SVV_IAM_PRIVILEGES
Use SVV_IAM_PRIVILEGES to view explicitly granted IAM privileges on users, roles and groups.
SVV_IAM_PRIVILEGES is visible to the following users:
Superusers
Users with the ACCESS SYSTEM TABLE permission
Other users can only see entries they have access to.
Table columns
| Column name | Data type | Description |
|---|---|---|
| iam_arn | text | Name of the namespace. |
| command_type | text | Privilege types. Possible values are COPY, UNLOAD, CREATE MODEL, or EXTERNAL FUNCTION. |
| identity_id | integer | Identity ID. Possible values are user ID, role ID, or group ID. |
| identity_name | text | Identity name. |
| identity_type | text | Identity type. Possible values are user, role, group, or public. |
Sample queries
The following example shows the results of SVV_IAM_PRIVILEGES.
SELECT * from SVV_IAM_PRIVILEGES ORDER BY IDENTITY_ID; iam_arn | command_type | identity_id | identity_name | identity_type ----------------------+--------------+-------------+---------------+--------------- default-aws-iam-role | COPY | 0 | public | public default-aws-iam-role | UNLOAD | 0 | public | public default-aws-iam-role | CREATE MODEL | 0 | public | public default-aws-iam-role | EXFUNC | 0 | public | public default-aws-iam-role | COPY | 106 | u1 | user default-aws-iam-role | UNLOAD | 106 | u1 | user default-aws-iam-role | CREATE MODEL | 106 | u1 | user default-aws-iam-role | EXFUNC | 106 | u1 | user default-aws-iam-role | COPY | 118413 | r1 | role default-aws-iam-role | UNLOAD | 118413 | r1 | role default-aws-iam-role | CREATE MODEL | 118413 | r1 | role default-aws-iam-role | EXFUNC | 118413 | r1 | role (12 rows)