Databricks Certified Data Engineer - Associate

Explanation

Correct Answer: D. GRANT USAGE ON DATABASE customers TO team;

Why this is correct:

1. USAGE permission is required to see metadata about a database, including viewing what tables exist within it.
2. The syntax GRANT USAGE ON DATABASE <database_name> TO <group_name> is the proper Databricks Unity Catalog command for granting database-level access.
3. The team needs to "see what tables already exist" which requires USAGE permission on the database.

Why other options are incorrect:

• A. GRANT VIEW ON CATALOG customers TO team; - Incorrect because:

  • VIEW is not a valid privilege for catalog-level access
  • The requirement is for database access, not catalog access
  • The catalog name is likely not "customers" (customers is the database name)

• B. GRANT CREATE ON DATABASE customers TO team; - Incorrect because:

  • CREATE permission allows creating new tables, not viewing existing ones
  • The team only needs to see existing tables, not create new ones

• C. GRANT USAGE ON CATALOG team TO customers; - Incorrect because:

  • The syntax is reversed (granting to customers instead of team)
  • The catalog name is "team" which doesn't make sense
  • The team needs database access, not catalog access

Key Concepts:

• USAGE privilege: Allows users/groups to view metadata and list objects within a database
• Database-level permissions: In Unity Catalog, permissions are granted at different levels (catalog, database, table)
• Syntax: GRANT <privilege> ON <object_type> <object_name> TO <principal>

This permission allows the team to run commands like SHOW TABLES IN customers or browse the database in the Databricks UI to see existing tables.