manifest_version field
This field is added automatically to the manifest file when you release a new version of an application package.
Don’t include this field when creating a manifest file to include in an application package. Editing this field manually is not supported.
The manifest_version top level field (Integer, required) specifies the version
number of the manifest file.
For more information about versioning, see Package Versions in Declarative Sharing in the Native Application Framework.
application_content field
The application_content field (list, optional) defines bundled content declaratively shared by the app.
This field includes a single notebooks field:
application_content.notebooks.{named notebook} field
Each named notebook supports the following name value pairs:
main_file (string, required) the path to the interactive Python notebook (.ipynb) file, relative to the root of the package version.
comment (string, optional): A comment describing the notebook.
runtime_environment_version (string, optional): Specifies a particular runtime environment version
for the notebook execution context, if applicable within the platform.
roles (list, optional): A list of app roles that can grant access to the notebook, for example, [sales,marketing]. When this field is empty ([]) or omitted, then only app owners and roles with granted IMPORTED PRIVILEGES receive access. The included roles must be defined in the top-level roles field.
Note
The main_file path is always relative to the root of the package
version (the snow://package/<DECL_SHARE_APP_PKG>/versions/<version> prefix).
For example, if the full path to the notebook file is
snow://package/<DECL_SHARE_APP_PKG>/versions/LIVE/NOTEBOOK.ipynb,
then specify main_file as just NOTEBOOK.ipynb.
application_context example
In this example, a single notebook, salesbook, is defined using the
notebook file NOTEBOOK1.ipynb which uses the known runtime stable
and provides access to those granted either the sales or marketing roles.
application_content:
notebooks:
- salesbook:
roles: [sales, marketing]
main_file: NOTEBOOK1.ipynb
comment: Notebook1: Sales and marketing notebook
runtime_environment_version: stable
roles:
- sales:
- marketing:
roles field
The roles top level field (list, optional) defines a list of app roles. These roles allow app owners to provide access to shared objects in an app — such as schemas, tables, views, and notebooks — to their organization.
Each named role can optionally contain a comment, which appears as a description when the app owner lists the roles in the application.
These roles are referenced in the manifest by shared objects, at the named notebook, schema, table, view, or semantic_view level. For objects at the table, view, or semantic_view level, roles must also be specified at the schema level.
Note
All content in the manifest is accessible to the app owner, the ACCOUNTADMIN, and to roles that are granted IMPORTED PRIVILEGES to the app.
The object name defined in this manifest file is used for the runtime object resolution. If the provider changes the object name without updating the manifest file with a new version, consumers will lose access to the object.
roles example
roles:
- sales:
- marketing:
application_content:
notebooks:
- salesbook:
roles: [sales, marketing]
main_file: NOTEBOOK1.ipynb
comment: Sales and marketing notebook
shared_content:
databases:
- sales:
schemas:
- orders:
roles: [sales, marketing]
tables:
- january_2025: # App owners/assignees only
- february_2025:
roles: [sales] # Accessible to sales only
- march_2025:
roles: [marketing] # Accessible to marketing only
- customer_info:
schemas:
- customer_contact:
roles: [customer_support]
views:
- customer_address:
roles: [customer_support] # Accessible to customer_support
- customer_details:
roles: [] # App owners/assignees only
For more information about roles, see app roles.
shared_content field
The shared_content field (list, required) defines a list of databases declaratively shared by the app. Each database includes a list of named schemas. Each schema can include a list of named entities grouped by type.
This field includes a single databases field and an optional required_databases field:
shared_content.databases.{named database} field
Each named database supports the following name value pairs:
shared_content.required_databases.{named database} field
The required_databases field (list, optional) defines a list of databases that
are dependencies of the shared databases. These databases are referenced by
views in the shared databases, but are not shared directly. For more information
about managing cross-database dependencies, see Dependency databases: Managing cross-database references.
When your application shares data from multiple databases, you must explicitly list all
additional databases that are referenced by objects in your shared content under
the required_databases field. This ensures that the application can be
deployed successfully in other regions where these databases may not exist by
default.
