BUSINESS ROLE
Config path: /business_role.yaml
Example:
Schema
{key} (ident) - business role name
{value} (dict)
schema_owner (list)
{items} (ident) - grant OWNERSHIP privileges for objects in schemas
schema_read (list)
{items} (ident) - grant READ privileges for objects in schemas
schema_write (list)
{items} (ident) - grant WRITE privileges for objects in schemas
warehouse_usage (list)
{items} (ident) - grant USAGE privileges for warehouses
warehouse_monitor (list)
{items} (ident) - grant MONITOR privileges for warehouses
tech_roles (list)
{items} (ident) - grant TECH ROLES
global_roles (list)
{items} (ident) - grant external roles created outside of SnowDDL (e.g.
FIVETRAN_ROLE
)
comment (str)
Usage notes
Schema names should be fully qualified (
<database>.<schema>
).Alternatively, it is possible to specify schema names as wildcards covering all schemas in specific database (
<database>.*
). It is helpful for databases with a large number of schemas, which require similar access patterns.Global roles are managed outside of SnowDDL and are applied without env prefix.
Links
Last updated