SHOW GRANTS
Applies to: 
Databricks SQL Databricks Runtime
Displays all privileges (inherited, denied, and granted) that affect the securable object.
To run this command you must be either:
- A workspace administrator or the owner of the object.
- The user specified in
principal.
Use SHOW GRANTS TO RECIPIENT to list which shares a recipient has access to.
Syntax
SHOW GRANTS [ principal ] ON securable_object
You can also use GRANT as an alternative for GRANTS.
Parameters
-
An optional user or group for which to show the privileges granted or denied. If not specified
SHOWwill return privileges for all principals who have privileges on the object. You must enclose users, service principals, and group names with special characters in backticks (` `). -
The object whose privileges to show.
Returns
A result set with the following columns:
principal STRING NOT NULL: The principal who has the permission.actionType STRING NOT NULL: Which action the principal has permission to perform.objectType STRING: The object which the permission is attached to.objectKey STRING: The identifier of the object.
Example
> SHOW GRANTS `alf@melmak.et` ON SCHEMA my_schema;
principal actionType objectType objectKey
------------- ---------- ---------- ---------
alf@melmak.et USE DATABASE my_schema
> SHOW GRANTS ON SHARE some_share;
recipient actionType objectType objectKey
--------- ---------- ---------- ---------
A_Corp SELECT
B.com SELECT
> SHOW GRANTS ON CONNECTION mysql_connection;
principal actionType objectType objectKey
------------- ---------------------- ---------- ------------------------------------
alf@melmak.et CREATE FOREIGN CATALOG CONNECTION mysql_connection
alf@melmak.et USE CONNECTION CONNECTION mysql_connection