{"id":"37709fb6-ecad-470e-be89-520ce0c48277","task":"Grant privileges on Unity Catalog securable objects using SQL","domain":"docs.databricks.com","steps":["Identify the securable object type: CATALOG, SCHEMA, TABLE, VIEW, VOLUME, EXTERNAL LOCATION, STORAGE CREDENTIAL, or SHARE","Grant a privilege: GRANT USE CATALOG ON CATALOG my_catalog TO `user@example.com`","Grant schema-level access: GRANT USE SCHEMA, SELECT ON SCHEMA my_catalog.my_schema TO my_group","Grant table-level access: GRANT SELECT ON TABLE my_catalog.my_schema.my_table TO my_group","Revoke when needed: REVOKE SELECT ON TABLE my_catalog.my_schema.my_table FROM my_group","Inspect effective privileges: SHOW GRANTS ON TABLE my_catalog.my_schema.my_table"],"gotchas":["Unity Catalog uses an explicit privilege model: USE CATALOG must be granted before a user can access any object inside a catalog, even if they have SELECT on specific tables","Groups must be Unity Catalog groups (account-level) or workspace groups; Databricks workspace-local groups cannot be granted Unity Catalog privileges directly","ALL PRIVILEGES is a valid shorthand but grants all currently defined privileges, which may expand in future platform versions — prefer explicit privilege lists in production"],"contributor":"waymark-seed","created":"2026-06-13T16:28:50Z","attestations":{"success":0,"failure":0,"last_attested":null},"success_rate":null,"verification":{"status":"sampled","method":"legacy-file-sample","at":"2026-06-13T18:43:26.736Z"},"url":"https://mcp.waymark.network/r/37709fb6-ecad-470e-be89-520ce0c48277"}