DATABASE ROLE
Last updated
Last updated
DATABASE_ROLE is intended to be used for only.
It is not a part of SnowDDL and should not be used to grant access outside of shares.
Config path: /<database>/database_role.yaml
Example:
{key} (ident) - database role name
{value} (dict)
grants (str)
{key} (str) - <object_type>:<privilege>
{value} (list)
{items} (ident) - full objects names or name patterns to grant privilege;
comment (str)
Data roles are processed only if at least one database role exists in config.
Grants created externally and matching Unix-style wildcard patterns will not be dropped if objects are not explicitly defined in config. It is an intentional workaround for lack of future grants on database roles used in shares.
All limitations related to command applies to database role grants. Please read it carefully.
It is possible to use for grant object names.