cancel
Showing results for 
Search instead for 
Did you mean: 
Data Governance
Join discussions on data governance practices, compliance, and security within the Databricks Community. Exchange strategies and insights to ensure data integrity and regulatory compliance.
cancel
Showing results for 
Search instead for 
Did you mean: 

Is it possible to manage access for legacy catalogs (hive_metastore) in Terraform?

fuselessmatt
Contributor

We have been successfully managing access for our unity catalogs using the databricks_grant resources in Terraform. Now we want to enable the Rudderstack integration for Databricks, but that does not support unity catalog and instead put files inside the hive_metastore catalog (external metastore?). From the UI I can grant things like READ_METADATA and CREATE_NAMED_FUNCTION, but I can't find any resources that include these. Is this simply not possible?

Update: Rudderstack now release support for Unity Catalog, so we no longer have any use for this.

1 ACCEPTED SOLUTION

Accepted Solutions

Anonymous
Not applicable

@Mattias P​ :

Unfortunately, it is not currently possible to manage access to the Hive Metastore catalog (or other external metastores) using the databricks_grant resource in Terraform. This is because the databricks_grant resource is specifically designed to manage access to Databricks resources within the Databricks workspace, and external metastores are not within the workspace.

However, you may be able to manage access to the Hive Metastore catalog using a different method, such as creating custom roles and permissions in your Hive Metastore service, or using a separate tool to manage access to the metastore.

Alternatively, you could consider using Databricks as the metastore for Rudderstack instead of using an external metastore. This would allow you to continue using the databricks_grant resource in Terraform to manage access to the Rudderstack integration in Databricks.

View solution in original post

2 REPLIES 2

Anonymous
Not applicable

@Mattias P​ :

Unfortunately, it is not currently possible to manage access to the Hive Metastore catalog (or other external metastores) using the databricks_grant resource in Terraform. This is because the databricks_grant resource is specifically designed to manage access to Databricks resources within the Databricks workspace, and external metastores are not within the workspace.

However, you may be able to manage access to the Hive Metastore catalog using a different method, such as creating custom roles and permissions in your Hive Metastore service, or using a separate tool to manage access to the metastore.

Alternatively, you could consider using Databricks as the metastore for Rudderstack instead of using an external metastore. This would allow you to continue using the databricks_grant resource in Terraform to manage access to the Rudderstack integration in Databricks.

stropa
New Contributor II

Actually, it is possible to manage permissions for the legacy catalog with databricks_sql_permissions Resource:
https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/sql_permissions#...

Join 100K+ Data Experts: Register Now & Grow with Us!

Excited to expand your horizons with us? Click here to Register and begin your journey to success!

Already a member? Login and join your local regional user group! If there isn’t one near you, fill out this form and we’ll create one for you to join!