cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

View alter permission for multiple members

mrinmoygupta
New Contributor

Hi I've setup the gold layer for my client by creating views. Currently not using CI/CD for view deployment but it's on roadmap. Now I've another 2-3 people joining the team and they will be making minor updates to the views as a result of change requests. This was perfectly possible in SQL Server. But in databricks other members are unable alter existing views as the views are currently tied with my user name as the view owners. If I change the view owner to a group next time another member alters the view he then becomes the view owner and other member does not even have permission to change owner. Wonder what would be best practice in this case without having to implement CI/CD. Thanks in advance.

2 REPLIES 2

Alberto_Umana
Databricks Employee
Databricks Employee

Hi @mrinmoygupta,

You can try below approach:

Use Groups for Ownership: Assign the ownership of views to a group rather than individual users. This ensures that all members of the group have the necessary permissions to alter the views. However, be aware that when a member of the group alters a view, they might become the new owner, which can restrict other members from making further changes.

Grant Appropriate Permissions: Ensure that the group has the necessary permissions to manage the views. This includes granting CAN_MANAGE or IS_OWNER permissions to the group. This way, even if the ownership changes, the group members can still manage the views.

Use Unity Catalog: If you are using Unity Catalog, you can manage permissions more effectively. Unity Catalog allows you to set permissions at different levels (catalog, schema, table, view) and ensures that only authorized users or groups can make changes. You can grant USAGE and SELECT permissions on the catalog and schema, and SELECT on the views to the group.

mrinmoygupta
New Contributor

Hi @Alberto_Umana thank you for your response. Unfortunately we already have all these three things in place. The problem still remains as when a member of the group alters a view, they might become the new owner, which can restrict other members from making further changes

My question is for someone who is using the same setup (still not using service principal for deployment) how do they deal with this situation. Do we always need an admin to transfer ownership back to a group after an individual developer alters a view?

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโ€™t want to miss the chance to attend and share knowledge.

If there isnโ€™t a group near you, start one and help create a community that brings people together.

Request a New Group