pulumi-databricks 1.74.0a1753335781__py3-none-any.whl → 1.77.0__py3-none-any.whl

pulumi_databricks/grants.py

@@ -2,8 +2,7 @@
 # *** WARNING: this file was generated by pulumi-language-python. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
-import builtins
-import copy
+import builtins as _builtins
 import warnings
 import sys
 import pulumi
@@ -23,20 +22,20 @@ __all__ = ['GrantsArgs', 'Grants']
 class GrantsArgs:
     def __init__(__self__, *,
                  grants: pulumi.Input[Sequence[pulumi.Input['GrantsGrantArgs']]],
-                 catalog: Optional[pulumi.Input[builtins.str]] = None,
-                 credential: Optional[pulumi.Input[builtins.str]] = None,
-                 external_location: Optional[pulumi.Input[builtins.str]] = None,
-                 foreign_connection: Optional[pulumi.Input[builtins.str]] = None,
-                 function: Optional[pulumi.Input[builtins.str]] = None,
-                 metastore: Optional[pulumi.Input[builtins.str]] = None,
-                 model: Optional[pulumi.Input[builtins.str]] = None,
-                 pipeline: Optional[pulumi.Input[builtins.str]] = None,
-                 recipient: Optional[pulumi.Input[builtins.str]] = None,
-                 schema: Optional[pulumi.Input[builtins.str]] = None,
-                 share: Optional[pulumi.Input[builtins.str]] = None,
-                 storage_credential: Optional[pulumi.Input[builtins.str]] = None,
-                 table: Optional[pulumi.Input[builtins.str]] = None,
-                 volume: Optional[pulumi.Input[builtins.str]] = None):
+                 catalog: Optional[pulumi.Input[_builtins.str]] = None,
+                 credential: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_location: Optional[pulumi.Input[_builtins.str]] = None,
+                 foreign_connection: Optional[pulumi.Input[_builtins.str]] = None,
+                 function: Optional[pulumi.Input[_builtins.str]] = None,
+                 metastore: Optional[pulumi.Input[_builtins.str]] = None,
+                 model: Optional[pulumi.Input[_builtins.str]] = None,
+                 pipeline: Optional[pulumi.Input[_builtins.str]] = None,
+                 recipient: Optional[pulumi.Input[_builtins.str]] = None,
+                 schema: Optional[pulumi.Input[_builtins.str]] = None,
+                 share: Optional[pulumi.Input[_builtins.str]] = None,
+                 storage_credential: Optional[pulumi.Input[_builtins.str]] = None,
+                 table: Optional[pulumi.Input[_builtins.str]] = None,
+                 volume: Optional[pulumi.Input[_builtins.str]] = None):
         """
         The set of arguments for constructing a Grants resource.
         """
@@ -70,7 +69,7 @@ class GrantsArgs:
         if volume is not None:
             pulumi.set(__self__, "volume", volume)
 
-    @property
+    @_builtins.property
     @pulumi.getter
     def grants(self) -> pulumi.Input[Sequence[pulumi.Input['GrantsGrantArgs']]]:
         return pulumi.get(self, "grants")
@@ -79,151 +78,151 @@ class GrantsArgs:
     def grants(self, value: pulumi.Input[Sequence[pulumi.Input['GrantsGrantArgs']]]):
         pulumi.set(self, "grants", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def catalog(self) -> Optional[pulumi.Input[builtins.str]]:
+    def catalog(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "catalog")
 
     @catalog.setter
-    def catalog(self, value: Optional[pulumi.Input[builtins.str]]):
+    def catalog(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "catalog", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def credential(self) -> Optional[pulumi.Input[builtins.str]]:
+    def credential(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "credential")
 
     @credential.setter
-    def credential(self, value: Optional[pulumi.Input[builtins.str]]):
+    def credential(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "credential", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalLocation")
-    def external_location(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_location(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "external_location")
 
     @external_location.setter
-    def external_location(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_location(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_location", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="foreignConnection")
-    def foreign_connection(self) -> Optional[pulumi.Input[builtins.str]]:
+    def foreign_connection(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "foreign_connection")
 
