Skip to main content

vw_rule_set_grant_principals

Creates, updates, deletes, gets or lists a vw_rule_set_grant_principals resource.

Overview

Namevw_rule_set_grant_principals
TypeView
Iddatabricks_workspace.iam.vw_rule_set_grant_principals

Fields

The following fields are returned by this view:

NameDatatypeDescription
deployment_namestringWorkspace deployment name used to scope the query.
rule_set_namestringFully qualified name of the rule set used to scope the query (e.g. accounts/accountId/servicePrincipals/spId/ruleSets/default).
etagstringETag of the rule set used to scope the query and for optimistic concurrency control.
rolestringRole granted by this grant rule (one row per principal per role).
principalstringPrincipal granted the role (e.g. users/alice@example.com, groups/analysts).

Required Parameters

The following parameters are required by this view:

NameDatatypeDescription
deployment_namestringWorkspace deployment name used to scope the query.
namestringFully qualified name of the rule set (e.g. accounts/accountId/servicePrincipals/spId/ruleSets/default).
etagstringETag of the rule set for optimistic concurrency control.

SELECT Examples

SELECT
  deployment_name,
  rule_set_name,
  etag,
  role,
  principal
FROM databricks_workspace.iam.vw_rule_set_grant_principals
WHERE deployment_name = '{{ deployment_name }}'
  AND name = '{{ name }}'
  AND etag = '{{ etag }}';

SQL Definition

SELECT
  rs.deployment_name,
  rs.name AS rule_set_name,
  rs.etag,
  JSON_EXTRACT(gr.value, '$.role') AS role,
  pr.value AS principal
FROM databricks_workspace.iam.rule_sets rs,
     JSON_EACH(rs.grant_rules) gr,
     JSON_EACH(JSON_EXTRACT(gr.value, '$.principals')) pr
WHERE rs.deployment_name = '{{ deployment_name }}'
AND rs.name = '{{ name }}'
AND rs.etag = '{{ etag }}'