SHOW PRIVILEGES¶
Lists the privileges granted to an application.
Syntax¶
SHOW PRIVILEGES IN APPLICATION <name>
Parameters¶
nameSpecifies the name of the application.
Output¶
Specifies the privileges granted to an application.
Column |
Description |
|---|---|
privilege |
The name of the privilege as specified in the manifest file. |
description |
A description of the privilege, which is specified in the manifest file. For details, refer to Access control privileges. |
is_granted |
Specifies if the consumer has granted the privilege. |
is_grantable |
Specifies if the user running the command has an activated role that can grant this privilege |
Usage notes¶
The command doesn’t require a running warehouse to execute.
The command only returns objects for which the current user’s current role has been granted at least one access privilege.
The MANAGE GRANTS access privilege implicitly allows its holder to see every object in the account. By default, only the account administrator (users with the ACCOUNTADMIN role) and security administrator (users with the SECURITYADMIN role) have the MANAGE GRANTS privilege.
To post-process the output of this command, you can use the RESULT_SCAN function, which treats the output as a table that can be queried.