https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/153113#M5109 <P>Hi&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/69634">@fkseki</a>,</P> <P>There isn’t a data "databricks_permissions" (or similar) in the Databricks Terraform, only the databricks_permissions resource, and that resource is authoritative for the full ACL of the object.&nbsp;That means Terraform can’t read the current permissions and append another during a plan.</P> <P>Your options are to make Terraform the source of truth by using&nbsp;the Permissions API / Databricks CLI (or the Terraform exporter) once to pull the current ACL for the object and turn that into a databricks_permissions resource. You can then, whenever you want to append a permission, add another access_control block to that resource and terraform apply. Terraform manages the entire ACL declaratively.</P> <P>Alternatively, you can manage ACLs outside Terraform by skipping&nbsp;databricks_permissions for that object and instead call the Permissions API or CLI directly (e.g., using PATCH where supported) to add/remove principals.</P> <P>Hope this helps.</P> <P class="p1"><FONT size="2" color="#FF6600"><STRONG><I>If this answer resolves your question, could you mark it as “Accept as Solution”? That helps other users quickly find the correct fix.</I></STRONG></FONT><I></I></P> Thu, 02 Apr 2026 21:59:46 GMT Ashwin_DSA 2026-04-02T21:59:46Z https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/152958#M5098 <P>Is there a way to retrieve resources (cluster, job, volume, catalog and all other objects) permissions?</P><P>On terraform docs there's a resource databricks_permissions but I didn't find a data source databricks_permissions, grants ou similar.</P><P>How can I get current resource permissions so I can "append" a new permission to the resource?</P><P>Regards,</P> Wed, 01 Apr 2026 20:13:29 GMT https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/152958#M5098 fkseki 2026-04-01T20:13:29Z https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/153021#M5104 <P>Adding some info, I understand that the "import" functionality is not the way to go because I couldn't use it's return to add or remove principals to the resource's permission</P> Thu, 02 Apr 2026 12:32:59 GMT https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/153021#M5104 fkseki 2026-04-02T12:32:59Z https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/153113#M5109 <P>Hi&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/69634">@fkseki</a>,</P> <P>There isn’t a data "databricks_permissions" (or similar) in the Databricks Terraform, only the databricks_permissions resource, and that resource is authoritative for the full ACL of the object.&nbsp;That means Terraform can’t read the current permissions and append another during a plan.</P> <P>Your options are to make Terraform the source of truth by using&nbsp;the Permissions API / Databricks CLI (or the Terraform exporter) once to pull the current ACL for the object and turn that into a databricks_permissions resource. You can then, whenever you want to append a permission, add another access_control block to that resource and terraform apply. Terraform manages the entire ACL declaratively.</P> <P>Alternatively, you can manage ACLs outside Terraform by skipping&nbsp;databricks_permissions for that object and instead call the Permissions API or CLI directly (e.g., using PATCH where supported) to add/remove principals.</P> <P>Hope this helps.</P> <P class="p1"><FONT size="2" color="#FF6600"><STRONG><I>If this answer resolves your question, could you mark it as “Accept as Solution”? That helps other users quickly find the correct fix.</I></STRONG></FONT><I></I></P> Thu, 02 Apr 2026 21:59:46 GMT https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/153113#M5109 Ashwin_DSA 2026-04-02T21:59:46Z https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/153647#M5121 <P>Hi Ashwin, thanks for the reply</P><P>Is it on the roadmap to have a "data databricks_permission" in the future?</P><P>We are using terraform to provide the users a self service platform so they can create resources (clusters, volumes, external location, connections, etc) in a controled way using only terraform and this would be essential for a good user experience.</P><P>&nbsp;</P><P>Regards</P> Tue, 07 Apr 2026 17:47:08 GMT https://community.databricks.com/t5/administration-architecture/get-resource-permissions-using-terraform/m-p/153647#M5121 fkseki 2026-04-07T17:47:08Z