When you configure a data access control policy to grant data access permissions to a user in a cloud data platform, bear in mind that different platforms apply the policy permissions in different ways.
The following table lists the permissions that you can configure in a data access control policy and the corresponding permissions that the policy enables in cloud data platforms:
Policy Permission in Data Access Management
Databricks Permission
Microsoft Power BI Permission
Snowflake Permission
read
select
read
select
write
modify
For Power BI workspaces: ReadWriteExplore
For Power BI datasets: (not applicable)
insert
update
delete
(not applicable)
(not applicable)
delete
Note the following guidelines when you configure data access control policy permissions:
•Because views are read-only objects, a source system ignores permissions other than read when a policy applies to a view.
•The delete permission doesn't apply to Databricks or Microsoft Power BI. If you select the delete permission, you don't grant any permission.
•The Databricks modify permission grants write and delete access. If you grant write permission to a Databricks object, you also implicitly grant delete permission.
•The Microsoft Power BI ReadWriteExplore permission grants write and delete access to workspace objects. If you grant write permission to a Microsoft Power BI workspace object, you also implicitly grant delete permission.
•For the Databricks Unity and Hive catalog types, Data Access Management grants user permissions to catalogs and schemas.
•For Snowflake catalogs, Data Access Management grants user permissions to databases and schemas.