Skip to content

Fix doc to remove privileges may take up to one hour to take effect and add Policy to securable object #2009

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jul 25, 2025
Merged

Fix doc to remove privileges may take up to one hour to take effect and add Policy to securable object #2009

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1896ac3
Fix doc to remove privileges may take up to one hour to take effect a…
cgpoh Jul 8, 2025
a43de80
Merge branch 'main' into update-doc
cgpoh Jul 13, 2025
35c1cce
Merge branch 'main' into update-doc
cgpoh Jul 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 1 addition & 5 deletions site/content/in-dev/unreleased/access-control.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ has the following securable objects:
- Namespace
- Iceberg table
- View
- Policy
Comment on lines 43 to +46
Copy link
Preview

Copilot AI Jul 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpick] Consider sorting the list of securable objects alphabetically to maintain consistency (e.g., Iceberg table, Namespace, Policy, View).

Suggested change
- Namespace
- Iceberg table
- View
- Policy
- Iceberg table
- Namespace
- Policy
- View

Copilot uses AI. Check for mistakes.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

¯\(ツ)


## Principal role

Expand Down Expand Up @@ -72,11 +73,6 @@ in the catalog, such as catalog namespaces or tables. You can create one or more
You grant privileges to a catalog role and then grant the catalog role to a principal role to bestow the privileges to one or more service
principals.

> [!NOTE]
> If you update the privileges bestowed to a service principal, the updates won't take effect for up to one hour. This means that if you
> revoke or grant some privileges for a catalog, the updated privileges won't take effect on any service principal with access to that catalog
> for up to one hour.

Polaris also supports a many-to-many relationship between catalog roles and principal roles. You can grant the same catalog role to one or more
principal roles. Likewise, a principal role can be granted to one or more catalog roles.

Expand Down
Loading