When do Snowflake object owners lose their ability to make grant decisions?
When do Snowflake object owners lose their ability to make grant decisions?
Snowflake object owners lose their ability to grant privileges on their own objects when those objects reside in a managed access schema. In standard (non‑managed) schemas, object owners (roles holding the OWNERSHIP privilege on the object) can grant or revoke privileges. However, in a managed access schema—created via CREATE SCHEMA … WITH MANAGED ACCESS—only the schema owner (the role with OWNERSHIP on the schema) or any role with the global MANAGE GRANTS privilege can grant privileges on objects within that schema; individual object owners are no longer authorized to make grant decisions.