permissions
Creates, updates, deletes, gets or lists a permissions resource.
Overview
| Name | permissions |
| Type | Resource |
| Id | databricks_workspace.iam.permissions |
Fields
The following fields are returned by SELECT queries:
- get
| Name | Datatype | Description |
|---|---|---|
object_id | string | |
access_control_list | array | |
object_type | string |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | request_object_type, request_object_id, deployment_name | Gets the permissions of an object. Objects can inherit permissions from their parent objects or root | |
update | update | request_object_type, request_object_id, deployment_name | Updates the permissions on an object. Objects can inherit permissions from their parent objects or | |
set | replace | request_object_type, request_object_id, deployment_name | Sets permissions on an object, replacing existing permissions if they exist. Deletes all direct |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
deployment_name | string | The Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc) |
request_object_id | string | The id of the request object. |
request_object_type | string | The type of the request object. Can be one of the following: alerts, alertsv2, authorization, clusters, cluster-policies, dashboards, database-projects, dbsql-dashboards, directories, experiments, files, genie, instance-pools, jobs, notebooks, pipelines, queries, registered-models, repos, serving-endpoints, or warehouses. |
SELECT examples
- get
Gets the permissions of an object. Objects can inherit permissions from their parent objects or root
SELECT
object_id,
access_control_list,
object_type
FROM databricks_workspace.iam.permissions
WHERE request_object_type = '{{ request_object_type }}' -- required
AND request_object_id = '{{ request_object_id }}' -- required
AND deployment_name = '{{ deployment_name }}' -- required
;
UPDATE examples
- update
Updates the permissions on an object. Objects can inherit permissions from their parent objects or
UPDATE databricks_workspace.iam.permissions
SET
access_control_list = '{{ access_control_list }}'
WHERE
request_object_type = '{{ request_object_type }}' --required
AND request_object_id = '{{ request_object_id }}' --required
AND deployment_name = '{{ deployment_name }}' --required
RETURNING
object_id,
access_control_list,
object_type;
REPLACE examples
- set
Sets permissions on an object, replacing existing permissions if they exist. Deletes all direct
REPLACE databricks_workspace.iam.permissions
SET
access_control_list = '{{ access_control_list }}'
WHERE
request_object_type = '{{ request_object_type }}' --required
AND request_object_id = '{{ request_object_id }}' --required
AND deployment_name = '{{ deployment_name }}' --required
RETURNING
object_id,
access_control_list,
object_type;