Study Databricks DA-ASSOC Unity Catalog Sharing: key concepts, common traps, and exam decision cues.
Many security questions become easy once you restate the Unity Catalog path clearly. If you cannot distinguish catalog, schema, and object scope, you will often pick an answer that sounds secure but misses the actual control boundary.
| Layer | What it answers |
|---|---|
| catalog | top governance boundary |
| schema | grouping layer inside a catalog |
| table or volume | concrete governed object |
| Need | Best first instinct |
|---|---|
| decide who can access an object | roles and permissions in Unity Catalog |
| share results beyond one analyst | sharing boundary and permission path |
| explain where the control applies | restate catalog -> schema -> object |
| Trap | Better rule |
|---|---|
| answering a namespace question with warehouse detail | namespace is about governed object scope |
| treating all sharing as identical | workspace access, external sharing, and dashboard distribution are related but different |
| skipping the object path | secure answers often depend on the exact layer being controlled |
Security questions in this lesson usually begin with namespace and boundary. If the question asks who should access a governed data object, start with Unity Catalog roles and permissions at the correct layer. Keep the namespace order clear: catalog, schema, then table or volume. DA-ASSOC often rewards choosing the right governance boundary before talking about any analysis feature.