which is uniquely defined in a metastore by its type and full<br /> name.
securable_typestringThe type of the securable. Redundant with the type in the securable object, but necessary for Terraform integration

Methods

The following methods are available for this resource:

NameAccessible byRequired ParamsOptional ParamsDescription
get_destinationsselectsecurable_type, full_name, deployment_nameGets an array of access request destinations for the specified securable. Any caller can see URL
batch_createinsertdeployment_nameCreates access requests for Unity Catalog permissions for a specified principal on a securable object.
update_destinationsupdateupdate_mask, deployment_name, access_request_destinationsUpdates the access request destinations for the given securable. The caller must be a metastore admin,

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

NameDatatypeDescription
deployment_namestringThe Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc)
full_namestringThe full name of the securable.
securable_typestringThe type of the securable.
update_maskstringThe field mask must be a single string, with multiple fields separated by commas (no spaces). The field path is relative to the resource object, using a dot (.) to navigate sub-fields (e.g., author.given_name). Specification of elements in sequence or map fields is not allowed, as only the entire collection field can be specified. Field names must exactly match the resource field names. A field mask of * indicates full replacement. It’s recommended to always explicitly list the fields being updated and avoid using * wildcards, as it can lead to unintended results if the API changes in the future.

SELECT examples

Gets an array of access request destinations for the specified securable. Any caller can see URL

SELECT
full_name,
are_any_destinations_hidden,
destination_source_securable,
destinations,
securable,
securable_type
FROM databricks_workspace.catalog.rfa
WHERE securable_type = '{{ securable_type }}' -- required
AND full_name = '{{ full_name }}' -- required
AND deployment_name = '{{ deployment_name }}' -- required
;

INSERT examples

Creates access requests for Unity Catalog permissions for a specified principal on a securable object.

INSERT INTO databricks_workspace.catalog.rfa (
requests,
deployment_name
)
SELECT 
'{{ requests }}',
'{{ deployment_name }}'
RETURNING
responses
;

UPDATE examples

Updates the access request destinations for the given securable. The caller must be a metastore admin,

UPDATE databricks_workspace.catalog.rfa
SET 
access_request_destinations = '{{ access_request_destinations }}'
WHERE 
update_mask = '{{ update_mask }}' --required
AND deployment_name = '{{ deployment_name }}' --required
AND access_request_destinations = '{{ access_request_destinations }}' --required
RETURNING
full_name,
are_any_destinations_hidden,
destination_source_securable,
destinations,
securable,
securable_type;