Databricks Community

EminBoz · ‎05-30-2023

Hello dear community,

i am trying to revoke permissions with the API for SQL-Warehouse. Granting permissions isn't a problem and works like a charme. But revoking won't function. I tried "NO_PERMISSIONS", "NO PERMISSIONS", "DENY", "REVOKE" But i always keep getting this error:

b'{"error_code":"INVALID_PARAMETER_VALUE","message":"Permission type not defined"}'

The Databricks AI Chat Bot says this:

Does Anyone have an Idea? Or is this feature not available yet.

Thank you!

With regards

EminBoz

mathijs-fish · ‎12-12-2023

I have the same question. Does anyone has the answer?

SaugatMukherjee · ‎12-19-2023

I use Terraform to set sql warehouse permissions, but it should be the same. I use the rest api for other things.

So, basically for a warehouse id, you need to pass on the entire array of users who would have access.

So, if there were 3 users with permissions and you need to revoke access for one, the array object (access_control_list in the api definition), that needs to be passed will have access defined for 2 users. The one removed from the object (in the payload) would have their access removed.

If it is only one user, it should be possible to pass on an empty array . I am not in front of my computer now, otherwise a quick test using postman would confirm this.. Let me know if can test this otherwise I can give a working sample tomorrow.

SaugatMukherjee · ‎12-20-2023

Ok, so I have been able to test this.

Basically to remove permissions, you will have to use the "Set SQL Warehouse permissions" using "PUT" and provide it the full list of people, who should have access, leaving out those, who shouldn't, like I mentioned in my reply above.

The update API, does not support it.

So, basically you have to use this endpoint: https://docs.databricks.com/api/workspace/warehouses/setpermissions

and pass on the list of people (apart from the usual owner and admin group, because those would always be there)

who should have access.

Here are some screenshots:

Below are 3 permissions defined for the SQL warehouse , 2 of them being owner and admin, which is by default (assuming that you do not want to change the owner)

Now, I want to revoke permissions for the 3rd user (can use).

So, I do this, call the set permissions endpoint, with an empty array for accesslist (as the owner and admin are there by default and I do not want to change the owner)

Result- the permissions for the 3rd user removed:

In case you have permissions for user you want to keep, other than the owner and admin, provide them in the access_control_list array object, and only those would remain, removing others.

Hope this helps

Haris12 · ‎12-20-2023

Cuphead APK is your go-to destination for the latest versions of the beloved game, Cuphead, on Android. We provide a curated selection of up-to-date APK files, ensuring that you can enjoy the thrilling adventures of Cuphead on your Android device hassle-free. Dive into a world of challenging boss battles, stunning visuals, and nostalgic charm, all at your fingertips. Trust Cuphead APK to keep you at the forefront of gaming excitement, delivering the most recent updates straight to your device. Get ready to embark on a pixelated journey like no other, right from the convenience of your Android device with cuphead android apk 2023

Databricks Community

"Revoke" permissions for SQL-Warehouse with API

Connect with Databricks Users in Your Area

Introducing an exclusively Databricks-hosted Assistant

How to present and share your Notebook insights in AI/BI Dashboards

Meet the Databricks MVPs

Now Hiring: Databricks Community Technical Moderator

Insights from a global survey of 1,100 technologists and interviews with 28 CIOs