0
0
Snowflakecloud~5 mins

System-defined roles (ACCOUNTADMIN, SYSADMIN, etc.) in Snowflake - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is the ACCOUNTADMIN role in Snowflake?
ACCOUNTADMIN is the highest-level system-defined role in Snowflake. It has full control over all objects and operations in the account, including managing users, roles, and billing.
Click to reveal answer
beginner
What permissions does the SYSADMIN role have in Snowflake?
SYSADMIN can create and manage databases, schemas, and warehouses. It has full control over data objects but cannot manage users or roles unless granted additional privileges.
Click to reveal answer
beginner
Which Snowflake system-defined role is responsible for managing users and roles?
The SECURITYADMIN role manages users, roles, and grants. It controls access and security policies but does not manage data objects directly.
Click to reveal answer
beginner
True or False: The PUBLIC role in Snowflake has no privileges by default.
False. The PUBLIC role has some default privileges granted by Snowflake, such as USAGE on the SNOWFLAKE database and certain schemas. It is assigned to every user by default and can have additional privileges granted to it, which all users inherit.
Click to reveal answer
intermediate
Why should the ACCOUNTADMIN role be used sparingly?
Because ACCOUNTADMIN has full control over the entire Snowflake account, using it sparingly reduces the risk of accidental or malicious changes that could affect security or operations.
Click to reveal answer
Which Snowflake role can create warehouses and databases but cannot manage users by default?
ASECURITYADMIN
BACCOUNTADMIN
CSYSADMIN
DPUBLIC
Who has the highest level of control in a Snowflake account?
AACCOUNTADMIN
BSECURITYADMIN
CPUBLIC
DSYSADMIN
Which role manages user access and role grants in Snowflake?
APUBLIC
BSYSADMIN
CACCOUNTADMIN
DSECURITYADMIN
What is true about the PUBLIC role in Snowflake?
AIt is assigned to every user by default.
BIt can manage warehouses.
CIt has no privileges and cannot be assigned.
DIt is the highest privilege role.
Why is it important to limit use of ACCOUNTADMIN role?
AIt has limited privileges.
BIt has full control and misuse can cause serious issues.
CIt can only view data.
DIt cannot manage users.
Explain the main responsibilities of the ACCOUNTADMIN, SYSADMIN, and SECURITYADMIN roles in Snowflake.
Think about who controls data, who controls users, and who controls everything.
You got /3 concepts.
    Why should the PUBLIC role be carefully managed even though it is assigned to all users by default?
    Consider the impact of privileges given to everyone.
    You got /3 concepts.