Databricks Community

VCHK · 3 weeks ago

If we don't want to expose admin right to user group. What should we do to allow a specific user group to have permission to view all of the job logs in a Databricks account?

We don't want to grant job level permission too.

Thanks,

VC

SathyaSDE · 2 weeks ago

Hi, I guess you can use Databricks API to list jobs and set Can view permission to all jobs.

Sample code below:

import requests

from databricks_cli.sdk import ApiClient, JobsService, PermissionsService

# Initialize the API client

api_client = ApiClient(

host="https://<databricks-instance>",

token="<personal-access-token>"

)

# List all jobs

jobs_service = JobsService(api_client)

jobs_list = jobs_service.list_jobs()

# Set 'CAN_VIEW' permission to all jobs

permissions_service = PermissionsService(api_client)

for job in jobs_list['jobs']:

job_id = job['job_id']

permissions_service.update_job_permissions(

job_id,

{

"access_control_list": [

{

"user_name": "<user-email>",

"permission_level": "CAN_VIEW"

}

]

}

)

Databricks Community

Databricks Workflow/Jobs View Log Permission

Connect with Databricks Users in Your Area

Now Hiring: Databricks Community Technical Moderator

Data + AI Summit: Call for Presentations

Season's Speedings: Databricks SQL Delivers 4x Performance Boost Over Two Years

Databricks Community Champion - October 2024 - Filip Niziol

Become Our Next Monthly Community Champion!