     @foreign_connection.setter
-    def foreign_connection(self, value: Optional[pulumi.Input[builtins.str]]):
+    def foreign_connection(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "foreign_connection", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def function(self) -> Optional[pulumi.Input[builtins.str]]:
+    def function(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "function")
 
     @function.setter
-    def function(self, value: Optional[pulumi.Input[builtins.str]]):
+    def function(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "function", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def metastore(self) -> Optional[pulumi.Input[builtins.str]]:
+    def metastore(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "metastore")
 
     @metastore.setter
-    def metastore(self, value: Optional[pulumi.Input[builtins.str]]):
+    def metastore(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "metastore", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def model(self) -> Optional[pulumi.Input[builtins.str]]:
+    def model(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "model")
 
     @model.setter
-    def model(self, value: Optional[pulumi.Input[builtins.str]]):
+    def model(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "model", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def pipeline(self) -> Optional[pulumi.Input[builtins.str]]:
+    def pipeline(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "pipeline")
 
     @pipeline.setter
-    def pipeline(self, value: Optional[pulumi.Input[builtins.str]]):
+    def pipeline(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "pipeline", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def recipient(self) -> Optional[pulumi.Input[builtins.str]]:
+    def recipient(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "recipient")
 
     @recipient.setter
-    def recipient(self, value: Optional[pulumi.Input[builtins.str]]):
+    def recipient(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "recipient", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def schema(self) -> Optional[pulumi.Input[builtins.str]]:
+    def schema(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "schema")
 
     @schema.setter
-    def schema(self, value: Optional[pulumi.Input[builtins.str]]):
+    def schema(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "schema", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def share(self) -> Optional[pulumi.Input[builtins.str]]:
+    def share(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "share")
 
     @share.setter
-    def share(self, value: Optional[pulumi.Input[builtins.str]]):
+    def share(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "share", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="storageCredential")
-    def storage_credential(self) -> Optional[pulumi.Input[builtins.str]]:
+    def storage_credential(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "storage_credential")
 
     @storage_credential.setter
-    def storage_credential(self, value: Optional[pulumi.Input[builtins.str]]):
+    def storage_credential(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "storage_credential", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def table(self) -> Optional[pulumi.Input[builtins.str]]:
+    def table(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "table")
 
     @table.setter
-    def table(self, value: Optional[pulumi.Input[builtins.str]]):
+    def table(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "table", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def volume(self) -> Optional[pulumi.Input[builtins.str]]:
+    def volume(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "volume")
 
     @volume.setter
-    def volume(self, value: Optional[pulumi.Input[builtins.str]]):
+    def volume(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "volume", value)
 
 
 @pulumi.input_type
 class _GrantsState:
     def __init__(__self__, *,
-                 catalog: Optional[pulumi.Input[builtins.str]] = None,
-                 credential: Optional[pulumi.Input[builtins.str]] = None,
-                 external_location: Optional[pulumi.Input[builtins.str]] = None,
-                 foreign_connection: Optional[pulumi.Input[builtins.str]] = None,
-                 function: Optional[pulumi.Input[builtins.str]] = None,
+                 catalog: Optional[pulumi.Input[_builtins.str]] = None,
+                 credential: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_location: Optional[pulumi.Input[_builtins.str]] = None,
+                 foreign_connection: Optional[pulumi.Input[_builtins.str]] = None,
+                 function: Optional[pulumi.Input[_builtins.str]] = None,
                  grants: Optional[pulumi.Input[Sequence[pulumi.Input['GrantsGrantArgs']]]] = None,
-                 metastore: Optional[pulumi.Input[builtins.str]] = None,
-                 model: Optional[pulumi.Input[builtins.str]] = None,
-                 pipeline: Optional[pulumi.Input[builtins.str]] = None,
-                 recipient: Optional[pulumi.Input[builtins.str]] = None,
-                 schema: Optional[pulumi.Input[builtins.str]] = None,
-                 share: Optional[pulumi.Input[builtins.str]] = None,
-                 storage_credential: Optional[pulumi.Input[builtins.str]] = None,
-                 table: Optional[pulumi.Input[builtins.str]] = None,
-                 volume: Optional[pulumi.Input[builtins.str]] = None):
+                 metastore: Optional[pulumi.Input[_builtins.str]] = None,
+                 model: Optional[pulumi.Input[_builtins.str]] = None,
+                 pipeline: Optional[pulumi.Input[_builtins.str]] = None,
+                 recipient: Optional[pulumi.Input[_builtins.str]] = None,
+                 schema: Optional[pulumi.Input[_builtins.str]] = None,
+                 share: Optional[pulumi.Input[_builtins.str]] = None,
+                 storage_credential: Optional[pulumi.Input[_builtins.str]] = None,
+                 table: Optional[pulumi.Input[_builtins.str]] = None,
+                 volume: Optional[pulumi.Input[_builtins.str]] = None):
         """
         Input properties used for looking up and filtering Grants resources.
         """
@@ -258,52 +257,52 @@ class _GrantsState:
         if volume is not None:
             pulumi.set(__self__, "volume", volume)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def catalog(self) -> Optional[pulumi.Input[builtins.str]]:
+    def catalog(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "catalog")
 
