search
Start Trial

GRANT PRIVILEGES

hashtag
Organization Privileges

hashtag
Syntax

GRANT [ 
      CREATE_COMPUTE_POOL
      | CREATE_DATABASE 
      | CREATE_STORE 
      | CREATE_SCHEMA_REGISTRY
      | CREATE_DESCRIPTOR_SOURCE 
      | CREATE_FUNCTION_SOURCE 
      | CREATE_FUNCTION
      | CREATE_QUERY
      | MANAGE_MEMBERS
      | MANAGE_GRANTS
      | ALL PRIVILEGES
      , ...
      ]
ON ORGANIZATION
TO ROLE role_name [, ...]
[WITH GRANT OPTION];

hashtag
Description

Grants Organization privileges to one or more roles.

The current role requires one of the following privileges:

  • Ownership of Organization

  • MANAGE_GRANTS privilege on Organization

  • Privilege granted to the current role WITH GRANT OPTION.

hashtag
Arguments

hashtag
CREATE_COMPUTE_POOL

Allow role to create compute_pools under the organization.

hashtag
CREATE_DATABASE

Allow role to create databases under the organization.

hashtag
CREATE_STORE

Allow role to define stores under the organization.

hashtag
CREATE_SCHEMA_REGISTRY

Allow role to define schema registries under the organization.

hashtag
CREATE_DESCRIPTOR_SOURCE

Allow role to upload descriptor sources to the organization.

hashtag
CREATE_FUNCTION_SOURCE

Allow role to upload UDF and UDAF sources to the organization.

hashtag
CREATE_FUNCTION

Allow role to define a new UDF or UDAF under the organization. The role will also require USAGE privileges to the function source.

hashtag
CREATE_QUERY

Allow role to launch a new query under the organization. The role also has additional privileges on database, schema, relations, and stores to launch the query.

hashtag
MANAGE_MEMBERS

Allow role to manage roles, invitations, and users.

hashtag
MANAGE_GRANTS

Allow role to manage all privilege grants within the organization.

hashtag
ALL PRIVILEGES

Grants all the privileges listed above to the role.

hashtag
role_name [, ...]

One or more roles to grant the privileges to.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Example

hashtag
Compute_pool Privileges

hashtag
Description

Grants privileges to one or more roles.

hashtag
Arguments

hashtag
USAGE

Allow role to list and use the compute_pool.

hashtag
CREATE

Allow role to create compute_pools.

hashtag
ALL PRIVILEGES

Grants all the privileges listed above to the role.

hashtag
compute_pool_name

The name of the compute_pool to grant privileges on.

hashtag
role_name [, ...]

One or more roles to which to grant the privileges.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Database Privileges

hashtag
Description

Grants database privileges to one or more roles.

hashtag
Arguments

hashtag
USAGE

Allow role to list and use the database. The role also requires additional privileges on schema as well as relations to use them.

hashtag
CREATE

Allow role to create schemas under the database.

hashtag
ALL PRIVILEGES

Grants all the privileges listed above to the role.

hashtag
database_name

The name of the database to granted privileges on.

hashtag
role_name [, ...]

One or more roles to grant the privileges to.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant the same privileges to other roles.

hashtag
Example

hashtag
Database Schema Privileges

hashtag
Description

Grants schema privileges to one or more roles.

hashtag
Arguments

hashtag
USAGE

Allow role to list and use the schemas. The role also has additional privileges on relations to use them.

hashtag
CREATE

Allow role to create relations under the schema.

hashtag
ALL PRIVILEGES

Grants all the privileges listed above to the role.

hashtag
schema_name

The qualified name of the schema to grant privileges on. This name can include a specific database name to form a fully-qualified name in the format of <database_name>.<schema_name>; otherwise the system uses the current database name in the session.

hashtag
role_name [, ...]

One or more roles to which to grant the privileges.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Example

hashtag
Store Privileges

hashtag
Description

Grants store privileges to one or more roles.

hashtag
Arguments

hashtag
USAGE

Allow role to list and use the store.

hashtag
store_name

The name of the store on which to grant privileges.

hashtag
role_name [, ...]

One or more roles to which to grant the privileges.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Example

hashtag
Descriptor Source Privileges

hashtag
Description

Grants descriptor source privileges to one or more roles.

hashtag
Arguments

hashtag
USAGE

Allow role to list and use the descriptor source.

hashtag
descriptor_source_name

The name of the descriptor source on which to grant privileges.

hashtag
role_name [, ...]

One or more roles to which to grant the privileges.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Example

hashtag
Relation Privileges

hashtag
Description

Grants relation privileges to one or more roles.

hashtag
Arguments

hashtag
SELECT

Allow role to create a query and use the relation as a source.

hashtag
INSERT

Allow role to create a query and use the relation as a sink.

hashtag
relation_name

The name of the relation to grant privileges on. Optionally, provide database and schema name for a fully-qualified relation name in the format of [<database_name>.<schema_name>.]<relation_name> — for example, db1.public.pageviews. Otherwise, the system uses the current database and schema to identify the relation.

hashtag
role_name [, ...]

One or more roles to which to grant the privileges.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Example

hashtag
Function Source Privileges

hashtag
Description

Grants function source privileges to one or more roles.

hashtag
Arguments

hashtag
USAGE

Allow role to list and use the runction source.

hashtag
function_source_name

The name of the function source on which to grant privileges.

hashtag
role_name [, ...]

One or more roles to which to grant the privileges.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Example

hashtag
Function Privileges

hashtag
Description

Grants function privileges to one or more roles.

hashtag
Arguments

hashtag
USAGE

Allow role to list and use the function.

hashtag
function_identifier

The name of the function on which to grant privileges.

hashtag
role_name [, ...]

One or more roles to which togrant the privileges.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Example

hashtag
Region Privileges

hashtag
Description

Grants region usage privileges to one or more roles.

By default, the public role is granted access to all regions. A role with the MANAGE_GRANTS privilege can grant the region USAGE privilege to other roles, or revoke it.

hashtag
Arguments

hashtag
USAGE

Allow role to list and use the region to create stores and launch queries.

hashtag
region_name

The name of the region on which to grant privileges.

hashtag
role_name [, ...]

One or more roles to which to grant the privileges.

hashtag
WITH GRANT OPTION

Grants privileges that allow the role to grant those same privileges to other roles.

hashtag
Example

PreviousGRANT OWNERSHIPNextGRANT ROLE

Last updated