Problem

When accessing the storage path to perform read, write, or MERGE on a Unity Catalog (UC) table that has a row filter or column mask, you receive the following error.

[UNAUTHORIZED_ACCESS] Unauthorized access: PERMISSION_DENIED:
Path-based access to table <catalog>.<schema>.<table> with row filter or column mask not supported.

Cause

Unity Catalog enforces fine-grained governance. When a table has row filters or column masks, path-based access (for example, spark.read.format("delta").load("s3://…/table"), DeltaTable.forPath) is blocked because it bypasses UC policy enforcement. Only name-based access (catalog.schema.table) is allowed. 

For more information, review the “Limitations” section of the Row filters and column masks (AWS | Azure | GCP) documentation.

Solution

Opt for name-based access using SQL (or Python SQL through spark.sql) and Delta APIs that take a table name instead of table path. 

Example code to read a table

DeltaTable.forName(spark, "<catalog>.<schema>.<table>")

 Or

spark.sql(“select * from <catalog>.<schema>.<table>”)

Example code to perform a MERGE on a table

DeltaTable.forName(spark, "<catalog>.<schema>.<table>").merge(...)

(or)

MERGE INTO <catalog>.<schema>.<table> AS ….