     @catalog.setter
-    def catalog(self, value: Optional[pulumi.Input[builtins.str]]):
+    def catalog(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "catalog", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def credential(self) -> Optional[pulumi.Input[builtins.str]]:
+    def credential(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "credential")
 
     @credential.setter
-    def credential(self, value: Optional[pulumi.Input[builtins.str]]):
+    def credential(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "credential", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalLocation")
-    def external_location(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_location(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "external_location")
 
     @external_location.setter
-    def external_location(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_location(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_location", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="foreignConnection")
-    def foreign_connection(self) -> Optional[pulumi.Input[builtins.str]]:
+    def foreign_connection(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "foreign_connection")
 
     @foreign_connection.setter
-    def foreign_connection(self, value: Optional[pulumi.Input[builtins.str]]):
+    def foreign_connection(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "foreign_connection", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def function(self) -> Optional[pulumi.Input[builtins.str]]:
+    def function(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "function")
 
     @function.setter
-    def function(self, value: Optional[pulumi.Input[builtins.str]]):
+    def function(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "function", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
     def grants(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['GrantsGrantArgs']]]]:
         return pulumi.get(self, "grants")
@@ -312,85 +311,85 @@ class _GrantsState:
     def grants(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['GrantsGrantArgs']]]]):
         pulumi.set(self, "grants", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def metastore(self) -> Optional[pulumi.Input[builtins.str]]:
+    def metastore(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "metastore")
 
     @metastore.setter
-    def metastore(self, value: Optional[pulumi.Input[builtins.str]]):
+    def metastore(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "metastore", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def model(self) -> Optional[pulumi.Input[builtins.str]]:
+    def model(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "model")
 
     @model.setter
-    def model(self, value: Optional[pulumi.Input[builtins.str]]):
+    def model(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "model", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def pipeline(self) -> Optional[pulumi.Input[builtins.str]]:
+    def pipeline(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "pipeline")
 
     @pipeline.setter
-    def pipeline(self, value: Optional[pulumi.Input[builtins.str]]):
+    def pipeline(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "pipeline", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def recipient(self) -> Optional[pulumi.Input[builtins.str]]:
+    def recipient(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "recipient")
 
     @recipient.setter
-    def recipient(self, value: Optional[pulumi.Input[builtins.str]]):
+    def recipient(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "recipient", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def schema(self) -> Optional[pulumi.Input[builtins.str]]:
+    def schema(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "schema")
 
     @schema.setter
-    def schema(self, value: Optional[pulumi.Input[builtins.str]]):
+    def schema(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "schema", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def share(self) -> Optional[pulumi.Input[builtins.str]]:
+    def share(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "share")
 
     @share.setter
-    def share(self, value: Optional[pulumi.Input[builtins.str]]):
+    def share(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "share", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="storageCredential")
-    def storage_credential(self) -> Optional[pulumi.Input[builtins.str]]:
+    def storage_credential(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "storage_credential")
 
     @storage_credential.setter
-    def storage_credential(self, value: Optional[pulumi.Input[builtins.str]]):
+    def storage_credential(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "storage_credential", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def table(self) -> Optional[pulumi.Input[builtins.str]]:
+    def table(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "table")
 
