All posts
ConceptsOctober 16, 20251 min read

Connecting Pgcli to Databricks with Access Control

The connection failed. The terminal went silent. You needed Pgcli to talk to your Databricks cluster, but Access Control stopped you cold. Pgcli is a fast, interactive Postgres client. Databricks Access Control governs who can connect, what they can query, and how data stays secure. When these two meet, configuration matters. Without the right permissions, your SQL calls die before they reach the warehouse. First, confirm that your Databricks workspace has SQL warehouses configured. Pgcli can

Free White Paper

Customer Support Access to Production: The Complete Guide

Architecture patterns, implementation strategies, and security best practices. Delivered to your inbox.

Free. No spam. Unsubscribe anytime.
Andrios Robert

The connection failed. The terminal went silent. You needed Pgcli to talk to your Databricks cluster, but Access Control stopped you cold.

Pgcli is a fast, interactive Postgres client. Databricks Access Control governs who can connect, what they can query, and how data stays secure. When these two meet, configuration matters. Without the right permissions, your SQL calls die before they reach the warehouse.

First, confirm that your Databricks workspace has SQL warehouses configured. Pgcli can only connect to a JDBC endpoint. In Databricks, go to SQL Warehouses and copy the JDBC URL. Ensure the warehouse is running before testing the connection.

Next, check Access Control settings. In the Databricks Admin Console, open “Permissions” for the target warehouse. Assign the right roles — typically CAN_USE — to the service account or personal user that Pgcli will use. If you need granular restrictions, create a group, grant it least-privilege permissions, and connect via that group’s credentials.

Continue reading? Get the full guide.

Customer Support Access to Production: Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

Generate a personal access token under your account settings. Pgcli supports passing this token as a password with the -u flag for username (set to token) and the -p flag. Example:

pgcli -h <hostname from JDBC URL> -p <port> -U token --password <personal_access_token> -d <database>

If your Databricks workspace enforces table-level ACLs, verify that the connected identity has privileges to SELECT from the target schema. Even with warehouse access, Pgcli queries fail when table-level grants are missing. Use:

SHOW GRANTS ON TABLE your_table;

Troubleshooting common issues:

  • Connection timeouts: check firewall rules or security groups around Databricks.
  • Authentication errors: regenerate tokens, confirm they are active.
  • Permission denied: reassign warehouse or table privileges to the correct principal.

Pgcli with Databricks Access Control is about precision. Tight permissions improve security but demand exact configuration. Once the roles, tokens, and endpoints align, Pgcli becomes a fast window into your Databricks data without compromising access policies.

Want to skip the manual setup and see secure Databricks queries from Pgcli in minutes? Visit hoop.dev and get it running live before your next coffee.

Get started

See hoop.dev in action

One gateway for every database, container, and AI agent. Deploy in minutes.

Get a demoMore posts