Databricks Community

reddybhargava · a week ago

We have REST API methods to set,update,Get object permissions documented here https://docs.databricks.com/api/workspace/permissions

Is there a way to revoke the permissions which are granted through REST API

szymon_dybczak · a week ago

Hi @reddybhargava ,

You're correct, there is no direct delete method in REST API. To delete/revoke permission you need to use set method.

Any previous permissions are overwritten by the new values, and any permissions omitted are removed. It's little inconvenient, but it works 😉

reddybhargava · Wednesday

Thank you for your response!

We have a situation where we assigned CAN_BIND permissions to a group for a service principal using the following:

$ vim grant-service-principal.json
{
"access_control_list": [
{
"user_name": "{username}",
"permission_level": "CAN_BIND"
}
]
}
$ curl -X PATCH {DATABRICKS_HOST}/api/2.0/permissions/service-principals/{SP_ID}
header "Content-type: application/json" header "Authorization: Bearer
${DATABRICKS_TOKEN}" data @Grant-service-principal.json

However, the issue with using the SET method to overwrite these permissions is that, as far as we have tried, we can only assign CAN_BIND to a service principal and cannot assign other permissions like CAN_VIEW, etc.

Do you have any suggestions on how we might address this?

Databricks Community

How to delete object permissions using REST API

Connect with Databricks Users in Your Area

Struggling with BI? We want to hear from you!

Introducing Databricks Apps

Databricks Community Champion - September 2024 - Szymon Dybczak

Intelligent Data Engineering: Beyond the AI Hype

Big Book of Data Engineering — 3rd Edition