     @table.setter
-    def table(self, value: Optional[pulumi.Input[builtins.str]]):
+    def table(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "table", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def volume(self) -> Optional[pulumi.Input[builtins.str]]:
+    def volume(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "volume")
 
     @volume.setter
-    def volume(self, value: Optional[pulumi.Input[builtins.str]]):
+    def volume(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "volume", value)
 
 
@@ -400,31 +399,28 @@ class Grants(pulumi.CustomResource):
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 catalog: Optional[pulumi.Input[builtins.str]] = None,
-                 credential: Optional[pulumi.Input[builtins.str]] = None,
-                 external_location: Optional[pulumi.Input[builtins.str]] = None,
-                 foreign_connection: Optional[pulumi.Input[builtins.str]] = None,
-                 function: Optional[pulumi.Input[builtins.str]] = None,
+                 catalog: Optional[pulumi.Input[_builtins.str]] = None,
+                 credential: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_location: Optional[pulumi.Input[_builtins.str]] = None,
+                 foreign_connection: Optional[pulumi.Input[_builtins.str]] = None,
+                 function: Optional[pulumi.Input[_builtins.str]] = None,
                  grants: Optional[pulumi.Input[Sequence[pulumi.Input[Union['GrantsGrantArgs', 'GrantsGrantArgsDict']]]]] = None,
-                 metastore: Optional[pulumi.Input[builtins.str]] = None,
-                 model: Optional[pulumi.Input[builtins.str]] = None,
-                 pipeline: Optional[pulumi.Input[builtins.str]] = None,
-                 recipient: Optional[pulumi.Input[builtins.str]] = None,
-                 schema: Optional[pulumi.Input[builtins.str]] = None,
-                 share: Optional[pulumi.Input[builtins.str]] = None,
-                 storage_credential: Optional[pulumi.Input[builtins.str]] = None,
-                 table: Optional[pulumi.Input[builtins.str]] = None,
-                 volume: Optional[pulumi.Input[builtins.str]] = None,
+                 metastore: Optional[pulumi.Input[_builtins.str]] = None,
+                 model: Optional[pulumi.Input[_builtins.str]] = None,
+                 pipeline: Optional[pulumi.Input[_builtins.str]] = None,
+                 recipient: Optional[pulumi.Input[_builtins.str]] = None,
+                 schema: Optional[pulumi.Input[_builtins.str]] = None,
+                 share: Optional[pulumi.Input[_builtins.str]] = None,
+                 storage_credential: Optional[pulumi.Input[_builtins.str]] = None,
+                 table: Optional[pulumi.Input[_builtins.str]] = None,
+                 volume: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         """
         > This article refers to the privileges and inheritance model in Privilege Model version 1.0. If you created your metastore during the public preview (before August 25, 2022), you can upgrade to Privilege Model version 1.0 following [Upgrade to privilege inheritance](https://docs.databricks.com/data-governance/unity-catalog/hive-metastore.html)
 
         > Most of Unity Catalog APIs are only accessible via **workspace-level APIs**. This design may change in the future. Account-level principal grants can be assigned with any valid workspace as the Unity Catalog is decoupled from specific workspaces. More information in [the official documentation](https://docs.databricks.com/data-governance/unity-catalog/index.html).
 
-        Two different resources help you manage your Unity Catalog grants for a securable. Each of these resources serves a different use case:
-
-        - databricks_grants: Authoritative. Sets the grants of a securable and *replaces* any existing grants defined inside or outside of Pulumi.
-        - databricks_grant: Authoritative for a given principal. Updates the grants of a securable to a single principal. Other principals within the grants for the securables are preserved.
+        > This resource is _authoritative_ for grants on securables. Configuring this resource for a securable will **OVERWRITE** any existing grants and changes made outside of Pulumi will be reset. Use Grant for more granular grant management.
 
         In Unity Catalog all users initially have no access to data. Only Metastore Admins can create objects and can grant/revoke access on individual objects to users and groups. Every securable object in Unity Catalog has an owner. The owner can be any account-level user or group, called principals in general. The principal that creates an object becomes its owner. Owners receive `ALL_PRIVILEGES` on the securable object (e.g., `SELECT` and `MODIFY` on a table), as well as the permission to grant privileges to other principals.
 
@@ -437,8 +433,6 @@ class Grants(pulumi.CustomResource):
 
         For the latest list of privilege types that apply to each securable object in Unity Catalog, please refer to the [official documentation](https://docs.databricks.com/en/data-governance/unity-catalog/manage-privileges/privileges.html#privilege-types-by-securable-object-in-unity-catalog)
 
-        Pulumi will handle any configuration drift on every `pulumi up` run, even when grants are changed outside of Pulumi state.
-
         When applying grants using an identity with [`MANAGE` permission](https://docs.databricks.com/aws/en/data-governance/unity-catalog/manage-privileges/ownership#ownership-versus-the-manage-privilege), their `MANAGE` permission must also be defined, otherwise Pulumi will remove their permissions, leading to errors.
 
         Unlike the [SQL specification](https://docs.databricks.com/sql/language-manual/sql-ref-privileges.html#privilege-types), all privileges to be written with underscore instead of space, e.g. `CREATE_TABLE` and not `CREATE TABLE`. Below summarizes which privilege types apply to each securable object in the catalog:
@@ -520,7 +514,7 @@ class Grants(pulumi.CustomResource):
 
         ## Schema grants
 
-        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `CREATE_FUNCTION`, `CREATE_TABLE`, `CREATE_VOLUME`, `MANAGE` and `USE_SCHEMA` privileges to *`catalog.schema`* specified in the `schema` attribute. You can also grant `EXECUTE`, `MODIFY`, `REFRESH`, `SELECT`, `READ_VOLUME`, `WRITE_VOLUME` at the schema level to apply them to the pertinent current and future securable objects within the schema:
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `CREATE_FUNCTION`, `CREATE_TABLE`, `CREATE_VOLUME`, `MANAGE` and `USE_SCHEMA` privileges to _`catalog.schema`_ specified in the `schema` attribute. You can also grant `EXECUTE`, `MODIFY`, `REFRESH`, `SELECT`, `READ_VOLUME`, `WRITE_VOLUME` at the schema level to apply them to the pertinent current and future securable objects within the schema:
 
         ```python
         import pulumi
@@ -546,7 +540,7 @@ class Grants(pulumi.CustomResource):
 
         ## Table grants
 
-        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE`, `SELECT` and `MODIFY` privileges to *`catalog.schema.table`* specified in the `table` attribute.
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE`, `SELECT` and `MODIFY` privileges to _`catalog.schema.table`_ specified in the `table` attribute.
 
         ```python
         import pulumi
@@ -592,7 +586,7 @@ class Grants(pulumi.CustomResource):
 
         ## View grants
 
-        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE` and `SELECT` privileges to *`catalog.schema.view`* specified in `table` attribute.
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE` and `SELECT` privileges to _`catalog.schema.view`_ specified in `table` attribute.
 
         ```python
         import pulumi
@@ -629,7 +623,7 @@ class Grants(pulumi.CustomResource):
 
         ## Volume grants
 
-        You can grant `ALL_PRIVILEGES`, `MANAGE`, `READ_VOLUME` and `WRITE_VOLUME` privileges to *`catalog.schema.volume`* specified in the `volume` attribute.
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE`, `READ_VOLUME` and `WRITE_VOLUME` privileges to _`catalog.schema.volume`_ specified in the `volume` attribute.
 
         ```python
         import pulumi
@@ -652,7 +646,7 @@ class Grants(pulumi.CustomResource):
 
         ## Registered model grants
 
-        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `EXECUTE`, and `MANAGE` privileges to *`catalog.schema.model`* specified in the `model` attribute.
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `EXECUTE`, and `MANAGE` privileges to _`catalog.schema.model`_ specified in the `model` attribute.
 
         ```python
         import pulumi
@@ -677,7 +671,7 @@ class Grants(pulumi.CustomResource):
 
         ## Function grants
 
-        You can grant `ALL_PRIVILEGES`, `EXECUTE`, and `MANAGE` privileges to *`catalog.schema.function`* specified in the `function` attribute.
+        You can grant `ALL_PRIVILEGES`, `EXECUTE`, and `MANAGE` privileges to _`catalog.schema.function`_ specified in the `function` attribute.
 
         ```python
         import pulumi
@@ -879,10 +873,7 @@ class Grants(pulumi.CustomResource):
 
         > Most of Unity Catalog APIs are only accessible via **workspace-level APIs**. This design may change in the future. Account-level principal grants can be assigned with any valid workspace as the Unity Catalog is decoupled from specific workspaces. More information in [the official documentation](https://docs.databricks.com/data-governance/unity-catalog/index.html).
 
-        Two different resources help you manage your Unity Catalog grants for a securable. Each of these resources serves a different use case:
-
-        - databricks_grants: Authoritative. Sets the grants of a securable and *replaces* any existing grants defined inside or outside of Pulumi.
-        - databricks_grant: Authoritative for a given principal. Updates the grants of a securable to a single principal. Other principals within the grants for the securables are preserved.
+        > This resource is _authoritative_ for grants on securables. Configuring this resource for a securable will **OVERWRITE** any existing grants and changes made outside of Pulumi will be reset. Use Grant for more granular grant management.
 
         In Unity Catalog all users initially have no access to data. Only Metastore Admins can create objects and can grant/revoke access on individual objects to users and groups. Every securable object in Unity Catalog has an owner. The owner can be any account-level user or group, called principals in general. The principal that creates an object becomes its owner. Owners receive `ALL_PRIVILEGES` on the securable object (e.g., `SELECT` and `MODIFY` on a table), as well as the permission to grant privileges to other principals.
 
@@ -895,8 +886,6 @@ class Grants(pulumi.CustomResource):
 
         For the latest list of privilege types that apply to each securable object in Unity Catalog, please refer to the [official documentation](https://docs.databricks.com/en/data-governance/unity-catalog/manage-privileges/privileges.html#privilege-types-by-securable-object-in-unity-catalog)
 
-        Pulumi will handle any configuration drift on every `pulumi up` run, even when grants are changed outside of Pulumi state.
-
         When applying grants using an identity with [`MANAGE` permission](https://docs.databricks.com/aws/en/data-governance/unity-catalog/manage-privileges/ownership#ownership-versus-the-manage-privilege), their `MANAGE` permission must also be defined, otherwise Pulumi will remove their permissions, leading to errors.
 
         Unlike the [SQL specification](https://docs.databricks.com/sql/language-manual/sql-ref-privileges.html#privilege-types), all privileges to be written with underscore instead of space, e.g. `CREATE_TABLE` and not `CREATE TABLE`. Below summarizes which privilege types apply to each securable object in the catalog:
@@ -978,7 +967,7 @@ class Grants(pulumi.CustomResource):
 
         ## Schema grants
 
-        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `CREATE_FUNCTION`, `CREATE_TABLE`, `CREATE_VOLUME`, `MANAGE` and `USE_SCHEMA` privileges to *`catalog.schema`* specified in the `schema` attribute. You can also grant `EXECUTE`, `MODIFY`, `REFRESH`, `SELECT`, `READ_VOLUME`, `WRITE_VOLUME` at the schema level to apply them to the pertinent current and future securable objects within the schema:
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `CREATE_FUNCTION`, `CREATE_TABLE`, `CREATE_VOLUME`, `MANAGE` and `USE_SCHEMA` privileges to _`catalog.schema`_ specified in the `schema` attribute. You can also grant `EXECUTE`, `MODIFY`, `REFRESH`, `SELECT`, `READ_VOLUME`, `WRITE_VOLUME` at the schema level to apply them to the pertinent current and future securable objects within the schema:
 
         ```python
         import pulumi
@@ -1004,7 +993,7 @@ class Grants(pulumi.CustomResource):
 
         ## Table grants
 
-        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE`, `SELECT` and `MODIFY` privileges to *`catalog.schema.table`* specified in the `table` attribute.
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE`, `SELECT` and `MODIFY` privileges to _`catalog.schema.table`_ specified in the `table` attribute.
 
