- Schema:
GRANTS_TO_ROLES view¶
This Account Usage view can be used to query access control privileges that have been granted to a role.
Columns¶
Column Name |
Data Type |
Description |
|---|---|---|
CREATED_ON |
TIMESTAMP_LTZ |
Date and time (in the UTC time zone) when the privilege is granted to the role. |
MODIFIED_ON |
TIMESTAMP_LTZ |
Date and time (in the UTC time zone) when the privilege is updated. |
PRIVILEGE |
VARCHAR |
Name of the privilege added to the role. |
GRANTED_ON |
VARCHAR |
Object kind, such as |
NAME |
VARCHAR |
Name of the object on which the privilege is granted. |
TABLE_CATALOG |
VARCHAR |
Name of the database for the current table or the name of the database that stores the instance of a class. |
TABLE_SCHEMA |
VARCHAR |
Name of the schema for the current table or the name of the schema that stores the instance of a class. |
GRANTED_TO |
VARCHAR |
Either |
GRANTEE_NAME |
VARCHAR |
Identifier for the recipient role, the role to which the privilege is granted, or the name of the Snowflake Native App object. |
GRANT_OPTION |
BOOLEAN |
|
GRANTED_BY |
VARCHAR |
Identifier for the role that granted the privilege, or the name of the Snowflake Native App object when there are grants to an application role. |
DELETED_ON |
TIMESTAMP_LTZ |
Date and time (in the UTC time zone) when the privilege is revoked. |
GRANTED_BY_ROLE_TYPE |
VARCHAR |
Either |
OBJECT_INSTANCE |
VARCHAR |
The fully-qualified name of the object that contains the instance role for a particular class in the format |
Usage notes¶
Latency for the view may be up to 120 minutes (2 hours).
The view does not contain grants to database roles from databases created from shares.
The view does not contain grants on dropped objects.
The view is updated periodically to include support for new objects. You can use a SHOW GRANTS TO ROLE command to list all the grants to a particular role.