Databricks

Unity Catalog Privileges and Access Control:

• Unity Catalog allows you to control access to data and other objects within it.
• You can set access controls using:
  • Catalog Explorer: A user interface (UI) for managing permissions.
  • SQL statements in notebooks or Databricks SQL queries.
  • The Unity Catalog REST API.
  • Terraform.
• Initially, users have no access to data in a metastore. Access can be granted by:
  • A metastore admin.
  • The owner of an object.
  • The owner of the catalog or schema containing the object.
• Privilege Inheritance: Access privileges are inherited downward, meaning granting a privilege on the...¹.
• Basic object privileges include SHOW, GRANT, and REVOKE commands for managing privileges on catalogs...¹.
• To transfer ownership of an object, you can use SQL or Catalog Explorer¹.

Metastore Admin Role Assignment:

• As an account admin, you can assign the metastore admin role to a group:
  • Log in to the account console.
  • Click Catalog.
  • Open the properties of the desired metastore.
  • Under Metastore Admin, click Edit.
  • Select a group from the dropdown and save the changes².

SQL Commands:

• You can use SQL commands to grant access to specific groups:
  • GRANT USE CATALOG ON CATALOG <catalog_name> TO <group_name>;
  • GRANT USE SCHEMA ON SCHEMA <catalog_name>.<schema_name> TO <group_name>;
  • GRANT SELECT ON <catalog_name>.<schema_name>.<table_name> TO <group_name>;³.

Unity Catalog in the Enterprise:

• Unity Catalog has a subscription-wide view and can grant access for AAD security groups into one or ...⁴.
• If you need further assistance, feel free to ask! 🚀