cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Governance
Join discussions on data governance practices, compliance, and security within the Databricks Community. Exchange strategies and insights to ensure data integrity and regulatory compliance.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is it possible to manage access for legacy catalogs (hive_metastore) in Terraform?

Go to solution
fuselessmatt
Contributor

‎01-18-2023 08:08 AM

We have been successfully managing access for our unity catalogs using the databricks_grant resources in Terraform. Now we want to enable the Rudderstack integration for Databricks, but that does not support unity catalog and instead put files inside the hive_metastore catalog (external metastore?). From the UI I can grant things like READ_METADATA and CREATE_NAMED_FUNCTION, but I can't find any resources that include these. Is this simply not possible?

Update: Rudderstack now release support for Unity Catalog, so we no longer have any use for this.

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Anonymous
Not applicable

‎04-10-2023 08:13 AM

@Mattias P​ :

Unfortunately, it is not currently possible to manage access to the Hive Metastore catalog (or other external metastores) using the databricks_grant resource in Terraform. This is because the databricks_grant resource is specifically designed to manage access to Databricks resources within the Databricks workspace, and external metastores are not within the workspace.

However, you may be able to manage access to the Hive Metastore catalog using a different method, such as creating custom roles and permissions in your Hive Metastore service, or using a separate tool to manage access to the metastore.

Alternatively, you could consider using Databricks as the metastore for Rudderstack instead of using an external metastore. This would allow you to continue using the databricks_grant resource in Terraform to manage access to the Rudderstack integration in Databricks.

View solution in original post

2 REPLIES 2

Go to solution
Anonymous
Not applicable

‎04-10-2023 08:13 AM

@Mattias P​ :

Unfortunately, it is not currently possible to manage access to the Hive Metastore catalog (or other external metastores) using the databricks_grant resource in Terraform. This is because the databricks_grant resource is specifically designed to manage access to Databricks resources within the Databricks workspace, and external metastores are not within the workspace.

However, you may be able to manage access to the Hive Metastore catalog using a different method, such as creating custom roles and permissions in your Hive Metastore service, or using a separate tool to manage access to the metastore.

Alternatively, you could consider using Databricks as the metastore for Rudderstack instead of using an external metastore. This would allow you to continue using the databricks_grant resource in Terraform to manage access to the Rudderstack integration in Databricks.

Go to solution
stropa
New Contributor II
In response to Anonymous

‎10-03-2023 11:02 PM

Actually, it is possible to manage permissions for the legacy catalog with databricks_sql_permissions Resource:
https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/sql_permissions#...

0 Kudos

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements