Introduction
When members of the group or the service principal try to perform a given action, they receive an INSUFFICIENT_PERMISSIONS
error.
You navigate to the group and service principal entitlement settings in your workspace and notice there is no longer a checkbox option to give workspace admin permission directly.
It is still possible to grant the permissions, separately for tracking purposes if needed. Follow the instructions below for service principals and then groups.
Instructions
For service principals
You need to be at least a workspace admin to complete these steps.
- Create a service principal (SP) in the workspace (any workspace).
- Once you have your existing or newly created SP assigned to your workspace, navigate to Settings > Identity and Access > Groups.
- Search for a group called admins and add your SP as a member of this group.
- This automatically allows the SP to inherit permissions.
For groups
You need to be an account console admin to complete these steps and your workspace needs to be Unity Catalog-enabled.
- Go to your respective account console URL and log in.
- Click User Management in the sidebar.
- Click the Groups tab.
- If you need to create a new group, click Add group and create the new group.
- If you need to update an existing group, click the group name and click Add members to add new members to the group.
- Click Workspaces in the sidebar.
- Click the workspace name that you want to update.
- Click the Permissions tab.
- Click Add permissions.
- Search for the group and select Admin in the Permission drop down.
- Click Save.
- This adds your group on the admins group on your workspace. The group inherits the workspace admin permissions.