SQL warehouse access control

With SQL warehouse access control, individual permissions determine a user’s abilities. This article describes the individual permissions and how to configure SQL warehouse access control.

SQL warehouse permissions

There are four permission levels for a SQL warehouse: No Permissions, Can Use, Is Owner, and Can Manage. The table lists the abilities for each permission.

Ability

No Permissions

Can Use

Is Owner

Can Manage

View all queries for the warehouse

x

x

View details for the warehouse

x

x

x

View warehouse monitoring tab

x

x

Start the warehouse

x

x

x

Stop the warehouse

x

x

Delete the warehouse

x

x

Edit the warehouse

x

x

Modify warehouse permissions

x

x

Manage SQL warehouse permissions using the UI

  1. Click Endpoints Icon SQL Warehouses in the sidebar.

  2. In a warehouse row, select Vertical Ellipsis > Permissions.

    The SQL warehouse permissions display. The warehouse creator and Databricks admins have Can Manage permission.

    Add permission
  3. Select a user or group and a permission.

  4. Click Add.

  5. Click Save.

Manage SQL warehouse permissions using the API

To manage SQL warehouse permissions using the API, invoke methods on the /2.0/permissions/sql/warehouses/<warehouse-id> REST warehouse. For example, to set Can Manage permission for the user user@example.com, run the command:

curl -u 'token:<token>' https://<databricks-instance>/api/2.0/permissions/sql/warehouses/<warehouse-id> -X PATCH -d '{ "access_control_list" : [ { "user_name": user@example.com", "permission_level": "CAN_MANAGE" } ] }'

where