SnowDDL
  • 👋Introduction
  • 🚩Getting started
  • 📋Main features
  • 🪤SnowDDL vs. Declarative DCM
  • In-depth guides
    • 👓Object identifiers
    • 📐Data types
    • 📦Object types
    • 🎭Role hierarchy
    • 🚧Permission model
    • 🔦Other guides
      • Administration user
      • Integrations
      • Inbound shares
      • Object OWNERSHIP
      • Safe & unsafe DDL
      • Dependency management
      • Short hash explained
      • Env Prefix explained
      • Team workflow
      • Limitations & workarounds
      • Fivetran
      • Airbyte
      • Encrypt user passwords
      • Iceberg Tables
  • Basic usage (CLI + YAML)
    • 💻CLI interface
    • 📦YAML configs
      • ACCOUNT PARAMETER
      • ACCOUNT POLICY
      • AGGREGATION POLICY
      • ALERT
      • AUTHENTICATION POLICY
      • BUSINESS ROLE
      • DATABASE
      • DYNAMIC TABLE
      • EVENT TABLE
      • EXTERNAL ACCESS INTEGRATION
      • EXTERNAL FUNCTION
      • EXTERNAL TABLE
      • FILE FORMAT
      • FUNCTION
      • HYBRID TABLE
      • ICEBERG TABLE
      • MASKING POLICY
      • MATERIALIZED VIEW
      • NETWORK POLICY
      • NETWORK RULE
      • PERMISSION MODEL
      • PIPE
      • PLACEHOLDER
      • PROCEDURE
      • PROJECTION POLICY
      • RESOURCE MONITOR
      • ROW ACCESS POLICY
      • SCHEMA
      • SECRET
      • SEQUENCE
      • SHARE (outbound)
      • STAGE
      • STAGE FILE
      • STREAM
      • TABLE
      • TASK
      • TECHNICAL ROLE
      • USER
      • VIEW
      • WAREHOUSE
    • 🏷️YAML placeholders
    • 📬YAML tag !include
    • 🔐YAML tag !decrypt
  • Single DB
    • 🦀Overview
  • Advanced usage (Python)
    • ⚙️Programmatic config
    • 🐍Architecture overview
      • 🔵Blueprints
      • 🟣Config
      • 🟠Parsers
      • 🟢Resolvers
      • 🔴Engine
    • 🏗️Query builder & formatter
  • Breaking changes log
    • 0.45.0 - March 2025
    • 0.41.0 - January 2025
    • 0.37.0 - December 2024
    • 0.36.0 - November 2024
    • 0.33.0 - October 2024
    • 0.27.0 - May 2024
  • Links
    • GitHub repository
    • PyPI package
    • YouTube tutorials
    • Changelog
    • LinkedIn profile
Powered by GitBook
On this page
  • Schema
  • Usage notes
  • Links
  1. Basic usage (CLI + YAML)
  2. YAML configs

SHARE (outbound)

Config path: /outbound_share.yaml

Example:

test_share:
  accounts:
    - SFSALESSHARED.SFC_SAMPLES_AWS_EU_WEST_2
  grants:
    DATABASE:USAGE:
      - test_db
    SCHEMA:USAGE:
      - test_db.test_schema
    TABLE:SELECT:
      - test_db.test_schema.*
    FUNCTION:USAGE:
      - test_db.test_schema.test_secure_udf(varchar)

  comment: Test share

Schema

  • {key} (ident) - share name

  • {value} (dict)

    • accounts (list)

      • {items} (ident) - identifiers of consumer accounts: <organization>.<account>.

    • grants (str)

      • {key} (str) - <object_type>:<privilege>

      • {value} (list)

        • {items} (ident) - full objects names or name patterns to grant privilege;

    • share_restrictions (bool) - should be set to false in order to create SHARE from Business Critical account to accounts with lower edition;

    • comment (str)

Usage notes

  1. Outbound shares are processed if at least one share exists in config.

  2. Parameter share_restrictions requires additional privilege: OVERRIDE SHARE RESTRICTIONS.

  3. Grants created externally and matching Unix-style wildcard patterns will not be dropped if objects are not explicitly defined in config. It is an intentional workaround for lack of future grants on shares.

Links

PreviousSEQUENCENextSTAGE

Last updated 15 days ago

All changes to outbound shares are and should be reviewed carefully, since it may expose data from your account to 3rd parties.

Outbound shares require additional privileges for : IMPORT SHARE, CREATE SHARE.

All limitations related to command applies to grants. Please read it carefully.

It is possible to use for grant object names.

📦
"unsafe"
SnowDDL administration user
GRANT ... TO SHARE
Unix-style wildcard patterns
CREATE SHARE
ALTER SHARE
Override share restrictions
Data providers
Parser & JSON Schema (GitHub)