SHOW PASSWORD POLICIES¶
Lists password policy information, including the creation date, database and schema names, owner, and any available comments.
- See also:
Syntax¶
SHOW PASSWORD POLICIES [ LIKE '<pattern>' ]
[ IN
{
ACCOUNT |
DATABASE |
DATABASE <database_name> |
SCHEMA |
SCHEMA <schema_name> |
<schema_name>
APPLICATION <application_name> |
APPLICATION PACKAGE <application_package_name> |
}
]
Parameters¶
LIKE 'pattern'Optionally filters the command output by object name. The filter uses case-insensitive pattern matching, with support for SQL wildcard characters (
%and_).For example, the following patterns return the same results:
... LIKE '%testing%' ...... LIKE '%TESTING%' .... Default: No value (no filtering is applied to the output).
[ IN ... ]Optionally specifies the scope of the command. Specify one of the following:
ACCOUNTReturns records for the entire account.
DATABASE, .DATABASE db_nameReturns records for the current database in use or for a specified database (
db_name).If you specify
DATABASEwithoutdb_nameand no database is in use, the keyword has no effect on the output.SCHEMA, .SCHEMA schema_name, .schema_nameReturns records for the current schema in use or a specified schema (
schema_name).SCHEMAis optional if a database is in use or if you specify the fully qualifiedschema_name(for example,db.schema).If no database is in use, specifying
SCHEMAhas no effect on the output.
APPLICATION application_name, .APPLICATION PACKAGE application_package_nameReturns records for the named Snowflake Native App or application package.
Default: Depends on whether the session currently has a database in use:
Database:
DATABASEis the default (that is, the command returns the objects you have privileges to view in the database).No database:
ACCOUNTis the default (that is, the command returns the objects you have privileges to view in your account).
Access control requirements¶
A role used to execute this SQL command must have at least one of the following privileges at a minimum:
Privilege |
Object |
Notes |
|---|---|---|
APPLY PASSWORD POLICY |
Account |
|
OWNERSHIP |
Password policy |
OWNERSHIP is a special privilege on an object that is automatically granted to the role that created the object, but can also be transferred using the GRANT OWNERSHIP command to a different role by the owning role (or any role with the MANAGE GRANTS privilege). |
Note that operating on any object in a schema also requires the USAGE privilege on the parent database and schema.
For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.
For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.
For additional details on password policy DDL and privileges, see Managing password policies.
Usage notes¶
The command does not require a running warehouse to execute.
The value for
LIMIT rowscannot exceed10000. IfLIMIT rowsis omitted, the command results in an error if the result set is larger than 10K rows.To view results for which more than 10K records exist, either include
LIMIT rowsor query the corresponding view in the Snowflake Information Schema.
To post-process the output of this command, you can use the RESULT_SCAN function, which treats the output as a table that can be queried.
Example¶
SHOW PASSWORD POLICIES;
+---------------------------------+------------------------+------------+------------------------------------+---------+
| CREATED_ON | NAME | OWNER | COMMENT | options |
+---------------------------------+------------------------+------------+------------------------------------+---------+
| Fri, 10 Dec 2021 00:00:00 -0700 | PASSWORD_POLICY_PROD_1 | PROD_ADMIN | production account password policy | "" |
+---------------------------------+------------------------+------------+------------------------------------+---------+