topic Alertsv2 Permissions in Data Engineering

Alertsv2 Permissions

Pat — Thu, 18 Sep 2025 20:55:07 GMT

Hey team,

Is it possible to set permissions on Alertsv2 using API or share it? I did look at the API docs and cannot see as option to do so. In the UI, it's possible to 'share' an alert. The issue is that I currently have SP, which is used to create alerts in higher environments and only admins can see those alerts in UI.

I did try to trace what enpoint is called when sharing the alert and it seems to be only available in UI:

ajax-api/2.0/accesspolicies

Thanks,
Pat.

Re: Alertsv2 Permissions

WiliamRosa — Fri, 19 Sep 2025 00:21:28 GMT

Hi @Pat,
Analyzing the problem I came to the following conclusions, see if this helps you: there isn’t a public REST endpoint to set ACLs on Alerts v2. The Alerts API only supports CRUD operations (create, list, update, delete) but not permissions. A workaround is to manage permissions at the folder level and let the alert inherit them using the Workspace Permissions API (https://docs.databricks.com/api/workspace/permissions).

The SQL Permissions API is currently read-only, so it can’t set ACLs on alerts. If your challenge is service principal visibility or execution, you can configure the alert to run as a specific user/SP via the Alerts v2 update (https://api-reference.cloud.databricks.com
). The /ajax-api/2.0/accesspolicies endpoint is UI-internal and not officially supported.

Re: Alertsv2 Permissions

mmayorga — Fri, 19 Sep 2025 00:23:28 GMT

Hi @Pat

I hope you are doing well, and thank you for reaching out.

As you mentioned, the endpoint for AlertsV2 does not provide an explicit action for sharing. This is handled via the "ACL/Permissions" within Databricks SQL group via:

/api/2.0/preview/sql/permissions/{objectType}/{objectId}

Here is a sample code taken from the API documentation:

{ "access_control_list": [ { "group_name": "admins", "permission_level": "CAN_EDIT", "user_name": "user@example.com" } ], "object_id": "query/2cca1687-60ff-4886-a445-0230578c864d", "object_type": "alert" }

Also, please notice that the documentation suggest to use a new version for setting workspace object permissions , check it out!

I hope this helps!

Re: Alertsv2 Permissions

Pat — Fri, 19 Sep 2025 08:02:21 GMT

Hey @WiliamRosa , @mmayorga , thanks for your input.
I systematically tested all available Databricks APIs that could potentially manage AlertsV2 permissions:

1. DBSQL Permissions API

Endpoint: workspace_client.dbsql_permissions.set()

from databricks.sdk.service.sql import ObjectTypePlural, AccessControl

workspace_client.dbsql_permissions.set(
    object_type=ObjectTypePlural.ALERTS,
    object_id=str(alert_id),
    access_control_list=[
        AccessControl(user_name="user@company.com", permission_level="CAN_MANAGE")
    ]
)

Result: Failed - AlertsV2 not supported by this API

2. SQL Permissions API

Endpoint: /api/2.0/preview/sql/permissions/alert/{alert_id}

POST /api/2.0/preview/sql/permissions/alert/{alert_id}
{
  "access_control_list": [
    {
      "user_name": "user@company.com",
      "permission_level": "CAN_MANAGE"
    }
  ]
}

Result: Failed - "Model not found for alert" error

3. Access Policies API (UI Internal)

Endpoint: /ajax-api/2.0/accesspolicies

PATCH /ajax-api/2.0/accesspolicies
{
  "access_policy": {
    "name": "alertsv2/{alert_id}",
    "internal_name": "tree/{alert_id}",
    "permissions": [
      {
        "principal": "principals/{user_id}",
        "permissions": ["CAN_MANAGE"]
      }
    ]
  },
  "send_notification": false
}

Result: Failed - 403 Forbidden, requires CSRF token and browser session authentication

4. Workspace Permissions API

Endpoint: workspace.set_permissions()

workspace_client.workspace.set_permissions(
    workspace_object_type="alerts",
    workspace_object_id=str(alert_id),
    access_control_list=[...]
)

Result: Failed - AlertsV2 not recognized as valid workspace objects

Manual workaround:

Share alerts through Databricks UI:

Navigate to SQL → Alerts

Find your alert

Click Share button

Add users/groups manually

Re: Alertsv2 Permissions

szymon_dybczak — Fri, 19 Sep 2025 10:26:20 GMT

Hi @Pat ,

According to github thread this will be possible within couple of weeks. There's a PR already that will make it possible.

You can track progress here. They are working on fixing some platform-side issues but soon it should be available.
PR is related to DABs but all databricks cli/dabs are talking through rest api.
So I guess once they release it you will be able to use databricks sdk/dab/rest api to achieve your goal.

Feature Request: Please add SQL Query and SQL Alert support to Asset Bundle · Issue #1615 · databricks/cli

Re: Alertsv2 Permissions

Pat — Tue, 23 Sep 2025 08:06:55 GMT

Thanks @szymon_dybczak I have asked about it in the github thread.

I was able to successfully manage AlertsV2 permissions using the Workspace Permissions API with the correct object type:

workspace_client.workspace.set_permissions( workspace_object_type="alertsv2", # Key difference: use "alertsv2" not "alerts" workspace_object_id=str(alert_id), access_control_list=[ AccessControl(user_name="user@company.com", permission_level="CAN_MANAGE") ] )

The solution was using workspace_object_type="alertsv2" instead of "alerts". This works for the new AlertsV2 system.

Re: Alertsv2 Permissions

szymon_dybczak — Tue, 23 Sep 2025 08:09:28 GMT

No problem @Pat