Table: databricks_iam_current_user - Query Databricks IAM Users using SQL
Databricks Identity and Access Management (IAM) is a web service that helps you securely control access to Databricks resources. It provides authentication, authorization, and audit for your Databricks environment. IAM ensures that only authenticated and authorized users are able to access your Databricks resources.
Table Usage Guide
The databricks_iam_current_user
table provides insights into the current user within Databricks IAM. As a security analyst, explore user-specific details through this table, including user roles, permissions, and associated metadata. Utilize it to uncover information about the current user, such as their roles and permissions, to verify security configurations and ensure adherence to best practices.
Examples
Basic info
Explore the current user's basic information in Databricks to gain insights into their activity status and associated account. This can be useful for monitoring user activity and managing user-related issues.
select id, user_name, display_name, active, account_idfrom databricks_iam_current_user;
select id, user_name, display_name, active, account_idfrom databricks_iam_current_user;
List assigned roles for the user
Explore which roles are currently assigned to a user on Databricks. This is useful for auditing user permissions and ensuring appropriate access levels are maintained.
select u.id, u.user_name, u.display_name, r ->> 'value' as role, r ->> 'type' as type, u.account_idfrom databricks_iam_current_user u, jsonb_array_elements(roles) as r;
select u.id, u.user_name, u.display_name, json_extract(r.value, '$.value') as role, json_extract(r.value, '$.type') as type, u.account_idfrom databricks_iam_current_user u, json_each(roles) as r;
List groups the user belongs to
Explore which groups a particular user is associated with, to understand their permissions and roles within an organization. This is useful for auditing user access and ensuring appropriate security measures are in place.
select u.id, u.user_name, u.display_name, g.id as group_id, g.display_name as group_name, u.account_idfrom databricks_iam_current_user u, databricks_iam_account_group g, jsonb_array_elements(g.members) mwhere m ->> 'value' = u.id and g.account_id = u.account_id;
select u.id, u.user_name, u.display_name, g.id as group_id, g.display_name as group_name, u.account_idfrom databricks_iam_current_user u, databricks_iam_account_group g, json_each(g.members) as mwhere json_extract(m.value, '$.value') = u.id and g.account_id = u.account_id;
List user's entitlements
Explore which entitlements are associated with each user in your Databricks environment. This can be beneficial to understand user permissions and roles for better access management.
select u.id, u.user_name, u.display_name, r ->> 'value' as entitlement, u.account_idfrom databricks_iam_current_user u, jsonb_array_elements(entitlements) as r;
select u.id, u.user_name, u.display_name, json_extract(r.value, '$.value') as entitlement, u.account_idfrom databricks_iam_current_user u, json_each(u.entitlements) as r;
Find the account with the most users
Pinpoint the specific account that has the highest number of users. This can be useful in identifying the most active account and understanding user distribution across accounts.
select account_id, count(*) as user_countfrom databricks_iam_current_usergroup by account_idorder by user_count desclimit 1;
select account_id, count(*) as user_countfrom databricks_iam_current_usergroup by account_idorder by user_count desclimit 1;
List users with multiple email IDs
Explore which users have registered multiple email IDs to their accounts. This can help in identifying instances where a single user might be using multiple accounts, which could be a sign of potential misuse or a security concern.
select id, user_name, display_name, active, account_id, jsonb_pretty(emails) as email_idsfrom databricks_iam_current_userwhere jsonb_array_length(emails) > 1;
select id, user_name, display_name, active, account_id, emails as email_idsfrom databricks_iam_current_userwhere json_array_length(emails) > 1;
Schema for databricks_iam_current_user
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The Databricks Account ID in which the resource is located. |
active | boolean | Whether the user is active. | |
display_name | text | String that represents a concatenation of given and family names. | |
emails | jsonb | All the emails associated with the Databricks user. | |
entitlements | jsonb | All the entitlements associated with the Databricks user. | |
external_id | text | External ID of the user. | |
groups | jsonb | All the groups the user belongs to. | |
id | text | Databricks user ID. | |
name | jsonb | Name of the user. | |
roles | jsonb | All the roles associated with the Databricks user. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
title | text | The title of the resource. | |
user_name | text | Email address of the Databricks user. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- databricks
You can pass the configuration to the command with the --config
argument:
steampipe_export_databricks --config '<your_config>' databricks_iam_current_user