cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How can I give users permissions to see the objects metadata without access to data

merca
Valued Contributor II

‎11-28-2022 10:34 PM

Only permissions I can see are select and this gives access to data and that is very unwanted. I only want users to see the metadata, like table/view/column names and descriptions/comments and location and such but not to see any data.

7 REPLIES 7

Geeta1
Valued Contributor

‎11-29-2022 03:04 AM

Hi @Merca Ovnerud​ , you have 'READ_METADATA' privilege that you can set for a data object.

Example code in SQL: GRANT READ_METADATA ON SCHEMA schema_name TO user/user_group;

Reference link: https://learn.microsoft.com/en-us/azure/databricks/security/access-control/table-acls/object-privile...

Hope it helps!

merca
Valued Contributor II
In response to Geeta1

‎11-29-2022 03:30 AM

Unfortunately I get error on this grant:

`Value 'READ_METADATA' is not a valid permission`

0 Kudos

UmaMahesh1
Honored Contributor III

‎11-29-2022 09:57 AM

Hi @Merca Ovnerud​ 

You can try in the same method @Geeta Sai Boddu​ suggested.

Before trying make sure that your cluster has table access control enabled. Only if your cluster is a shared access cluster, it will be enabled by default.

Also someone with admin privileges must enable table access control to your workspace.

Do check out these prerequisites before running that SQL code.

Uma Mahesh D
0 Kudos

UmaMahesh1
Honored Contributor III

‎11-29-2022 09:59 AM

Enabling Table Access Control for your workspace : https://learn.microsoft.com/en-us/azure/databricks/administration-guide/access-control/table-acl

Enabling Table ACL for cluster : https://learn.microsoft.com/en-us/azure/databricks/security/access-control/table-acls/table-acl#tabl...

Uma Mahesh D
0 Kudos

SS2
Valued Contributor

‎11-29-2022 10:50 AM

You can refer this as well.

GRANT USAGE ON SCHEMA database TO user

GRANT READ_METADATA ON SCHEMA database TO user

merca
Valued Contributor II

‎11-29-2022 08:29 PM

@Uma Maheswara Rao Desula​ , @Geeta Sai Boddu​  and @S S​ ,

Thank you for the responses. I have gotten answer from Databricks and it seems this is not possible and this is something that is investigated as a capability.

RonMoody
New Contributor II
In response to merca

‎09-19-2023 01:59 PM

Can someone confirm that when using Unity Catalog we cannot restrict a user only for metadata access ?

0 Kudos

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements