cancel
Showing results for 
Search instead for 
Did you mean: 
Data Governance
cancel
Showing results for 
Search instead for 
Did you mean: 

Is it possible to manage access for legacy catalogs (hive_metastore) in Terraform?

fuselessmatt
Contributor

We have been successfully managing access for our unity catalogs using the databricks_grant resources in Terraform. Now we want to enable the Rudderstack integration for Databricks, but that does not support unity catalog and instead put files inside the hive_metastore catalog (external metastore?). From the UI I can grant things like READ_METADATA and CREATE_NAMED_FUNCTION, but I can't find any resources that include these. Is this simply not possible?

Update: Rudderstack now release support for Unity Catalog, so we no longer have any use for this.

1 ACCEPTED SOLUTION

Accepted Solutions

Anonymous
Not applicable

@Mattias P​ :

Unfortunately, it is not currently possible to manage access to the Hive Metastore catalog (or other external metastores) using the databricks_grant resource in Terraform. This is because the databricks_grant resource is specifically designed to manage access to Databricks resources within the Databricks workspace, and external metastores are not within the workspace.

However, you may be able to manage access to the Hive Metastore catalog using a different method, such as creating custom roles and permissions in your Hive Metastore service, or using a separate tool to manage access to the metastore.

Alternatively, you could consider using Databricks as the metastore for Rudderstack instead of using an external metastore. This would allow you to continue using the databricks_grant resource in Terraform to manage access to the Rudderstack integration in Databricks.

View solution in original post

2 REPLIES 2

Anonymous
Not applicable

@Mattias P​ :

Unfortunately, it is not currently possible to manage access to the Hive Metastore catalog (or other external metastores) using the databricks_grant resource in Terraform. This is because the databricks_grant resource is specifically designed to manage access to Databricks resources within the Databricks workspace, and external metastores are not within the workspace.

However, you may be able to manage access to the Hive Metastore catalog using a different method, such as creating custom roles and permissions in your Hive Metastore service, or using a separate tool to manage access to the metastore.

Alternatively, you could consider using Databricks as the metastore for Rudderstack instead of using an external metastore. This would allow you to continue using the databricks_grant resource in Terraform to manage access to the Rudderstack integration in Databricks.

stropa
New Contributor II

Actually, it is possible to manage permissions for the legacy catalog with databricks_sql_permissions Resource:
https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/sql_permissions#...

Welcome to Databricks Community: Lets learn, network and celebrate together

Join our fast-growing data practitioner and expert community of 80K+ members, ready to discover, help and collaborate together while making meaningful connections. 

Click here to register and join today! 

Engage in exciting technical discussions, join a group with your peers and meet our Featured Members.