Member-only story
Snowflake Privileges and Access Control
A Comprehensive Tutorial of Snowflake Privileges and Access Control
Intro
When I first started working with Snowflake, I was trying to figure out what was possible — what I could do. I started out setting up tables, then views, procedures, functions, pipes, stages, integrations, etc. Figuring out the feature set was most pressing for me, and privileges were a second thought.
Whenever I had to figure out the permissions to do something, I’d grant myself the permissions and away I’d go. This worked well for me and the few other people who were helping me incubate and test the product, but as we got closer to rolling out across our entire organization, I was uncomfortable with how messy our permissions had gotten.
So over Christmas vacation (Merry Christmas everybody!) I did a deep dive into Snowflake access control. One of the most difficult things was documenting which privilege allowed me to execute which statements.
This exercise has been really helpful for me to understand how I want to set up Snowflake permissions for my organization. If you want to skip to that, see how I set up Snowflake privileges.
This post is the result of my working through privileges, roles and permissions in Snowflake. I hope it’s helpful for you!