DESCRIBE USER¶
描述 用户,包括用户属性的当前值和默认值。
DESCRIBE 可以缩写为 DESC。
语法¶
{ DESC | DESCRIBE } USER <name>
参数¶
name指定要描述的用户的标识符。
如果标识符包含空格或特殊字符,则整个字符串必须放在双引号内。放在双引号内的标识符也区分大小写。
有关更多信息,请参阅 标识符要求。
输出¶
命令的输出包括以下列,它们描述了对象的属性和元数据:
列 |
描述 |
|---|---|
|
属性名称(请参阅 用户的属性)。 |
|
属性的数据类型(例如, |
|
分配给属性的值。 |
|
属性的默认值。 |
property 列可以包含通知集成的以下属性:
属性 |
描述 |
|---|---|
|
用户的名称。 |
|
用户评论。 |
|
针对 Snowsight 中的用户显示的名称。 |
|
用户的类型。有关可能值的列表,请参阅 用户类型。 |
|
用户在登录系统时输入的名称。 |
|
用户的名字。 |
|
用户的中间名。 |
|
用户的姓氏。 |
|
用户的电子邮件地址。 |
|
模糊的用户密码。 |
|
If TRUE, the user is forced to change their password on next login (including their first/initial login) into the system. |
|
If TRUE, the user is locked out of Snowflake and cannot log back in. |
|
If TRUE, the user is locked by Snowflake. When a user is locked, they are unable to log in until the lock is removed. |
|
If TRUE, Snowflake Support is allowed to use the user or account. |
|
用户状态被设置为“已过期”且不再允许用户登录的天数。 |
|
在清除用户登录的临时锁定 之前的分钟数。 |
|
登录时默认为用户会话激活的虚拟仓库。 |
|
登录时默认为用户会话激活的命名空间(仅数据库或数据库和架构)。 |
|
登录时默认为用户会话激活的主要角色。 |
|
登录时在用户会话中处于活跃状态的辅助角色设置。 |
|
If TRUE, Duo is enabled for the user, which requires the user to use MFA (multi-factor authentication) when logging in. |
|
授权用于 Duo 的 ID。 |
|
用户的 默认 MFA 方法。 |
|
If TRUE, the user is enrolled in multi-factor authentication (MFA). |
|
If TRUE, the user has one or more programmatic access tokens. |
|
If TRUE, the user is configured to authenticate with workload identity federation. |
|
暂时绕过用户 MFA 要求 的分钟数。 |
|
暂时绕过为编程访问令牌制定网络策略要求 的分钟数。 |
|
RSA 用于 密钥对身份验证 的用户公钥。 |
|
用户 RSA 公钥的指纹。 |
|
上次为用户设置 RSA 公钥的日期和时间。 |
|
用户的第二个 RSA 公钥,供 密钥对轮换 期间使用。 |
|
用户的第二个 RSA 公钥的指纹。 |
|
上次为用户设置第二个 RSA 公钥的日期和时间。 |
|
上次为用户设置非 NULL 密码的日期和时间。如果未设置密码,则此属性的值为 NULL。 |
|
保留以供将来使用。 |
|
保留以供将来使用。 |
|
If TRUE, the user was imported from a global organization user. |
访问控制要求¶
单个用户可以通过执行此命令并指定自己的 name 来查看自己的属性。
要查看其他用户的属性,必须使用具有以下权限的角色:
权限 |
对象 |
备注 |
|---|---|---|
OWNERSHIP |
用户 |
有关创建具有指定权限集的自定义角色的说明,请参阅 创建自定义角色。
使用说明¶
用户对象属性
MINS_TO_BYPASS_NETWORK_POLICY定义用户可以在不遵守现有 :doc:` 网络策略 </user-guide/network-policies>` 的情况下访问 Snowflake 的分钟数。分钟数只能由 Snowflake 设置(默认值:NULL),旨在作为允许用户访问 Snowflake 的临时解决方法。要为此属性设置值,请联系 ` Snowflake 支持部门 `_。此命令不显示用户的会话实参默认值。请改用 SHOW PARAMETERS IN USER。
如果尚未设置密码,则用户对象属性
PASSWORD_LAST_SET_TIME默认为Null。292278994-08-17 07:12:55.807或1969-12-31 23:59:59.999的值指示在包含此行之前设置的密码。1969-12-31 23:59:59.999值还可以指示密码已过期,用户需要更改其密码。
To post-process the output of this command, you can use the pipe operator (
->>) or the RESULT_SCAN function. Both constructs treat the output as a result set that you can query.The output column names for this command are generated in lowercase. If you consume a result set from this command with the pipe operator or the RESULT_SCAN function, use double-quoted identifiers for the column names in the query to ensure that they match the column names in the output that was scanned. For example, if the name of an output column is
type, then specify"type"for the identifier.
