https://community.databricks.com/t5/data-engineering/access-control-on-view/m-p/118984#M45754 <P>In Unity Catalog, enabling users to query a view while hiding its definition is currently not supported directly. Unity Catalog requires view definitions to be visible during query execution for metadata access purposes. While querying, users typically need permissions such as SELECT on the view, alongside USAGE on the schema and catalog containing the view.</P> <P>Dynamic row-level or column-level security can be applied using specific functions or masking in Unity Catalog to restrict access to sensitive data. However, options to fully obscure view definitions or apply "execute-only" access are not explicitly provided within the current capabilities of Unity Catalog.</P> <P>If your organization requires strict access control that prevents users from seeing view definitions, creating a sandboxed schema or using external tools for governance (such as Privacera or Immuta) might be viable alternatives. These tools can integrate with Unity Catalog to enforce granular privacy policies at the query level</P> Tue, 13 May 2025 02:16:18 GMT kamal_ch 2025-05-13T02:16:18Z https://community.databricks.com/t5/data-engineering/access-control-on-view/m-p/110145#M43496 <P>&nbsp;</P><P>We've created a view containing PII mapping values in Unity Catalog. We need to grant other users the ability to query this view and access the mapping values, but we must prevent them from seeing the view's definition. Is it possible to grant "execute" access (querying the view) while completely hiding the view definition in Unity Catalog? The goal is to restrict users from understanding how these mapping values are derived.</P> Thu, 13 Feb 2025 18:17:37 GMT https://community.databricks.com/t5/data-engineering/access-control-on-view/m-p/110145#M43496 NehaR 2025-02-13T18:17:37Z https://community.databricks.com/t5/data-engineering/access-control-on-view/m-p/118984#M45754 <P>In Unity Catalog, enabling users to query a view while hiding its definition is currently not supported directly. Unity Catalog requires view definitions to be visible during query execution for metadata access purposes. While querying, users typically need permissions such as SELECT on the view, alongside USAGE on the schema and catalog containing the view.</P> <P>Dynamic row-level or column-level security can be applied using specific functions or masking in Unity Catalog to restrict access to sensitive data. However, options to fully obscure view definitions or apply "execute-only" access are not explicitly provided within the current capabilities of Unity Catalog.</P> <P>If your organization requires strict access control that prevents users from seeing view definitions, creating a sandboxed schema or using external tools for governance (such as Privacera or Immuta) might be viable alternatives. These tools can integrate with Unity Catalog to enforce granular privacy policies at the query level</P> Tue, 13 May 2025 02:16:18 GMT https://community.databricks.com/t5/data-engineering/access-control-on-view/m-p/118984#M45754 kamal_ch 2025-05-13T02:16:18Z