SHOW ROLES IN SERVICE¶
Lists all the service roles associated with a service. These are the roles defined in the service specification. For more information, see Managing access to service endpoints.
- See also:
Syntax¶
SHOW ROLES IN SERVICE <name>
Parameters¶
nameName of the service.
Access control requirements¶
A role used to execute this operation must have the following privileges at a minimum:
Privilege |
Object |
Notes |
|---|---|---|
USAGE |
Service |
For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.
For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.
Output¶
The command output provides the following columns:
Column |
Description |
|---|---|
|
Date and time when the service role was created |
|
Service role name |
|
Comment, if any, for the service role |
Usage notes¶
The command doesn’t require a running warehouse to execute.
The command only returns objects for which the current user’s current role has been granted at least one access privilege.
The MANAGE GRANTS access privilege implicitly allows its holder to see every object in the account. By default, only the account administrator (users with the ACCOUNTADMIN role) and security administrator (users with the SECURITYADMIN role) have the MANAGE GRANTS privilege.
To post-process the output of this command, you can use the RESULT_SCAN function, which treats the output as a table that can be queried.
Examples¶
List the service roles in the echo_service service.
SHOW ROLES IN SERVICE echo_service;
+-------------------------------+-------------------------+------------+
| created_on | name | comment |
+-------------------------------+-------------------------+------------+
| 2024-04-29 14:58:50.063 -0700 | ALL_ENDPOINTS_USAGE | |
+-------------------------------+-------------------------+------------+