Hi Praneeth, Thanks for sending this out. I looked at the PR and think the motivation and PR makes sense.
-Travis On Thu, Mar 5, 2026 at 11:20 AM vemula praneeth < [email protected]> wrote: > Hi dev, > > I've submitted PR #3927 (https://github.com/apache/polaris/pull/3927) > which adds a new catalog-level privilege CATALOG_READ_DATA (code 103). > > Motivation: > Currently, granting read-only access to a data analyst across an entire > catalog requires individually granting TABLE_READ_DATA on every table. > CATALOG_READ_DATA is a single catalog-level grant that subsumes: > - TABLE_READ_DATA, TABLE_LIST, TABLE_READ_PROPERTIES > - NAMESPACE_LIST, NAMESPACE_READ_PROPERTIES > - VIEW_LIST, VIEW_READ_PROPERTIES > > It fits naturally between CATALOG_MANAGE_METADATA (no data access) > and CATALOG_MANAGE_CONTENT (full access), filling a gap for read-only > analyst principals. > > Feedback welcome! > > Regards, > Praneeth >
