Getting Started with Organizations¶
This topic discusses how to work with organizations, including how to assign the ORGADMIN role to organization administrators.
Organization Creation¶
Snowflake customers never directly create an organization. For users who sign-up for a Snowflake account using the self-service option, an organization is automatically created with a system-generated name when the account is created. For entities who work directly with Snowflake personnel to set up accounts, Snowflake creates the organization to which the accounts belong using a custom name. In either case, users can create additional accounts that belong to the organization after it is created with the initial account.
Viewing the Name of Your Organization and Its Accounts¶
You can view the name of your organization and its accounts through the web interface or using SQL:
- SQL
Execute a SHOW ORGANIZATION ACCOUNTS command.
- Snowsight
Click Admin » Accounts. The organization name is listed above the account names.
Changing the Name of Your Organization¶
If you want to change the name of an organization, for example to change a system-generated name to a more user-friendly one, contact Snowflake Support.
Enabling the ORGADMIN Role for an Account¶
The ORGADMIN role is enabled for at least one account in an organization.
Because users with the ACCOUNTADMIN role can assign the ORGADMIN role to themselves or another user, it is recommended that only one account in the organization have the ORGADMIN role enabled in order to tightly control who can act as an organization administrator. If you want to enable the ORGADMIN role for an additional account, contact Snowflake Support.
Assigning the ORGADMIN Role to a User or Role¶
Once enabled in an account, the ORGADMIN role can be granted to any user or role in the account by an ACCOUNTADMIN using the GRANT ROLE command. For more information about system roles and best practices for managing access control, see Access Control Considerations.
Examples¶
-- Assume the ACCOUNTADMIN role
use role accountadmin;
-- Grant the ORGADMIN role to a user
grant role orgadmin to user <user_name>;
-- Grant ORGADMIN to a role
grant role orgadmin to role <role_name>;