示例¶
以下示例描述名为 my_user 的用户:
DESCRIBE USER my_user;
+--------------------------------------------+-------------------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------+
| property | value | default | description |
|--------------------------------------------+-------------------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------|
| NAME | JSMITH | null | Name |
| COMMENT | null | null | user comment associated to an object in the dictionary |
| DISPLAY_NAME | Jane Smith | null | Display name of the associated object |
| TYPE | PERSON | null | Type of the account, application package, data exchange, data exchange listing, replication group, secret, network rule, or user. |
| LOGIN_NAME | JSMITH | null | Login name of the user |
| FIRST_NAME | Jane | null | First name of the user |
| MIDDLE_NAME | null | null | Middle name of the user |
| LAST_NAME | Smith | null | Last name of the user |
| EMAIL | jane.smith@example.com | null | Email address of the user |
| PASSWORD | ******** | null | Password of the user |
| MUST_CHANGE_PASSWORD | false | false | User must change the password |
| DISABLED | false | false | Whether the entity is disabled |
| SNOWFLAKE_LOCK | false | false | Whether the user, account, or organization is locked by Snowflake |
| SNOWFLAKE_SUPPORT | false | false | Snowflake Support is allowed to use the user or account |
| DAYS_TO_EXPIRY | null | null | User record will be treated as expired after specified number of days |
| MINS_TO_UNLOCK | null | null | Temporary lock on the user will be removed after specified number of minutes |
| DEFAULT_WAREHOUSE | MY_WAREHOUSE | null | Default warehouse for this user |
| DEFAULT_NAMESPACE | MY_DB.MY_SCHEMA | null | Default database namespace prefix for this user |
| DEFAULT_ROLE | MY_ROLE | null | Primary principal of user session will be set to this role |
| DEFAULT_SECONDARY_ROLES | [] | [ALL] | The secondary roles will be set to all roles provided here. |
| EXT_AUTHN_DUO | false | false | Whether Duo Security is enabled as second factor authentication |
| EXT_AUTHN_UID | null | null | External authentication ID of the user |
| DEFAULT_MFA_METHOD | null | null | Default MFA method for the user |
| HAS_MFA | true | false | Whether the user is enrolled in multi-factor authentication |
| HAS_PAT | true | false | Whether the user has a programmatic access token |
| HAS_FEDERATED_WORKLOAD_AUTHENTICATION | false | false | Reserved for future use |
| MINS_TO_BYPASS_MFA | null | null | Temporary bypass MFA for the user for a specified number of minutes |
| MINS_TO_BYPASS_NETWORK_POLICY | null | null | Temporary bypass network policy on the user for a specified number of minutes |
| RSA_PUBLIC_KEY | ... | null | RSA public key of the user |
| RSA_PUBLIC_KEY_FP | SHA256:...= | null | Fingerprint of user's RSA public key. |
| RSA_PUBLIC_KEY_LAST_SET_TIME | null | null | The timestamp at which the RSA public key was last set for the user. Defaults to null if no RSA public key has been set yet. |
| RSA_PUBLIC_KEY_2 | ... | null | Second RSA public key of the user |
| RSA_PUBLIC_KEY_2_FP | SHA256:...= | null | Fingerprint of user's second RSA public key. |
| RSA_PUBLIC_KEY_2_LAST_SET_TIME | null | null | The timestamp at which the second RSA public key was last set for the user. Defaults to null if no second RSA public key has been set yet. |
| PASSWORD_LAST_SET_TIME | 2020-10-08 01:33:13.43 | null | The timestamp on which the last non-null password was set for the user. Default to null if no password has been set yet. |
| CUSTOM_LANDING_PAGE_URL | null | null | Reserved for future use |
| CUSTOM_LANDING_PAGE_URL_FLUSH_NEXT_UI_LOAD | false | false | Reserved for future use |
+--------------------------------------------+-------------------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------+