What is an advantage of using database roles instead of granting privileges on objects directly to a share in Snowflake?
What is an advantage of using database roles instead of granting privileges on objects directly to a share in Snowflake?
Using database roles in Snowflake allows for more control over object-level access for different user groups. Database roles can be assigned to different groups of users, providing precise access to the objects they need without changing the underlying privileges on the objects themselves. This enables granular permission settings and better management of user access rights.
But instead granting the shared database role allows the user to access only the subset of shared objects granted to the database role. The shared Database roles allow different groups of users in a data consumer account to access different subsets of the shared objects. https://community.snowflake.com/s/article/How-to-use-Database-Roles-in-a-Data-Share