Transfer ownership of Databricks SQL objects

This article shows how to transfer ownership of a SQL warehouse, query, dashboard, or alert using the UI or Permissions REST API.

Important

When an admin transfers ownership of a SQL warehouse to a new user, the new user must have the Allow cluster creation entitlement. If an admin attempts to make a user the warehouse owner and that user lacks that permission, the operation fails. See Configure cluster creation entitlement.

Transfer ownership using the UI

  1. Login to your Databricks SQL workspace as an Administrator.

  2. Select the asset you wish to transfer ownership of.

  3. Click on the “Share” button in the top right corner.

  4. In the share modal, click on the gear icon and click “Assign new owner”.

    Assign new owner

  5. In the next modal, select the user you wish to assign ownership to and click “Confirm”.

  6. The asset has now been assigned to a new owner.

Transfer ownership using Permissions Rest API

Requirements

Important

To access Databricks REST APIs, you must authenticate.

  • The following examples authenticate by passing the personal access token in the HTTP header. To avoid leaking the personal access token in your shell’s command history, you can store the personal access token in a .netrc file. See the Token management API.

  • Only an administrator can transfer ownership of a SQL warehouse, query, dashboard, or alert.

Transfer ownership of a SQL warehouse 

curl --request PUT \
  --url https://<base-url>/api/2.0/preview/permissions/sql/warehouses/<warehouse-uuid> \
  --header 'Authorization: Bearer <api-key>' \
  --data '{"access_control_list": [{"user_name": "<new-owner-email>", "permission_level": "IS_OWNER"}]}'

Replace the placeholders as follows:

  • <base-url>: the URL of your workspace

  • <warehouse-uuid>: the unique ID of the warehouse. To find the warehouse’s ID, open warehouse details page and copy the ID from the “Name” field.

  • <new-owner-email>: the email address of the new owner

  • <api-key>: your personal access token

Note: This API uses a PUT method, which replaces all the existing permissions of the warehouse with the supplied permissions. Because of this, requests should additionally provide the full list of existing permissions with the data argument if they only want to append the IS_OWNER permission.

There are 2 important caveats for using this API:

  • PUT requests without a warehouse owner will NOT overwrite, but keep the existing owner of the warehouse. If a new owner is provided in the request, the old owner permissions will be overwritten. This is to ensure there is always one owner present so cluster startup/stop continues to work.

  • PATCH requests containing a warehouse owner will be rejected with a NOT_IMPLEMENTED error. Updating the warehouse owner MUST only be done using PUT calls. PATCH semantics of updating existing permissions cannot properly guarantee the constraint of having only one owner, which is currently required for all warehouses.

Transfer ownership of a query 

curl --request POST \
  --url https://<base-url>/api/2.0/preview/sql/permissions/query/<query-uuid>/transfer \
  --header 'Authorization: Bearer <api-key>' \
  --data '{"new_owner": "<new-owner-email>"}'

Replace the placeholders as follows:

  • <base-url>: the URL of your workspace

  • <query-uuid>: the unique ID of the query. To find the query’s ID, open the query in the SQL editor and copy the value after /queries/ and before o=.

  • <new-owner-email>: the email address of the new owner

  • <api-key>: your personal access token

Transfer ownership of a dashboard 

curl --request POST \
  --url https://<base-url>/api/2.0/preview/sql/permissions/dashboard/<dashboard-uuid>/transfer \
  --header 'Authorization: Bearer <api-key>' \
  --data '{"new_owner": "<new-owner-email>"}'

Replace the placeholders as follows:

  • <base-url>: the URL of your workspace

  • <dashboard-uuid>: the unique ID of the dashboard. To find the dashboard’s ID, open the dashboard and copy the value after /dashboards/ and before o=.

  • <new-owner-email>: the email address of the new owner

  • <api-key>: your personal access token

Transfer ownership of an alert 

curl --request POST \
  --url https://<base-url>/api/2.0/preview/sql/permissions/alert/<alert-uuid>/transfer \
  --header 'Authorization: Bearer <api-key>' \
  --data '{"new_owner": "<new-owner-email>"}'

Replace the placeholders as follows:

  • <base-url>: the URL of your workspace

  • <alert-uuid>: the unique ID of the alert. To find the alert’s ID, open the alert and copy the value after /alerts/ and before o=.

  • <new-owner-email>: the email address of the new owner. The new owner must be an administrator.

  • <api-key>: your personal access token