         ```python
         import pulumi
@@ -1050,7 +1039,7 @@ class Grants(pulumi.CustomResource):
 
         ## View grants
 
-        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE` and `SELECT` privileges to *`catalog.schema.view`* specified in `table` attribute.
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE` and `SELECT` privileges to _`catalog.schema.view`_ specified in `table` attribute.
 
         ```python
         import pulumi
@@ -1087,7 +1076,7 @@ class Grants(pulumi.CustomResource):
 
         ## Volume grants
 
-        You can grant `ALL_PRIVILEGES`, `MANAGE`, `READ_VOLUME` and `WRITE_VOLUME` privileges to *`catalog.schema.volume`* specified in the `volume` attribute.
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `MANAGE`, `READ_VOLUME` and `WRITE_VOLUME` privileges to _`catalog.schema.volume`_ specified in the `volume` attribute.
 
         ```python
         import pulumi
@@ -1110,7 +1099,7 @@ class Grants(pulumi.CustomResource):
 
         ## Registered model grants
 
-        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `EXECUTE`, and `MANAGE` privileges to *`catalog.schema.model`* specified in the `model` attribute.
+        You can grant `ALL_PRIVILEGES`, `APPLY_TAG`, `EXECUTE`, and `MANAGE` privileges to _`catalog.schema.model`_ specified in the `model` attribute.
 
         ```python
         import pulumi
@@ -1135,7 +1124,7 @@ class Grants(pulumi.CustomResource):
 
         ## Function grants
 
-        You can grant `ALL_PRIVILEGES`, `EXECUTE`, and `MANAGE` privileges to *`catalog.schema.function`* specified in the `function` attribute.
+        You can grant `ALL_PRIVILEGES`, `EXECUTE`, and `MANAGE` privileges to _`catalog.schema.function`_ specified in the `function` attribute.
 
