PROJECTION POLICY

Config path: /<database>/<schema>/projection_policy/<name>.yaml

Example:

body: |-
  CASE WHEN IS_ROLE_IN_SESSION('SYSADMIN') THEN PROJECTION_CONSTRAINT(ALLOW => true)
       ELSE PROJECTION_CONSTRAINT(ALLOW => true)
  END

references:
  - object_type: TABLE
    object_name: test_table_1
    column: id

  - object_type: VIEW
    object_name: test_view_1
    column: id

comment: my projection policy

Schema

  • body (str) - policy SQL expression

  • references (dict)

    • object_type (str) - reference object type (e.g. TABLE, VIEW)

    • object_name (ident) - reference object name

    • column (ident) - reference column name

  • comment (str)

Usage notes

  1. Management of projection policies requires active warehouse due to unavoidable POLICY_REFERENCES table function calls.

  2. Make sure to allow projections for role SYSADMIN, especially if projection policy is being applied to views. Otherwise SnowDDL will have to re-create VIEW on every run due to inability to verify column data types. Example of check: CASE WHEN IS_ROLE_IN_SESSION('SYSADMIN') THEN PROJECTION_CONSTRAINT(ALLOW => true) ELSE ... END

  3. Parameter references is deprecated since 0.33.0. Use policy reference parameters directly in TABLE or VIEW configs instead.

Last updated