View

You can provide configuration to Snowflake Object Lifecycle Engine for the following operation with view:

• Manage the grants of a view

Usage

note

We have introduced SOLE for Data Products as a new framework for SOLE to help you easily build an ecosystem of data products. The major difference is in how you define Snowflake objects in the configuration file. Rather than having a grouped collection of objects, SOLE for Data Products goes for modular, self-describing, and explicit object definition.
Learn more about SOLE for Data Products, currently available as a private preview.

We have also introduced Data products as an extra layer on top of the data product platform capabilities making managing data products easier than ever. Learn more about Data Products, currently available as a private preview.

Default Configuration

databases:
  <database-name>:
    schemas:
      <schema-name>:
        views:
          <view-name>:
            shares:
              <privilege>:
                - <share-name>
                - <share-name>
            grants:
              <privilege>:
                - <grant-name>
                - <grant-name>

Data Products Configuration

- view:
    name: <view-name>
    database: rel(database.<database-name>)
    schema: rel(schema.<schema-name>)
    shares:
      <privilege>:
        - rel(share.<share-name>)
        - rel(share.<share-name>)
    grants:
      <privilege>:
        - rel(role.<grant-name>)
        - rel(role.<grant-name>)

Supported parameters

The engine supports the parameters listed below.

Configuration Key	Required/Optional	Data Types and Values	Description
grants	Optional	Map: See Supported View Grants to Roles	List of Privileges and Roles to which privileges are granted on the current view
manage_mode	Optional	String: grants (default), none	Configures what properties to manage for the view
shares	Optional	Map: See Supported View Grants to shares	List of shares to which privileges are granted

Supported view grants to roles

Following are the privileges you can grant to roles in the view definition:

• ALL PRIVILEGES
• SELECT
• OWNERSHIP

ALL PRIVILEGES handling

When you define ALL PRIVILEGES in the SOLE configuration file, you grant all the privileges listed above to roles on this object except OWNERSHIP. However, the management of ALL PRIVILEGES in SOLE differs from its handling in Snowflake. See Handling ALL PRIVILEGES in SOLE for more information.

Supported view grants to shares

Following is the privilege you can grant to shares in the view definition:

• SELECT

Examples

Default Configuration

databases:
  SALES_RECORD:
    schemas:
      SALES:
        view:
          DEV_VIEW:
            grants:
              SELECT:
                - HR_ROLE
                - ACCOUNTADMIN
            shares:
              SELECT:
                - DEV_SHARE

Data Products Configuration

- view:
    name: DEV_VIEW
    database: rel(database.SALES_RECORD)
    schema: rel(schema.SALES)
    grants:
      SELECT:
        - rel(role.HR_ROLE)
        - ACCOUNTADMIN
    shares:
      SELECT:
        - rel(share.DEV_SHARE)