问题
I am new to Snowflake. Is it possible to query Information schema views for eg, SCHEMATA, TABLES, COLUMNS for all tables in a snowflake Db without having select access to the underlying tables. The requirement is to create a user/account that only has access to query metadata of the snowflake Db and should not have a select access to the table data. Please advise.
回答1:
From the Snowflake documentation:
"The output of a view or table function depends on the privileges granted to the user’s current role. When querying an INFORMATION_SCHEMA view or table function, only objects for which the current role has been granted access privileges are returned."
In other words, you won't see the metadata for objects you do not have access to when you query the INFORMATION_SCHEMA views.
To workaround, you can use a role like ACCOUNTADMIN that has permissions to all tables and populate a new table with results from the desired INFORMATION_SCHEMA views. Then give your new role access to that table. You may be able to even setup a task in Snowflake to regularly update the table.
References:
- https://docs.snowflake.net/manuals/sql-reference/info-schema.html#general-usage-notes
- https://docs.snowflake.net/manuals/user-guide/tasks.html#executing-sql-statements-on-a-schedule-using-tasks
回答2:
I believe you won't see the object in information schema views. So you required privileges to access the object.
Many Thanks, Sriga
来源:https://stackoverflow.com/questions/58294920/snowflake-privileges-required-to-query-snowflake-information-schema-views