Permissions

Permissions are used to manage role based access and control privileges on entities in the target database. Available grantees (roles) and permissions are managed in CONFIG_ENTITY_PERMISSIONS.

See also:

• CONFIG_ENTITY_PERMISSIONS

Usage

Select a ROLE and one or several PERMISSIONS to grant to the role.

Set WITH GRANT OPTION: true if the grantee should be allowed to grant the given permission to others (default: false).

Notes

Check Export SQL/Entity SQL after defining permissions to see generated DDL.

Examples

Grant SELECT to READER role in Snowflake

Permission definition:

GRANTEE NAME: READER
PERMISSION 1: SELECT
WITH GRANT OPTION: false

DDL generated by Agile Data Engine:

GRANT SELECT ON pub.F_TRIP TO ROLE READER;

Grant SELECT to READER group in Amazon Redshift

Permission definition:

GRANTEE NAME: READER
PERMISSION 1: SELECT
WITH GRANT OPTION: false

DDL generated by Agile Data Engine:

GRANT SELECT ON pub.F_TRIP TO GROUP READER;

Grant SELECT to READER role in Azure SQL Database and Azure Synapse SQL

Permission definition:

GRANTEE NAME: READER
PERMISSION 1: SELECT
WITH GRANT OPTION: false

DDL generated by Agile Data Engine:

GRANT SELECT ON [pub].[F_TRIP] TO [READER];

Grant SELECT to reader@my_organization.com group in Google BigQuery

Permission definition:

GRANTEE NAME: READER
PERMISSION 1: SELECT
WITH GRANT OPTION: false (this option is not supported in Google BigQuery)

DDL generated by Agile Data Engine:

GRANT `roles/bigquery.dataViewer` ON pub.F_TRIP TO "group:reader@my_organization.com";