cancel
Showing results for 
Search instead for 
Did you mean: 
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Showing results for 
Search instead for 
Did you mean: 

How can I give users permissions to see the objects metadata without access to data

merca
Valued Contributor II

Only permissions I can see are select and this gives access to data and that is very unwanted. I only want users to see the metadata, like table/view/column names and descriptions/comments and location and such but not to see any data.

7 REPLIES 7

Geeta1
Valued Contributor

Hi @Merca Ovnerud​ , you have 'READ_METADATA' privilege that you can set for a data object.

Example code in SQL: GRANT READ_METADATA ON SCHEMA schema_name TO user/user_group;

Reference link: https://learn.microsoft.com/en-us/azure/databricks/security/access-control/table-acls/object-privile...

Hope it helps!

merca
Valued Contributor II

Unfortunately I get error on this grant:

`Value 'READ_METADATA' is not a valid permission`

UmaMahesh1
Honored Contributor III

Hi @Merca Ovnerud​ 

You can try in the same method @Geeta Sai Boddu​ suggested.

Before trying make sure that your cluster has table access control enabled. Only if your cluster is a shared access cluster, it will be enabled by default.

Also someone with admin privileges must enable table access control to your workspace.

Do check out these prerequisites before running that SQL code.

UmaMahesh1
Honored Contributor III

SS2
Valued Contributor

You can refer this as well.

GRANT USAGE ON SCHEMA database TO user

GRANT READ_METADATA ON SCHEMA database TO user

merca
Valued Contributor II

@Uma Maheswara Rao Desula​ , @Geeta Sai Boddu​  and @S S​ ,

Thank you for the responses. I have gotten answer from Databricks and it seems this is not possible and this is something that is investigated as a capability.

RonMoody
New Contributor II

Can someone confirm that when using Unity Catalog we cannot restrict a user only for metadata access ?

Join 100K+ Data Experts: Register Now & Grow with Us!

Excited to expand your horizons with us? Click here to Register and begin your journey to success!

Already a member? Login and join your local regional user group! If there isn’t one near you, fill out this form and we’ll create one for you to join!