cancel
Showing results for 
Search instead for 
Did you mean: 
Community Discussions
Connect with fellow community members to discuss general topics related to the Databricks platform, industry trends, and best practices. Share experiences, ask questions, and foster collaboration within the community.
cancel
Showing results for 
Search instead for 
Did you mean: 

Delta Sharing - Info about Share Recipient

data-grassroots
New Contributor III

What information do you know about a share recipient when they access a table shared to them via Delta Sharing?

Wondering if we might be able to utilize something along the lines of is_member, is_account_group_member, session_user, etc for ROW and COL level filtering before we get too far into looking at Delta Sharing.

Thank you

1 ACCEPTED SOLUTION

Accepted Solutions

Kaniz_Fatma
Community Manager
Community Manager

Hi @data-grassroots,

Delta Sharing is an open protocol developed by Databricks for secure data sharing with other organiz...1. When a table is shared via Delta Sharing, the recipient is represented by a named object that signif...2.

However, Delta Sharing does not inherently provide information about the share recipient when they access a shared table. The protocol focuses on securely sharing access to part of a cloud dataset3. It doesn’t seem to have built-in support for utilizing something like is_member, is_account_group_member, session_user, etc, for row and column-level filtering.

That said, Databricks does offer features for filtering sensitive table data using row filters and c...4. Row filters allow you to apply a filter to a table so that subsequent queries only return rows for w...4. This is implemented as a SQL user-defined function (UDF). You first write a SQL UDF to define the filter policy and then apply it to a table with an ALTER TAB...4.

Please note that these features are specific to Databricks and may not be directly applicable to Delta Sharing. If you need to implement row and column-level filtering in Delta Sharing, you might need to build a custom solution that integrates with your identity provider or user management system.

 

View solution in original post

3 REPLIES 3

Kaniz_Fatma
Community Manager
Community Manager

Hi @data-grassroots,

Delta Sharing is an open protocol developed by Databricks for secure data sharing with other organiz...1. When a table is shared via Delta Sharing, the recipient is represented by a named object that signif...2.

However, Delta Sharing does not inherently provide information about the share recipient when they access a shared table. The protocol focuses on securely sharing access to part of a cloud dataset3. It doesn’t seem to have built-in support for utilizing something like is_member, is_account_group_member, session_user, etc, for row and column-level filtering.

That said, Databricks does offer features for filtering sensitive table data using row filters and c...4. Row filters allow you to apply a filter to a table so that subsequent queries only return rows for w...4. This is implemented as a SQL user-defined function (UDF). You first write a SQL UDF to define the filter policy and then apply it to a table with an ALTER TAB...4.

Please note that these features are specific to Databricks and may not be directly applicable to Delta Sharing. If you need to implement row and column-level filtering in Delta Sharing, you might need to build a custom solution that integrates with your identity provider or user management system.

 

data-grassroots
New Contributor III

Thanks Kaniz.

I'll look a little deeper. The idea was to utilize UDFs to limit access a larger dataset. If you're from Org A, you get to see this subset, if you're from Org B, you get to see this other subset, if you're from Org C, you get to see the entire dataset.

That sort of thing.

data-grassroots
New Contributor III

Now that I'm looking closer at the share credentials and the recipient entity you would really need a way to know the bearer token and relate that back to various recipient properties - databricks.name and any custom recipient property tags you may have associated with than recipient.

Join 100K+ Data Experts: Register Now & Grow with Us!

Excited to expand your horizons with us? Click here to Register and begin your journey to success!

Already a member? Login and join your local regional user group! If there isn’t one near you, fill out this form and we’ll create one for you to join!