1

I have a task on Snowflake that calls a stored procedure. This stored procedure has been defined as executed by the caller. The task which runs the stored procedure, in turn, has been created with role “A" but a few roles have also been granted ownership on this task.

Question: when the task runs and calls the stored procedure which role is actually calling the stored procedure if there are multiple roles that have ownership over the task?

Improve this question

1 Answer 1

Reset to default
2

If the stored procedure has been defined as EXECUTE AS CALLER, then it uses the role of the task, which corresponds to the role that owns that task.

There's no "multiple roles that have ownership over the task", as each object can have only one owner.

Relevant docs:

"Snowflake runs tasks with the privileges of the task owner (i.e. the role that has OWNERSHIP privilege on the task)"

https://docs.snowflake.com/en/user-guide/tasks-intro#understanding-the-system-service

"Each securable object is owned by a single role, which by default is the role used to create the object"

https://docs.snowflake.com/en/user-guide/security-access-control-overview

"A caller’s rights stored procedure runs with the database privileges of the role that called the stored procedure"

https://docs.snowflake.com/en/developer-guide/stored-procedure/stored-procedures-rights#privileges-on-database-objects

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.