How to delete object permissions using REST API
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2024 05:31 PM
We have REST API methods to set,update,Get object permissions documented here https://docs.databricks.com/api/workspace/permissions
Is there a way to revoke the permissions which are granted through REST API
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2024 07:36 PM
Hi @reddybhargava ,
You're correct, there is no direct delete method in REST API. To delete/revoke permission you need to use set method.
Any previous permissions are overwritten by the new values, and any permissions omitted are removed. It's little inconvenient, but it works 😉
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2024 09:08 AM
Thank you for your response!
We have a situation where we assigned CAN_BIND permissions to a group for a service principal using the following:
$ vim grant-service-principal.json
{
"access_control_list": [
{
"user_name": "{username}",
"permission_level": "CAN_BIND"
}
]
}
$ curl -X PATCH {DATABRICKS_HOST}/api/2.0/permissions/service-principals/{SP_ID}
header "Content-type: application/json" header "Authorization: Bearer
${DATABRICKS_TOKEN}" data @Grant-service-principal.json
However, the issue with using the SET method to overwrite these permissions is that, as far as we have tried, we can only assign CAN_BIND to a service principal and cannot assign other permissions like CAN_VIEW, etc.
Do you have any suggestions on how we might address this?
