cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Engineering
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorised views in databricks?

Nick_Hughes
New Contributor III

‎02-22-2023 06:22 AM

In GCP you can give a user access to a view, and then the view itself access to the underlying object, meaning you don't have to give end users access to the tables themselves.

Is there a similar way of managing these permissions in databricks? The views would be in a different database to the underlying objects also.

Labels:
0 Kudos
3 REPLIES 3

Kaniz
Community Manager
Community Manager

‎02-24-2023 02:14 PM

Hi @Nick Hughes​, Yes, in Databricks, you can also manage permissions at the database and table/view level to grant or revoke access to users or groups.

You can create a view in Databricks using the CREATE VIEW command and then grant appropriate permissions to the view using the GRANT command.

Nick_Hughes
New Contributor III
In response to Kaniz

‎02-26-2023 11:57 PM

Hi. That isn't quite what my question was. I'm asking if I have to give users access to the tbles the view selects from too, or, if like in GCP, you can give the VIEW itself permission to the underlying objects, and then only give the user access to the view itself.

Anonymous
Not applicable
In response to Nick_Hughes

‎04-24-2023 09:07 PM

@Nick Hughes​ :

In Databricks, when you grant access to a view, it doesn't automatically grant access to the underlying tables or views. This means that you would need to explicitly grant access to the underlying tables or views in addition to granting access to the view itself.

One possible solution to avoid granting access to the underlying tables or views is to create the view in a separate database that is not accessible to end users. You can grant access to the view to the end users, but not the database that contains the underlying tables or views. This way, the end users will only be able to access the data through the view, and not directly from the underlying tables or views.

Another option is to use Row-Level Security (RLS) to filter the data that the end users can see. With RLS, you can define policies that restrict access to data based on the user's role or some other attribute. This can help you limit the data that the end users can see, without having to create separate views or databases for each user.

0 Kudos
Announcements
Welcome to Databricks Community: Lets learn, network and celebrate together

Join our fast-growing data practitioner and expert community of 80K+ members, ready to discover, help and collaborate together while making meaningful connections. 

Click here to register and join today! 

Engage in exciting technical discussions, join a group with your peers and meet our Featured Members.