Reputation: 2227
Show grants on all schemas in a Snowflake database
I am trying to list all grants of all schemas in a specific database.
I found that only SHOW GRANTS ON SCHEMA "TEST_DB"."TEST_SCHEMA" do the trick for one schema, but unfortunately I cannot be done for all schemas.
I believe I would need to do a combination of SHOW and result_scan, but I wanted to know if there is a more straightforward solution
I came up with :
show grants on schema "DB"."SCHEMA_A";
show grants on schema "DB"."SCHEMA_B";
select * from table(result_scan(last_query_id())) union all select * from table(result_scan(last_query_id(-2)));
But it quite dirty, and very cumbersome
Upvotes: 3
Views: 8342
Answers (1)
Reputation: 6279
Each database you create in Snowflake has an information_schema schema which you can use to get metadata about objects. You can see what grants have been assigned to a schema in your database with:
select *
from your_db_name.information_schema.object_privileges
where object_type = 'SCHEMA';
This will show you which roles (the "grantee") have been granted access to the schemas in that database but keep in mind that it won't show how the permissions are pushed down the role hierarchy to child roles.
Information schema documentation: https://docs.snowflake.com/en/sql-reference/info-schema.html
Upvotes: 6
Related Questions
- Snowflake schema's not visible after granting database usage
- Snowflake - Give full access on database to role; revoke access on specific schemas to user that is part of the role
- How to query grant template information
- How can we check the grants on schemas in snowflake?
- User cannot see schema- are all of my grants correct?
- Which Role has which tables access in Snowflake
- What does the GRANT MONITOR ON SCHEMA allow in Snowflake?
- SHOW GRANTS TO user ''usename" with filter on role (SNOWFLAKE)
- How do I show all grants to all roles in Snowflake?
- Snowflake Grant Select on single schema