cancel
Showing results for 
Search instead for 
Did you mean: 
Community Discussions
Connect with fellow community members to discuss general topics related to the Databricks platform, industry trends, and best practices. Share experiences, ask questions, and foster collaboration within the community.
cancel
Showing results for 
Search instead for 
Did you mean: 

List granted access for a group or a user

Henrik
New Contributor III

Is there any way where I can see what access a group or a user have been given to objects (Tables, views, catalogs etc.)?

I noticed that we have the following information_schema tables:

  • catalog_privileges
  • routine_privileges
  • table_privileges
  • schema_privileges
  • volume_privileges

All very helpfull, but i'm missing an overview for what views a group or a user can select.

So how do I get this overview of rights for a group or user?

3 REPLIES 3

anardinelli
New Contributor III
New Contributor III

Hi @Henrik how are you?

To list the groups that can access a view, you can use the system.information_schema.table_privileges system table. Here is a sample query:

SELECT grantee, table_name, privilege_type
FROM system.information_schema.table_privileges
WHERE table_name = "your_view_name";

This query will return the groups (grantee), the table name (table_name), and the type of privilege (privilege_type) they have on the table. Please replace "your_view_name" with the name of your view.

For system tables, access is governed by Unity Catalog (UC), but system tables contain operational data for all assets in the DB account, including those not governed by UC. By default, the Account Admin and Metastore Administrator can read from all system tables.

Hope it helps.

Best,

Alessandro

 

Henrik
New Contributor III

I there a way to give users that are not account admin nor metastore admin to read all rows from these tables?

anardinelli
New Contributor III
New Contributor III

Hi @Henrik 

To grant a user the privilege to query system tables, a metastore admin or another privileged user must grant USE and SELECT permissions on the system schemas.

 

GRANT USAGE ON CATALOG  system TO <user_name>;
GRANT USAGE ON SCHEMA information_schema TO <user_name>;
GRANT SELECT ON TABLE <table_name> TO <user_name>;

 

Include <user_name> in backticks ``

 Please note that these commands should be executed by a metastore admin or another privileged user.

Let me know if it helps,

Best,

Alessandro

Join 100K+ Data Experts: Register Now & Grow with Us!

Excited to expand your horizons with us? Click here to Register and begin your journey to success!

Already a member? Login and join your local regional user group! If there isn’t one near you, fill out this form and we’ll create one for you to join!