I was wondering if there was a way to check what all objects does any particular role have access to, and with what privileges in snowflake. Your help is appreciated.
CodePudding user response:
You can use the below command to get the privileges on the objects that a role has been granted access to. This will include the roles granted to the role too.
Show grants to role <role_name>;
https://docs.snowflake.com/en/sql-reference/sql/show-grants.html#syntax
You can use the below command to get the details on the grants of the role to another role or user
Show grants of role <role_name>;
CodePudding user response:
To see what objects a role has access to, the following methods can be utilized.
- SHOW COMMAND :
SHOW GRANTS TO ROLE; Snowflake Documentation Reference: https://docs.snowflake.com/en/sql-reference/sql/show-grants.html#show-grants
The granted_on column in the result if the above show command lists the name of the object, privilege column lists the name of the privilege and the name column lists the name of the role to which the privilege on the object has been granted.
Query the SNOWFLAKE.ACCOUNT_USAGE.GRANTS_TO_ROLES View.
Documentation Reference: https://docs.snowflake.com/en/sql-reference/account-usage/grants_to_roles.html#grants-to-roles-view