在非安全视图中共享数据

为了充分利用您共享的视图上的查询优化所带来的性能提升，您可以创建一个共享，让您与其他账户共享非安全视图。

创建一个允许非安全对象的共享

要共享非安全的视图，请创建一个允许非安全对象的共享。

例如，运行以下命令：

CREATE OR REPLACE SHARE allow_non_secure_views
 SECURE_OBJECTS_ONLY=FALSE
 COMMENT="Share views that require query optimization";

After you create a share that allows sharing views, use the GRANT <privilege> … TO SHARE command to grant a view to a share. For example, to grant a view named non_secure_view to the share, run the following:

GRANT SELECT ON VIEW non_secure_view TO SHARE allow_non_secure_views;

Alternatively, you can grant the SELECT privilege on the view to a database role, and then grant that database role to the share. For example, to grant SELECT privileges on the view non_secure_view to the database role performance_engineer and then grant the role to the share, run the following:

GRANT SELECT ON VIEW non_secure_view TO DATABASE ROLE performance_engineer;
GRANT DATABASE ROLE performance_engineer TO SHARE allow_non_secure_views;

转换现有共享以允许共享非安全视图

您可以将具有安全视图的现有共享转换为支持共享非安全视图的共享。

For example, to convert an existing share secure_views_only into one that supports sharing non-secure views, do the following:

1. Use the SHOW GRANTS command to determine which objects are granted to the share, and which accounts have access to the share, respectively:

   Copy codeExpand code block

   SHOW GRANTS TO SHARE secure_views_only;
   SHOW GRANTS OF SHARE secure_views_only;

   Show lessSee more

   Scroll to top

2. 要将现有共享转换为允许共享视图的共享，请执行以下操作：

   Copy codeExpand code block

   ALTER SHARE secure_views_only
    SET SECURE_OBJECTS_ONLY = FALSE,
    COMMENT = "Convert to allow sharing non-secure views that require
    query optimization";

   Show lessSee more

   Scroll to top

3. Optionally convert an existing secure view into a view. In this example, alter secure_view2 into a non-secure view:

   Copy codeExpand code block

   ALTER VIEW secure_view2 UNSET SECURE;

   Show lessSee more

   Scroll to top

For more details, see 将共享中的安全视图转换为非安全视图.

将共享中的安全视图转换为非安全视图

如果您想将现有的安全视图转换为视图，可以在将视图授予共享之前或之后进行。

要将共享中的现有安全视图转换为视图，必须满足以下条件：

• The secure view must only be granted to shares that are configured to allow sharing non-secure objects.
• 无法将安全视图授予以下各项：
  • Database roles granted to shares that do not allow sharing non-secure objects.
  • 不允许共享非安全对象的共享。

For example, for an existing secure view named high_performance_view, unset the SECURE property:

ALTER VIEW high_performance_view UNSET SECURE;

或者，您可以将安全视图重新创建为视图：

CREATE OR REPLACE VIEW high_performance_view WITH COPY GRANTS;

共享非安全对象的限制

如果您打算共享对象，请考虑以下事项：

• 在您创建一个共享并将 SECURE_OBJECTS_ONLY 属性设置为 FALSE 后，您无法取消设置此属性或将此属性设置为 TRUE。
• 您只能将非安全视图添加到已显式配置为允许非安全对象的共享中。

共享非安全视图的语法

CREATE [ OR REPLACE ] SHARE <name>
[ SECURE_OBJECTS_ONLY = <boolean> ]
[ COMMENT = '<string_literal>' ]

必填参数

name

指定共享的标识符；对于创建共享的账户来说必须唯一。

In addition, the identifier must start with an alphabetic character and cannot contain spaces or special characters unless the entire identifier string is enclosed in double quotes. For example, "My object". Identifiers enclosed in double quotes are also case-sensitive.

For more information about identifier requirements, see Identifier requirements.

可选参数

SECURE_OBJECTS_ONLY = boolean

指定是仅允许授予安全对象，还是也允许将非安全对象授予共享。

默认：True

COMMENT = 'string_literal'

为共享指定注释。

默认：无值

访问控制要求

For more information about access control requirements for Snowflake Secure Data Sharing specifically, see Enable non-ACCOUNTADMIN roles to perform data sharing tasks.

使用说明

• You cannot see the value of the SECURE_OBJECTS_ONLY property when you run SHOW SHARES. Use the COMMENT property to note the value of the SECURE_OBJECTS_ONLY property.
• The existing notes for CREATE SHARE also apply.

示例

For an example on how to create a share with non-secure views, see 创建一个允许非安全对象的共享.

For an example using ALTER SHARE, see 转换现有共享以允许共享非安全视图.