Account
Configuration can be provided to Snowflake Object Lifecycle Engine for the following operation with Account:
- Manage Grants of current Account
Supported Parameters#
The engine supports the parameters listed below.
- ENVIRONMENT: Specify the environment in which the Account is managed. Regex can be provided as well.
- Configuration key:
environment - Data Type: String
- Configuration key:
- MANAGE_MODE: Configures what properties to manage for the Account.
- Configuration key:
manage_mode - Data Type: string
- Possible Values:
nonegrantsall(Default)
- Configuration key:
- GRANTS: List of Privileges and Roles to which privileges are granted to on the current Account.
- Configuration key:
grants - Data Type: Map
- Configuration key:
Basic syntax#
account: <configuration-key>: <value> grants: <privilege>: - <role-name> - <role-name>Supported Account Grants to Roles#
Following is the list of Privileges Grant to Roles that can be specified in the database definition
- ALL PRIVILEGES
- APPLY MASKING POLICY
- CREATE DATABASE
- CREATE INTEGRATION
- CREATE ROLE
- CREATE USER
- CREATE WAREHOUSE
- CREATE SHARE
- EXECUTE TASK
- IMPORT SHARE
- MANAGE GRANTS
- MONITOR EXECUTION
- MONITOR USAGE
Examples#
account: environment: PROD grants: create role: - SYSADMIN create user: - ACCOUNTADMIN