資料存取控制Data access control

重要

這項功能處於公開預覽狀態This feature is in Public Preview. 請連絡 Azure Databricks 代表以要求存取權。Contact your Azure Databricks representative to request access.

本文說明資料物件擁有者可以使用 Azure Databricks 資料存取控制 SQL 語句來管理的許可權。This article describes the privileges data object owners can manage using Azure Databricks data access control SQL statements.

資料物件擁有者會套用 SQL GRANTDENYREVOKESHOW GRANT 命令,以管理 使用者和群組中資料物件的存取權。Data object owners apply the SQL GRANT, DENY, REVOKE, and SHOW GRANT commands to manage access to data objects from users and groups.

如需使用這些命令的詳細資訊,請參閱 資料物件使用權限For details on using these commands, see Data object privileges.

如需命令參考,請參閱 安全性語句For a command reference, see Security statements.

範例Example

若要讓使用者完成 快速入門:執行查詢並將其視覺化,請指定下列許可權:To enable a user to complete the Quickstart: Run and visualize a query, specify the following privileges:

REVOKE ALL PRIVILEGES ON DATABASE default FROM `user@example.com`;

GRANT USAGE ON DATABASE default TO `user@example.com`;

GRANT SELECT ON DATABASE default TO `user@example.com`;

GRANT READ_METADATA on DATABASE default TO `user@example.com`;

SHOW GRANT `user@example.com` ON DATABASE default;

+------------------+---------------+------------+-----------+
| principal        | ActionType    | ObjectType | ObjectKey |
+------------------+---------------+------------+-----------+
| user@example.com | READ_METADATA | DATABASE   | default   |
+------------------+---------------+------------+-----------+
| user@example.com | SELECT        | DATABASE   | default   |
+------------------+---------------+------------+-----------+
| user@example.com | USAGE         | DATABASE   | default   |
+------------------+---------------+------------+-----------+

當您在 Azure Databricks SQL 分析查詢編輯器中執行這些命令時,您應該會看到:When you run these commands in the Azure Databricks SQL Analytics query editor, you should see:

顯示授與Show grant