Insufficient permission error when querying views in dedicated access mode

Grant necessary privileges, use alternative compute resources, or use a newer Databricks Runtime.

Written by Gihyeon Lee

Last published at: March 8th, 2025

Problem

You are querying a view on a cluster running in dedicated (formerly single user) access mode when you get an insufficient permission error.

AnalysisException: [INSUFFICIENT_PERMISSIONS] Insufficient privileges:     '<catalog-name>.<schema-name>'.

 

Cause

When running Databricks Runtime 15.3 and below in dedicated access mode, any user who runs a query on a view must have the SELECT permission on the tables and views referenced by the view. Data filtering functionality that enables fine-grained access control is available in Databricks Runtime 15.4 and above.

 

Solution

You can resolve this issue in multiple ways.

  • Get the necessary privileges. Ask an admin to ensure you have:
    • The USE CATALOG privilege on the catalog.
    • The USE SCHEMA privilege on the schema.
    • The SELECT privilege on any referenced tables or views.
  • If you must use Databricks Runtime 15.3 or below, use an alternative compute resource. You can use an SQL warehouse or use compute running in standard (formerly shared) access mode.
  • Upgrade your Databricks Runtime version (on AWS and Azure). Databricks Runtime 15.4 or above allows the use of dedicated access mode along with data filtering. The user who queries the view does not need access to the referenced tables and views.
    • The workspace must have serverless compute enabled for jobs, notebooks, and Delta Live Tables.


For more information, review the Compute access mode limitations for Unity Catalog (AWSAzureGCP).