Including a database in the required_databases field is similar to
referencing a database using the REFERENCE_USAGE privilege in traditional
Secure Data Sharing. For information about the REFERENCE_USAGE privilege and how
dependent databases are shared in traditional data sharing, see
Share data from multiple databases.
schemas.{named schema} field
Each named schema supports the following name value pairs:
tables (list, [OneOfRequired]): A list of named tables, which can include dynamic tables and Apache Iceberg tables.
views (list, [OneOfRequired]): A list of named views.
semantic_views (list, [OneOfRequired]): A list of named semantic views.
functions (list, [OneOfRequired]): A list of named user-defined functions (UDFs).
procedures (list, [OneOfRequired]): A list of named stored procedures.
cortex_agents (list, [OneOfRequired]): A list of named Cortex Agents.
roles (list, optional): A list of app roles that the objects in the schema can use, for example, [sales,marketing]. When this field is empty ([]) or omitted, then only app owners and roles with granted IMPORTED PRIVILEGES receive access. The included roles must be defined in the top-level roles field.
[OneOfRequired]
(1,2,3,4,5,6,7,8,9,10,11,12)
at least one of tables, views, semantic_views, functions, procedures, or cortex_agents is required.
Important
You must enforce schema separation between data objects (objects shared by reference: tables, views, and semantic_views) and logic objects (objects shared by copy: functions, procedures, and :cortex_agents). You can’t mix data and logic objects in the same schema.
tables.{named table} field
Each named standard table, dynamic table, and Apache Iceberg table (List, required [OneOfRequired] ) supports the following name value pair:
Note
To allow consumers to create streams on this shared object (for change data capture or incremental loading), you must enable CHANGE_TRACKING = TRUE on the source table in your provider account using standard SQL commands (for example, ALTER TABLE ... SET CHANGE_TRACKING = TRUE). This setting can’t be changed by the consumer on the shared object; it must be set on the source.
views.{named view} field
Each named view (List, required [OneOfRequired] ): supports the following name value pair:
Note
To allow consumers to create streams on this shared object (for change data capture or incremental loading), you must enable CHANGE_TRACKING = TRUE on the source table in your provider account using standard SQL commands (for example, ALTER TABLE ... SET CHANGE_TRACKING = TRUE). This setting can’t be changed by the consumer on the shared object; it must be set on the source.
semantic_views.{named semantic view} field
Each named semantic view (List, required [OneOfRequired] ): supports the following name value pair:
roles (list, optional): A list of app roles that can access the semantic view; for example, [sales]. Note that, when sharing a semantic view, its referenced tables or views must be shared as well. When this field is empty ([]) or omitted, then only app owners and roles with granted IMPORTED PRIVILEGES receive access. The included roles must be defined in the top-level roles field and included in the {named schema}.roles field.
functions.{named function} field
Each named function (List, required [OneOfRequired] ): supports the following name value pair:
procedures.{named procedure} field
Each named stored procedure (List, required [OneOfRequired] ): supports the following name value pair:
cortex_agents.{named cortex agent} field
Each named Cortex Agent (List, required [OneOfRequired] ): supports the following name value pair:
shared_content example
In this example, two databases are exposed: sales and customer_info.
Within these databases the orders.[january_2025|february_2025] tables are exposed
as well as the customer_contact.customer_address view.
Two required databases are also exposed: sales_projections and customer_analytics.
These databases can be referenced by views in the shared databases, but are not shared directly.
roles:
- sales:
- marketing:
shared_content:
required_databases:
sales_projections
customer_analytics
databases:
- sales:
schemas:
- orders:
roles: [sales, marketing]
tables:
- january_2025: # App owners/assignees only
- february_2025:
roles: [sales] # Accessible to sales only
- march_2025:
roles: [marketing] # Accessible to marketing only
- customer_info:
schemas:
- customer_contact:
roles: [customer_support]
views:
- customer_address:
roles: [customer_support] # Accessible to customer_support
- customer_details:
roles: [] # App owners/assignees only