SHOW PRIVACY POLICIES¶

Syntax¶

SHOW PRIVACY POLICIES [ LIKE '<pattern>' ]
           [ IN
                {
                  ACCOUNT
                  | DATABASE [ <database_name> ]
                  | SCHEMA [ <schema_name> ]
                }
           ]

Parameters¶

LIKE 'pattern'

Optionally filters the command output by object name. The filter uses case-insensitive pattern matching, with support for SQL wildcard characters (% and _).

For example, the following patterns return the same results:

... LIKE '%testing%' ...

... LIKE '%TESTING%' ...

. Default: No value (no filtering is applied to the output).

[ IN ... ]

Optionally specifies the scope of the command. Specify one of the following:

ACCOUNT

Returns records for the entire account.

DATABASE, . DATABASE db_name

Returns records for the current database in use or for a specified database (db_name).

If you specify DATABASE without db_name and no database is in use, the keyword has no effect on the output.

SCHEMA, . SCHEMA schema_name, . schema_name

Returns records for the current schema in use or a specified schema (schema_name).

SCHEMA is optional if a database is in use or if you specify the fully qualified schema_name (for example, db.schema).

If no database is in use, specifying SCHEMA has no effect on the output.

Default: Depends on whether the session currently has a database in use:

• Database: DATABASE is the default (that is, the command returns the objects you have privileges to view in the database).

• No database: ACCOUNT is the default (that is, the command returns the objects you have privileges to view in your account).

Access control requirements¶

A role used to execute this SQL command must have at least one of the following privileges at a minimum:

Note that operating on any object in a schema also requires the USAGE privilege on the parent database and schema.

For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.

For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.

Usage notes¶

• Columns that start with the prefix is_ return either Y (yes) or N (no).

• The command does not require a running warehouse to execute.

• The command returns a maximum of 10K records for the specified object type, as dictated by the access privileges for the role used to execute the command; any records above the 10K limit are not returned, even with a filter applied.

  To view results for which more than 10K records exist, query the corresponding view (if one exists) in the Snowflake Information Schema.

• To post-process the output of this command, you can use the RESULT_SCAN function, which treats the output as a table that can be queried.

Examples¶

The following example lists the privacy policies that you have the privileges to view in the PRIVACY_POLICY_DB database:

USE DATABASE privacy_policy_db;
SHOW PRIVACY POLICIES;

+---------------------------------+----------------+-------------------------------------+-------------------------------------+----------------+--------------+---------+-----------------+---------+
| created_on                      | name           | database_name                       | schema_name                         | kind           | owner        | comment | owner_role_type | options |
|---------------------------------+----------------+-------------------------------------+-------------------------------------+----------------+--------------+---------+-----------------+---------|
| Fri, 23 Jun 2021 07:00:00 +0000 | MY_PRIV_POLICY | PRIVACY_POLICY_DB                   | PRIVACY_POLICY_SH                   | PRIVACY_POLICY | ACCOUNTADMIN |         | ROLE            |         |
+---------------------------------+----------------+-------------------------------------+-------------------------------------+----------------+--------------+---------+-----------------+---------+