Databricks Community

xecel · Monday

Hello,

I am working on a project to document permissions for both admins and non-admin users across all relevant objects at the workspace level in Azure Databricks (e.g., tables, jobs, clusters, etc.).

I understand that admin-level permissions might be partially available through information schema, but detailed permissions for non-admin users likely require the Databricks REST API.

Could you guide me on:

The most efficient way to retrieve and document these permissions?
Whether there are built-in tools or queries for this purpose?
Any recommended practices for structuring this data in a report?

Thank you!

Walter_C · Monday

In Databricks the object permissions are based in the object itself and not the user. Unfortunately as of now there is no way to get all the objects permissions in a single built in query.

There is custom options as for example for clusters, first run the API to list clusters and save all the cluster id in a list. Once you have this list of cluster ids, you can iterate by each cluster using the get permissions for clusters API call.

Right now I dont have any custom code available on my side that will make this same process but it is an idea on how you can do it, it will apply the same for jobs.

In regards tables if you are using Unity Catalog you can refer to API: https://docs.databricks.com/api/workspace/grants/get

Databricks Community

How to Retrieve Admin and Non-Admin Permissions at Workspace Level in Azure Databricks.

Connect with Databricks Users in Your Area

Submit your feedback and win a $50 gift card!

Share Your Feedback in Our Community Survey

Databricks Named a Leader in the 2024 Gartner® Magic Quadrant™ for Cloud Database Management Systems

Announcing the new Meta Llama 3.3 model on Databricks

Milestone: DatabricksTV Reaches 100 Videos!