SHOW PRIVACY POLICIES¶

Lists the privacy policies for which you have access privileges.

You can use this command to list the privacy policies in the current database and schema for the session, a specified database or schema, or your entire account.

See also:

CREATE PRIVACY POLICY , ALTER PRIVACY POLICY , DESCRIBE PRIVACY POLICY , DROP PRIVACY POLICY

Syntax¶

SHOW PRIVACY POLICIES [ LIKE '<pattern>' ]
           [ IN
                {
                  ACCOUNT
                  | DATABASE [ <database_name> ]
                  | SCHEMA [ <schema_name> ]
                }
           ]
Copy

Parameters¶

LIKE 'pattern'

Optionally filters the command output by object name. The filter uses case-insensitive pattern matching, with support for SQL wildcard characters (% and _).

For example, the following patterns return the same results:

... LIKE '%testing%' ...
... LIKE '%TESTING%' ...

. Default: No value (no filtering is applied to the output).

[ IN ... ]

Optionally specifies the scope of the command. Specify one of the following:

ACCOUNT

Returns records for the entire account.

DATABASE, . DATABASE db_name

Returns records for the current database in use or for a specified database (db_name).

If you specify DATABASE without db_name and no database is in use, the keyword has no effect on the output.

Note

Using SHOW commands without an IN clause in a database context can result in fewer than expected results.

Objects with the same name are only displayed once if no IN clause is used. For example, if you have table t1 in schema1 and table t1 in schema2, and they are both in scope of the database context you’ve specified (that is, the database you’ve selected is the parent of schema1 and schema2), then SHOW TABLES only displays one of the t1 tables.

SCHEMA, . SCHEMA schema_name

Returns records for the current schema in use or a specified schema (schema_name).

SCHEMA is optional if a database is in use or if you specify the fully qualified schema_name (for example, db.schema).

If no database is in use, specifying SCHEMA has no effect on the output.

Default: Depends on whether the session currently has a database in use:

  • Database: DATABASE is the default (that is, the command returns the objects you have privileges to view in the database).

  • No database: ACCOUNT is the default (that is, the command returns the objects you have privileges to view in your account).

Access control requirements¶

A role used to execute this SQL command must have at least one of the following privileges at a minimum:

Privilege

Object

Notes

APPLY PRIVACY POLICY

Account

APPLY

Privacy policy

OWNERSHIP

Privacy policy

OWNERSHIP is a special privilege on an object that is automatically granted to the role that created the object, but can also be transferred using the GRANT OWNERSHIP command to a different role by the owning role (or any role with the MANAGE GRANTS privilege).

The USAGE privilege on the parent database and schema are required to perform operations on any object in a schema.

For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.

For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.

Usage notes¶

  • The command doesn’t require a running warehouse to execute.

  • The command only returns objects for which the current user’s current role has been granted at least one access privilege.

  • The MANAGE GRANTS access privilege implicitly allows its holder to see every object in the account. By default, only the account administrator (users with the ACCOUNTADMIN role) and security administrator (users with the SECURITYADMIN role) have the MANAGE GRANTS privilege.

  • To post-process the output of this command, you can use the RESULT_SCAN function, which treats the output as a table that can be queried.

  • The command returns a maximum of ten thousand records for the specified object type, as dictated by the access privileges for the role used to execute the command. Any records above the ten thousand records limit aren’t returned, even with a filter applied.

    To view results for which more than ten thousand records exist, query the corresponding view (if one exists) in the Snowflake Information Schema.

Examples¶

The following example lists the privacy policies that you have the privileges to view in the PRIVACY_POLICY_DB database:

USE DATABASE privacy_policy_db;
SHOW PRIVACY POLICIES;
Copy
+---------------------------------+----------------+-------------------------------------+-------------------------------------+----------------+--------------+---------+-----------------+---------+
| created_on                      | name           | database_name                       | schema_name                         | kind           | owner        | comment | owner_role_type | options |
|---------------------------------+----------------+-------------------------------------+-------------------------------------+----------------+--------------+---------+-----------------+---------|
| Fri, 23 Jun 2021 07:00:00 +0000 | MY_PRIV_POLICY | PRIVACY_POLICY_DB                   | PRIVACY_POLICY_SH                   | PRIVACY_POLICY | ACCOUNTADMIN |         | ROLE            |         |
+---------------------------------+----------------+-------------------------------------+-------------------------------------+----------------+--------------+---------+-----------------+---------+
Language: English