Unity Catalog
is Databricks’ centralized governance layer for data and AI: a single place to manage access control, auditing, lineage, discovery, and object organization across workspaces.
Why it matters
Define once, secure everywhere: set policies once; apply them across all workspaces in a region.Centralized governance: ANSI-SQL grants, consistent RBAC, fine-grained controls.Data discovery: tags, docs, search; help people find trusted data.Three-level namespace: catalog.schema.table (and …volume, …function, …model) for clean isolation.System tables: query audit logs, usage, lineage for observability and compliance.Open & multimodal: govern Delta and external data (Parquet, images, JSON, etc. via volumes/external locations). With Delta Lake UniForm, Delta tables can be read by engines expecting Iceberg/Hive semantics.Delta Sharing: share live, governed data with external partners without copying.Object model (top → down)
Catalogs → top-level boundary (org units, environments).Schemas → group objects.Objects → tables (managed/external), views, volumes, functions, models.External access securables
Storage credentials, external locations, connections (to external systems).Use RBAC on these to control read/write from cloud storage and sources.Admin roles
Account admins (metastores, workspace links, users),Workspace admins (workspace objects; often delegated perms on the attached metastore),Metastore admins (optional; central data/storage governance across workspaces).Managed vs external
Managed tables/volumes: UC governs and manages storage (managed tables are always Delta).External tables/volumes: UC governs access from Databricks; storage lifecycle is managed outside. TL;DR: Unity Catalog unifies
