An Architect needs to grant a group of ORDER_ADMIN users the ability to clean old data in an ORDERS table (deleting all records older than 5 years), without granting any privileges on the table. The group’s manager (ORDER_MANAGER) has full DELETE privileges on the table.
How can the ORDER_ADMIN role be enabled to perform this data cleanup, without needing the DELETE privilege held by the ORDER_MANAGER role?
To enable ORDER_ADMIN users to perform the data cleanup without granting them DELETE privileges, a stored procedure can be created that executes with the owner’s rights. This stored procedure would include the logic to delete records older than 5 years and be owned by the ORDER_MANAGER role, which has the necessary DELETE privileges. The ORDER_ADMIN role would then be granted USAGE on this stored procedure, allowing them to execute it without directly having DELETE privileges on the ORDERS table.
https://docs.snowflake.com/en/sql-reference/stored-procedures-rights#choosing-between-owner-s-rights-and-caller-s-rights
Tested and C is the correct answer
Answer is C and is validated