The system administrator (SYSADMIN) role includes the privileges to create warehouses, databases, and all database objects (schemas, tables, etc.). https://docs.snowflake.com/en/user-guide/security-access-control-considerations.html#:~:text=The%20system%20administrator%20(SYSADMIN)%20role,%2C%20tables%2C%20etc.).

The system administrator (SYSADMIN) role includes the privileges to create warehouses, databases, and all database objects (schemas, tables, etc.).

Sysadmin used to create databases and warehouses

B. SYSADMIN

Chat GPT is saying C While "SECURITYADMIN" is a recommended role for creating databases, it's essential to configure this role's privileges and restrictions appropriately, as well as consider any specific organizational policies and requirements related to database creation and administration.

Correct

B. SYSADMIN

Yes, sysadmin can create users. Sysadmin is effectively a superuser so it can create multiple objects. However, by least privileges principles, you really shouldn't be using these privileged accounts all the time. There is a reason the useradmin account exists - this is so more users with minimal privs can be created and used. https://docs.snowflake.com/en/user-guide/admin-user-management In the link above, it says "The USERADMIN system role can create users using SQL (CREATE USER). If you prefer to use a custom role for this purpose, grant the CREATE USER privilege on the account to this role.". This suggests to me that snowflake is recommending users be created with useradmin and not sysadmin.