* Token — Manage which users can create or use tokens. * Password — Manage which users can use password login when SSO is enabled. * Cluster — Manage which users can manage, restart, or attach to clusters. * Pool — Manage which users can manage or attach to pools. Some APIs and documentation refer to pools as instance pools. * Job — Manage which users can view, manage, trigger, cancel, or own a job. * DLT_Pipeline — Manage which users can view, manage, run, cancel, or own a Delta Live Tables pipeline. * Notebook — Manage which users can read, run, edit or manage a notebook. * Directory — Manage which users can read, run, edit, or manage all notebooks in a directory. * MLflow_Experiment — Manage which users can read, edit, or manage MLflow experiments. * MLflow_Registered_Model — Manage which users can read, edit, or manage MLflow registered models. * SQL_Endpoint — Manage which users can use or manage SQL endpoints. * Repo — Manage which users can read, run, edit, or manage a repo.
Data Permissions
- Unity Catalog data permissions (privileges)
- USE_CATALOG: does not give any abilities, but is an additional requirement to perform any action on a catalog object. - USE_SCHEMA: does not give any abilities, but is an additional requirement to perform any action on a schema object. - SELECT: gives read access to table or all tables in object - CREATE_SCHEMA: gives ability to create table in object - CREATE_TABLE: gives ability to create table in object - Hive Metastore data permission https://docs.databricks.com/security/access-control/table- acls/object-privileges.html#privileges - SELECT: gives read access to an object. - CREATE: gives ability to create an object (for example, a table in a schema). - MODIFY: gives ability to add, delete, and modify data to or from an object. - USAGE: does not give any abilities, but is an additional requirement to perform any action on a schema object. - READ_METADATA: gives ability to view an object and its metadata. - CREATE_NAMED_FUNCTION: gives ability to create a named UDF in an existing catalog or schema. - MODIFY_CLASSPATH: gives ability to add files to the Spark class path. - ALL PRIVILEGES: gives all privileges (is translated into all the above privileges)." Hive metastore privileges and securable objects (legacy) Learn how to set privileges on tables, schemas, views, functions, and subsets of these in Databricks.
THE STEP BY STEP GUIDE FOR SUCCESSFUL IMPLEMENTATION OF DATA LAKE-LAKEHOUSE-DATA WAREHOUSE: "THE STEP BY STEP GUIDE FOR SUCCESSFUL IMPLEMENTATION OF DATA LAKE-LAKEHOUSE-DATA WAREHOUSE"