0
0
Snowflakecloud~20 mins

Row access policies in Snowflake - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Row Access Policy Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Understanding Row Access Policy Behavior

In Snowflake, a row access policy is applied to a table to control which rows a user can see based on a condition. Suppose you have a row access policy that allows users to see only rows where the column region matches their assigned region.

What happens when a user queries the table without any row access policy applied?

AThe user sees only rows where region is NULL.
BThe user sees no rows because no policy restricts access.
CThe user sees all rows in the table regardless of region.
DThe query fails with an error about missing row access policy.
Attempts:
2 left
💡 Hint

Think about what happens if no restrictions are applied.

Configuration
intermediate
2:00remaining
Row Access Policy Syntax Validation

Which of the following Snowflake row access policy definitions is syntactically correct?

Assume the policy filters rows where department equals the current user's department.

Snowflake
CREATE ROW ACCESS POLICY dept_policy AS (department STRING) RETURNS BOOLEAN ->
  department = CURRENT_ROLE();
ACREATE ROW ACCESS POLICY dept_policy AS (department STRING) RETURNS BOOLEAN -> department = CURRENT_ROLE();
BCREATE ROW ACCESS POLICY dept_policy (department STRING) RETURNS BOOLEAN AS department = CURRENT_ROLE();
CCREATE ROW ACCESS POLICY dept_policy AS (department STRING) RETURNS BOOLEAN AS department = CURRENT_ROLE();
DCREATE ROW ACCESS POLICY dept_policy AS (department STRING) RETURNS BOOLEAN -> department == CURRENT_ROLE();
Attempts:
2 left
💡 Hint

Check the arrow syntax and comparison operator.

Architecture
advanced
2:00remaining
Designing Row Access Policies for Multi-Region Data

You manage a Snowflake table with sales data for multiple regions. You want to ensure that users can only see sales data for their assigned region. Which architecture best enforces this using row access policies?

ACreate a row access policy that filters rows where <code>region</code> equals the user's current role name, then apply it to the sales table.
BCreate one row access policy that checks if the <code>region</code> column matches the user's assigned region stored in a session variable, then apply it to the sales table.
CCreate separate tables for each region and grant access only to users assigned to those tables.
DUse a view that filters rows by region and grant users access to the view instead of the table.
Attempts:
2 left
💡 Hint

Consider how row access policies can use session variables for dynamic filtering.

security
advanced
2:00remaining
Row Access Policy Security Implications

Which of the following is a security risk when using row access policies in Snowflake?

AApplying a row access policy that uses a session variable that users can modify to bypass restrictions.
BUsing a row access policy that filters rows based on a fixed column value.
CApplying row access policies only on sensitive columns, not on the entire table.
DGranting users only SELECT privileges on the table with row access policies applied.
Attempts:
2 left
💡 Hint

Think about how users might manipulate session variables.

service_behavior
expert
2:00remaining
Row Access Policy Impact on Query Results

Given a Snowflake table employees with a row access policy that only allows rows where department = 'HR', what will be the result of this query by a user without any special roles?

SELECT COUNT(*) FROM employees;
AThe query fails with an access denied error.
BThe count of all rows in the employees table regardless of department.
CThe query returns zero because the user has no roles.
DThe count of only rows where department is 'HR'.
Attempts:
2 left
💡 Hint

Row access policies filter rows invisibly based on conditions.