CREATE PROJECTION POLICY

Creates a new projection policy in the current/specified schema or replaces an existing projection policy.

After creating a projection policy, apply the projection policy to a table column using an ALTER TABLE … ALTER COLUMN command or a view column using the ALTER VIEW command.

See also:

Projection policy DDL reference

Syntax

CREATE [ OR REPLACE ] PROJECTION POLICY [ IF NOT EXISTS ] <name>
  AS () RETURNS PROJECTION_CONSTRAINT -> <body>
  [ COMMENT = '<string_literal>' ]
Copy

Parameters

name

Identifier for the projection policy; must be unique for your schema.

The identifier value must start with an alphabetic character and cannot contain spaces or special characters unless the entire identifier string is enclosed in double quotes (e.g. "My object"). Identifiers enclosed in double quotes are also case-sensitive.

For more details, see Identifier requirements.

body

SQL expression that determines whether to project a column.

The expression calls the internal PROJECTION_CONSTRAINT function to allow or prevent the projection of a column:

  • PROJECTION_CONSTRAINT(ALLOW => TRUE) — Allows the column to which the projection policy is attached to be projected.

  • PROJECTION_CONSTRAINT(ALLOW => FALSE) — Does not allow the column to which the projection policy is attached to be projected.

COMMENT = 'string_literal'

Adds a comment or overwrites an existing comment for the projection policy.

Access control requirements

A role used to execute this SQL command must have the following privileges at a minimum:

Privilege

Object

Notes

CREATE PROJECTION POLICY

Schema

The USAGE privilege on the parent database and schema are required to perform operations on any object in a schema.

For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.

For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.

For additional details on projection policy DDL and privileges, see Privileges and commands.

Usage notes

  • If you want to update an existing projection policy and need to see the current definition of the policy, run the DESCRIBE PROJECTION POLICY command or GET_DDL function.

  • Regarding metadata:

    Attention

    Customers should ensure that no personal data (other than for a User object), sensitive data, export-controlled data, or other regulated data is entered as metadata when using the Snowflake service. For more information, see Metadata fields in Snowflake.

Examples

Do not allow projecting a column:

CREATE OR REPLACE PROJECTION POLICY do_not_project AS ()
  RETURNS PROJECTION_CONSTRAINT ->
  PROJECTION_CONSTRAINT(ALLOW => false);
Copy

Project a column for the analyst custom role, otherwise do not project the column:

CREATE OR REPLACE PROJECTION POLICY project_analyst_only AS ()
  RETURNS PROJECTION_CONSTRAINT ->
    CASE
      WHEN CURRENT_ROLE() = 'ANALYST'
        THEN PROJECTION_CONSTRAINT(ALLOW => true)
      ELSE PROJECTION_CONSTRAINT(ALLOW => false)
    END;
Copy
Language: English