View
You can provide configuration to Snowflake Object Lifecycle Engine for the following operation with view:
- Manage the grants of a view
Usage
We have introduced SOLE for Data Products as a new framework for SOLE to help you easily build an ecosystem of data products. The major difference is in how you define Snowflake objects in the configuration file.
Rather than having a grouped collection of objects, SOLE for Data Products goes for modular, self-describing, and explicit object definition.
Learn more about SOLE for Data Products, currently available as a private preview.
We have also introduced Data products as an extra layer on top of the data product platform capabilities making managing data products easier than ever. Learn more about Data Products, currently available as a private preview.
- Default Configuration
- Data Products Configuration
databases:
<database-name>:
schemas:
<schema-name>:
views:
<view-name>:
shares:
<privilege>:
- <share-name>
- <share-name>
grants:
<privilege>:
- <grant-name>
- <grant-name>
- view:
name: <view-name>
database: rel(database.<database-name>)
schema: rel(schema.<schema-name>)
shares:
<privilege>:
- rel(share.<share-name>)
- rel(share.<share-name>)
grants:
<privilege>:
- rel(role.<grant-name>)
- rel(role.<grant-name>)
Supported parameters
The engine supports the parameters listed below.
Configuration Key | Required/Optional | Data Types and Values | Description |
---|---|---|---|
grants | Optional | Map: See Supported View Grants to Roles | List of Privileges and Roles to which privileges are granted on the current view |
manage_mode | Optional | String: grants (default), none | Configures what properties to manage for the view |
shares | Optional | Map: See Supported View Grants to shares | List of shares to which privileges are granted |
Supported view grants to roles
Following are the privileges you can grant to roles in the view definition:
- ALL PRIVILEGES
- SELECT
- OWNERSHIP
When you define ALL PRIVILEGES in the SOLE configuration file, you grant all the privileges listed above to roles on this object except OWNERSHIP. However, the management of ALL PRIVILEGES in SOLE differs from its handling in Snowflake. See Handling ALL PRIVILEGES in SOLE for more information.
Supported view grants to shares
Following is the privilege you can grant to shares in the view definition:
- SELECT
Examples
- Default Configuration
- Data Products Configuration
databases:
SALES_RECORD:
schemas:
SALES:
view:
DEV_VIEW:
grants:
SELECT:
- HR_ROLE
- ACCOUNTADMIN
shares:
SELECT:
- DEV_SHARE
- view:
name: DEV_VIEW
database: rel(database.SALES_RECORD)
schema: rel(schema.SALES)
grants:
SELECT:
- rel(role.HR_ROLE)
- ACCOUNTADMIN
shares:
SELECT:
- rel(share.DEV_SHARE)