0
0
Snowflakecloud~10 mins

Reader accounts for non-Snowflake users - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - Reader accounts for non-Snowflake users
Create Reader Account
Grant Access to Data
Share Data with Reader Account
Non-Snowflake User Connects
Access Shared Data
Use Data Without Full Snowflake Account
This flow shows how a reader account is created and shared with non-Snowflake users so they can access data without needing a full Snowflake account.
Execution Sample
Snowflake
CREATE READER ACCOUNT reader_acc;
CREATE SHARE my_share;
GRANT USAGE ON DATABASE shared_db TO SHARE my_share;
GRANT SELECT ON ALL TABLES IN SCHEMA shared_db.public TO SHARE my_share;
ALTER READER ACCOUNT reader_acc ADD SHARE my_share;
This code creates a reader account, creates a share, grants usage on the database to the share, grants select permissions on tables, and links the share to the reader account.
Process Table
StepActionResultNotes
1CREATE READER ACCOUNT reader_accReader account 'reader_acc' createdReader account is a special Snowflake account for external users
2CREATE SHARE my_shareShare 'my_share' createdShare is container for data to share
3GRANT USAGE ON DATABASE shared_db TO SHARE my_sharemy_share can use shared_dbAllows access to database objects
4GRANT SELECT ON ALL TABLES IN SCHEMA shared_db.public TO SHARE my_shareSelect granted on all tablesAllows read access to tables
5ALTER READER ACCOUNT reader_acc ADD SHARE my_sharemy_share linked to reader_accReader account can now access shared data
6Non-Snowflake user connects using reader_accUser accesses shared dataNo full Snowflake account needed
7User queries dataData returnedRead-only access confirmed
8EndProcess completeReader account enables external data access
💡 Reader account setup complete; non-Snowflake users can now access shared data read-only
Status Tracker
VariableStartAfter Step 1After Step 2After Step 3After Step 5Final
reader_accNoneCreatedCreatedCreatedLinked to shareActive with share access
my_shareNoneNoneCreatedDatabase addedLinked to reader_accActive and shared
shared_dbExistsExistsExistsAdded to shareAdded to shareShared with reader_acc
Key Moments - 3 Insights
Why does the reader account not need a full Snowflake license?
Because the reader account is a special account type that only allows read-only access to shared data, it does not require a full Snowflake user license. This is shown in execution_table rows 1 and 6.
How does the reader account get access to the data?
The share is granted usage on the database and the reader account is linked to the share. This is shown in execution_table rows 3 and 5.
Can the reader account modify the data it accesses?
No, the reader account only has SELECT permissions on the shared tables, so it can only read data, not modify it. This is shown in execution_table row 4.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, at which step is the share linked to the reader account?
AStep 5
BStep 3
CStep 2
DStep 4
💡 Hint
Check the 'Action' column for 'ALTER READER ACCOUNT' in the execution_table.
According to variable_tracker, what is the state of 'reader_acc' after Step 2?
ALinked to share
BOnly created
CCreated and granted DB usage
DInactive
💡 Hint
Look at the 'reader_acc' row and the 'After Step 2' column in variable_tracker.
If SELECT permission was not granted on the tables, what would happen when the non-Snowflake user queries data?
AUser would get read-only access anyway
BUser could modify data
CUser would get an error due to lack of permissions
DUser would create a new share
💡 Hint
Refer to execution_table row 4 about granting SELECT permissions.
Concept Snapshot
Reader accounts let non-Snowflake users access shared data without full accounts.
Create a reader account.
Create a share, grant USAGE on database and SELECT on tables to the share.
Link the share to the reader account.
Users connect via reader account for read-only access.
Full Transcript
This visual execution trace shows how to set up a Snowflake reader account for non-Snowflake users. First, a reader account is created. Then, a share is created. Usage on the database is granted to the share. SELECT permissions are granted on all tables in the schema to the share. The share is then linked to the reader account. Non-Snowflake users connect using this reader account and can query the shared data with read-only access. The variable tracker shows the state changes of the reader account, share, and database through these steps. Key moments clarify why reader accounts do not need full licenses, how access is granted, and that data modification is not allowed. The quiz questions test understanding of the linking step, variable states, and permission effects.