privileges
Creates, updates, deletes, gets or lists a privileges resource.
Overview
| Name | privileges |
| Type | Resource |
| Id | snowflake.grant.privileges |
Fields
SELECT not supported for this resource, use SHOW METHODS to view available operations for the resource.
Methods
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
grant_group_privilege | INSERT | bulkGrantType, granteeName, granteeType, scopeName, scopeType, securableTypePlural, endpoint | - | Endpoint to indicate that the privileges listed in the request body should be granted to all securables of this type in the given scope. |
grant_privilege | INSERT | granteeName, granteeType, securableName, securableType, endpoint | - | Endpoint to indicate that the privileges listed in the request body should be granted. |
revoke_group_privilege | DELETE | bulkGrantType, granteeName, granteeType, privilege, scopeName, scopeType, securableTypePlural, endpoint | deleteMode | Endpoint to indicate that the privilege listed on the group securable in the given scope should be revoked. |
revoke_privilege | DELETE | granteeName, granteeType, privilege, securableName, securableType, endpoint | deleteMode | Endpoint to indicate that the privilege listed in the path should be revoked. |
Optional Parameter Details
| Name | Description | Type | Default |
|---|---|---|---|
deleteMode | If "cascade", recursively revoke the grant from sub-grantees to which this privilege was re-granted. Acceptable values are "restrict" or "cascade". | string | - |
INSERT example
Endpoint to indicate that the privileges listed in the request body should be granted.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO snowflake.grant.privileges (
data__privileges,
data__grant_option,
data__created_on,
data__grantee_type,
data__grantee_name,
data__securable_type,
data__securable_name,
data__granted_by_role_type,
data__granted_by_name,
granteeName,
granteeType,
securableName,
securableType,
endpoint
)
SELECT
'{{ privileges }}',
{{ grant_option }},
'{{ created_on }}',
'{{ grantee_type }}',
'{{ grantee_name }}',
'{{ securable_type }}',
'{{ securable_name }}',
'{{ granted_by_role_type }}',
'{{ granted_by_name }}',
'{{ granteeName }}',
'{{ granteeType }}',
'{{ securableName }}',
'{{ securableType }}',
'{{ endpoint }}'
;
/*+ create */
INSERT INTO snowflake.grant.privileges (
granteeName,
granteeType,
securableName,
securableType,
endpoint
)
SELECT
'{{ granteeName }}',
'{{ granteeType }}',
'{{ securableName }}',
'{{ securableType }}',
'{{ endpoint }}'
;
# Description fields below are for documentation purposes only and are not required in the manifest
- name: privileges
props:
- name: granteeName
value: string
description: Required parameter for the privileges resource.
- name: granteeType
value: string
description: Required parameter for the privileges resource.
- name: securableName
value: string
description: Required parameter for the privileges resource.
- name: securableType
value: string
description: Required parameter for the privileges resource.
- name: endpoint
value: string
description: Required parameter for the privileges resource.
- name: privileges
value: array
description: Privilege type
- name: grant_option
value: boolean
description: Can grantee pass this privilege down?
- name: created_on
value: string
- name: grantee_type
value: string
description: Entity type being granted to
- name: grantee_name
value: string
description: Specific name of object being granted to
- name: securable_type
value: string
description: Type of object granted on
- name: securable_name
value: string
description: Name of specific object granted on (not name of privilege!)
- name: granted_by_role_type
value: string
description: Type of role that granted this privilege to this grantee
- name: granted_by_name
value: string
description: The role that granted this privilege to this grantee
DELETE example
Endpoint to indicate that the privilege listed in the path should be revoked.
/*+ delete */
DELETE FROM snowflake.grant.privileges
WHERE granteeName = '{{ granteeName }}'
AND granteeType = '{{ granteeType }}'
AND privilege = '{{ privilege }}'
AND securableName = '{{ securableName }}'
AND securableType = '{{ securableType }}'
AND endpoint = '{{ endpoint }}';