Alert access control
With alert access control, individual permissions determine a user’s abilities. This article describes the individual permissions and how to configure alert access control.
Alert permissions
There are three permission levels for a alert: No Permissions, Can Run, and Can Manage. The table lists the abilities for each permission.
Ability |
No Permissions |
Can Run |
Can Manage |
---|---|---|---|
See in alert list |
x |
x |
|
View alert and result |
x |
x |
|
Manually trigger alert run |
x |
x |
|
Edit alert |
x |
||
Modify permissions |
x |
||
Delete alert |
x |
||
Subscribe to notifications |
x |
x |
Manage alert permission with folders
You can manage alert permissions by adding alerts to folders. Alerts in a folder inherit all permissions settings of that folder. For example, a user that has Can Run permission on a folder has Can Run permission on the alerts in that folder. To learn about configuring permissions on folders, see Folder permissions.
To learn more about organizing alerts into folders, see Workspace browser.
Manage alert permissions using the UI
Click Alerts in the sidebar.
Click an alert.
Click the
button at the top right. The Manage Permissions dialog appears.
Select a user or group and a permission.
Click Add.
Dismiss the dialog.
Manage alert permissions using the API
To manage alert permissions using the API, invoke methods on the /2.0/permissions/sql/alert/<alert-id>
REST endpoint. For example, to set Can Manage permission for the user user@example.com
, run the command:
curl -u 'token:<personal-access-token>' https://<databricks-instance>/api/2.0/permissions/sql/alert/<alert-id> -X PATCH -d '{ "access_control_list" : [ { "user_name": user@example.com", "permission_level": "CAN_MANAGE" } ] }'
where
<databricks-instance>
is the workspace URL of your Databricks deployment.<personal-access-token>
is a personal access token.<alert-id>
is a alert ID.