cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
Data Governance
Join discussions on data governance practices, compliance, and security within the Databricks Community. Exchange strategies and insights to ensure data integrity and regulatory compliance.
cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

Catalog owner cannot create table?

hdu
New Contributor II

I transfered the owner of pre-created datasets (catalogs and schemas) by workspace admin to a service principle.

ALTER CATALOG xyz OWNER TO `sp`;

I think as the owner, the job owned by `sp`, should be able to create table in all schemas under catalog xyz. however I got the error: PERMISSION_DENIED, user do not have CREATE TABLE.... 

My question is the owner of catalog does not propagate to schema and table?

 

 

1 ACCEPTED SOLUTION

Accepted Solutions

szymon_dybczak
Contributor III

Hi @hdu ,

Below is an excerpt from documentation: 

"Owners of an object are automatically granted all privileges on that object. In addition, object owners can grant privileges on the object itself and on all of its child objects. This means that owners of a schema do not automatically have all privileges on the tables in the schema, but they can grant themselves privileges on the tables in the schema."

So as an owner you have ability  to grant yourself required permission, but you don't have them granted automatically.

https://learn.microsoft.com/en-us/azure/databricks/data-governance/unity-catalog/manage-privileges/o...

View solution in original post

1 REPLY 1

szymon_dybczak
Contributor III

Hi @hdu ,

Below is an excerpt from documentation: 

"Owners of an object are automatically granted all privileges on that object. In addition, object owners can grant privileges on the object itself and on all of its child objects. This means that owners of a schema do not automatically have all privileges on the tables in the schema, but they can grant themselves privileges on the tables in the schema."

So as an owner you have ability  to grant yourself required permission, but you don't have them granted automatically.

https://learn.microsoft.com/en-us/azure/databricks/data-governance/unity-catalog/manage-privileges/o...

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโ€™t want to miss the chance to attend and share knowledge.

If there isnโ€™t a group near you, start one and help create a community that brings people together.

Request a New Group