- Schema:
GRANTS_TO_USERS View¶
This Account Usage view can be used to query the roles that have been granted to a user.
Columns¶
Column Name |
Data Type |
Description |
|---|---|---|
CREATED_ON |
TIMESTAMP_LTZ |
Time and date (in the UTC time zone) when the role is granted. |
DELETED_ON |
TIMESTAMP_LTZ |
Time and date (in the UTC time zone) when the role is revoked. |
ROLE |
VARCHAR |
Identifier for the role granted to the user. |
GRANTED_TO |
VARCHAR |
For this view, the value is |
GRANTEE_NAME |
VARCHAR |
Name of the user to whom the privilege is granted. |
GRANTED_BY |
VARCHAR |
Identifier for the role that granted the privilege. |
Usage Notes¶
Latency for the view may be up to 120 minutes (2 hours).
This view records current grants and historical grants, including grants that were revoked and granted again. When a single grant occurs and as long as it remains active (i.e. not revoked):
The view includes one row for the grant of the same role to the same user.
A regrant of the same role to the same user is not recorded as a new row. Instead, the DELETED_ON column remains NULL while the grant is active.
When a grant is revoked from the user, the DELETED_ON column for the grant is updated from NULL to the timestamp when the grant was revoked.
After revoking the role from the user, a grant of the same role to the same user is recorded in a new row. In this new row, the DELETED_ON column value is NULL because the grant is now active.