Enabling Sharing from a Business Critical Account to a non-Business Critical Account

By default, Snowflake does not allow sharing data from a Business Critical to a non-Business Critical account (For more information, see Snowflake Editions).

Snowflake provides the OVERRIDE SHARE RESTRICTIONS global privilege which is granted to the ACCOUNTADMIN role by default.

The OVERRIDE SHARE RESTRICTIONS global privilege can be granted to other roles (system-defined or custom). Then, users with the role can enable/disable the SHARE_RESTRICTIONS parameter for their provider account.

When the parameter is disabled, a Business Critical provider account can add a consumer account (with Non-Business Critical edition) to a share.

In this Topic:

Considerations

  • The privilege can be granted by users with the ACCOUNTADMIN role.

  • The OVERRIDE SHARE RESTRICTIONS privilege cannot be regranted.

  • You must set the SHARE_RESTRICTIONS parameter each time you are adding a new non-Busuness Critical consumer account to the share belonging to a Business Critical provider.

Granting the OVERRIDE SHARE RESTRICTIONS Privilege to Another Role

To grant OVERRIDE SHARE RESTRICTIONS to a role, use the ACCOUNTADMIN role and the GRANT <privileges> … TO ROLE command.

Syntax:

GRANT OVERRIDE SHARE RESTRICTIONS ON ACCOUNT TO ROLE <role_name>

Where:

<role_name> is the role to which the privilege is granted.

For example:

-- grant the privilege to the SYSADMIN role
use role accountadmin;
grant override share restrictions on account to role sysadmin;

-- SYSADMIN can now add a consumer account to a share with the SHARE_RESTRICTIONS parameter set to false
use role sysadmin;
alter share <share_name> add accounts = <consumer_account_name> SHARE_RESTRICTIONS=false;