         ```python
         import pulumi
@@ -1338,21 +1327,21 @@ class Grants(pulumi.CustomResource):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 catalog: Optional[pulumi.Input[builtins.str]] = None,
-                 credential: Optional[pulumi.Input[builtins.str]] = None,
-                 external_location: Optional[pulumi.Input[builtins.str]] = None,
-                 foreign_connection: Optional[pulumi.Input[builtins.str]] = None,
-                 function: Optional[pulumi.Input[builtins.str]] = None,
+                 catalog: Optional[pulumi.Input[_builtins.str]] = None,
+                 credential: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_location: Optional[pulumi.Input[_builtins.str]] = None,
+                 foreign_connection: Optional[pulumi.Input[_builtins.str]] = None,
+                 function: Optional[pulumi.Input[_builtins.str]] = None,
                  grants: Optional[pulumi.Input[Sequence[pulumi.Input[Union['GrantsGrantArgs', 'GrantsGrantArgsDict']]]]] = None,
-                 metastore: Optional[pulumi.Input[builtins.str]] = None,
-                 model: Optional[pulumi.Input[builtins.str]] = None,
-                 pipeline: Optional[pulumi.Input[builtins.str]] = None,
-                 recipient: Optional[pulumi.Input[builtins.str]] = None,
-                 schema: Optional[pulumi.Input[builtins.str]] = None,
-                 share: Optional[pulumi.Input[builtins.str]] = None,
-                 storage_credential: Optional[pulumi.Input[builtins.str]] = None,
-                 table: Optional[pulumi.Input[builtins.str]] = None,
-                 volume: Optional[pulumi.Input[builtins.str]] = None,
+                 metastore: Optional[pulumi.Input[_builtins.str]] = None,
+                 model: Optional[pulumi.Input[_builtins.str]] = None,
+                 pipeline: Optional[pulumi.Input[_builtins.str]] = None,
+                 recipient: Optional[pulumi.Input[_builtins.str]] = None,
+                 schema: Optional[pulumi.Input[_builtins.str]] = None,
+                 share: Optional[pulumi.Input[_builtins.str]] = None,
+                 storage_credential: Optional[pulumi.Input[_builtins.str]] = None,
+                 table: Optional[pulumi.Input[_builtins.str]] = None,
+                 volume: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -1389,21 +1378,21 @@ class Grants(pulumi.CustomResource):
     def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
-            catalog: Optional[pulumi.Input[builtins.str]] = None,
-            credential: Optional[pulumi.Input[builtins.str]] = None,
-            external_location: Optional[pulumi.Input[builtins.str]] = None,
-            foreign_connection: Optional[pulumi.Input[builtins.str]] = None,
-            function: Optional[pulumi.Input[builtins.str]] = None,
+            catalog: Optional[pulumi.Input[_builtins.str]] = None,
+            credential: Optional[pulumi.Input[_builtins.str]] = None,
+            external_location: Optional[pulumi.Input[_builtins.str]] = None,
+            foreign_connection: Optional[pulumi.Input[_builtins.str]] = None,
+            function: Optional[pulumi.Input[_builtins.str]] = None,
             grants: Optional[pulumi.Input[Sequence[pulumi.Input[Union['GrantsGrantArgs', 'GrantsGrantArgsDict']]]]] = None,
-            metastore: Optional[pulumi.Input[builtins.str]] = None,
-            model: Optional[pulumi.Input[builtins.str]] = None,
-            pipeline: Optional[pulumi.Input[builtins.str]] = None,
-            recipient: Optional[pulumi.Input[builtins.str]] = None,
-            schema: Optional[pulumi.Input[builtins.str]] = None,
-            share: Optional[pulumi.Input[builtins.str]] = None,
-            storage_credential: Optional[pulumi.Input[builtins.str]] = None,
-            table: Optional[pulumi.Input[builtins.str]] = None,
-            volume: Optional[pulumi.Input[builtins.str]] = None) -> 'Grants':
+            metastore: Optional[pulumi.Input[_builtins.str]] = None,
+            model: Optional[pulumi.Input[_builtins.str]] = None,
+            pipeline: Optional[pulumi.Input[_builtins.str]] = None,
+            recipient: Optional[pulumi.Input[_builtins.str]] = None,
+            schema: Optional[pulumi.Input[_builtins.str]] = None,
+            share: Optional[pulumi.Input[_builtins.str]] = None,
+            storage_credential: Optional[pulumi.Input[_builtins.str]] = None,
+            table: Optional[pulumi.Input[_builtins.str]] = None,
+            volume: Optional[pulumi.Input[_builtins.str]] = None) -> 'Grants':
         """
         Get an existing Grants resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -1433,78 +1422,78 @@ class Grants(pulumi.CustomResource):
         __props__.__dict__["volume"] = volume
         return Grants(resource_name, opts=opts, __props__=__props__)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def catalog(self) -> pulumi.Output[Optional[builtins.str]]:
+    def catalog(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "catalog")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def credential(self) -> pulumi.Output[Optional[builtins.str]]:
+    def credential(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "credential")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalLocation")
-    def external_location(self) -> pulumi.Output[Optional[builtins.str]]:
+    def external_location(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "external_location")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="foreignConnection")
-    def foreign_connection(self) -> pulumi.Output[Optional[builtins.str]]:
+    def foreign_connection(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "foreign_connection")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def function(self) -> pulumi.Output[Optional[builtins.str]]:
+    def function(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "function")
 
-    @property
+    @_builtins.property
     @pulumi.getter
     def grants(self) -> pulumi.Output[Sequence['outputs.GrantsGrant']]:
         return pulumi.get(self, "grants")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def metastore(self) -> pulumi.Output[Optional[builtins.str]]:
+    def metastore(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "metastore")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def model(self) -> pulumi.Output[Optional[builtins.str]]:
+    def model(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "model")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def pipeline(self) -> pulumi.Output[Optional[builtins.str]]:
+    def pipeline(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "pipeline")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def recipient(self) -> pulumi.Output[Optional[builtins.str]]:
+    def recipient(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "recipient")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def schema(self) -> pulumi.Output[Optional[builtins.str]]:
+    def schema(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "schema")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def share(self) -> pulumi.Output[Optional[builtins.str]]:
+    def share(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "share")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="storageCredential")
-    def storage_credential(self) -> pulumi.Output[Optional[builtins.str]]:
+    def storage_credential(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "storage_credential")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def table(self) -> pulumi.Output[Optional[builtins.str]]:
+    def table(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "table")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def volume(self) -> pulumi.Output[Optional[builtins.str]]:
+    def volume(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "volume")