Understanding access control & roles on Snowflake

Get my Modern Data Essentials training (for free) & start building more reliable data architectures
https://www.ModernDataCommunity.com

-----

Access control privileges determine who can access and perform operations on specific objects in Snowflake.

I find that Snowflake's way of handling permissions is really quite simple to work with once you get the hang of it. Creating a heiarchy of permissions removes duplicate work and allows you to easily add new roles as needed.

---

Roles are the entities to which privileges on securable objects can be granted and revoked. Roles are assigned to users to allow them to perform actions required for business functions in their organization. A user can be assigned multiple roles. This allows users to switch roles (i.e. choose which role is active in the current Snowflake session) to perform different actions using separate sets of privileges.

Roles can be also granted to other roles, creating a hierarchy of roles. The privileges associated with a role are inherited by any roles above that role in the hierarchy.

Timestamps:
0:00 - Intro
0:22 Review Documentation on Roles
1:31 Review Demo Scenario
2:21 Create Role 1: Analyst
5:33 Create Role 2: Developer
7:35 Explaining Granted By Column
8:18 Create Role 3: CI
10:38 Another Option for Infrastructure (Terraform)

Title & Tags:
Understanding access control & roles on Snowflake
#kahandatasolutions #snowflake #dataengineering