SVV_IAM_PRIVILEGES
Use SVV_IAM_PRIVILEGES to view explicitly granted IAM privileges on users, roles and groups.
SVV_IAM_PRIVILEGES is visible to the following users:
Superusers
Users with the ACCESS SYSTEM TABLE permission
Other users can only see entries they have access to.
Table columns
Column name | Data type | Description |
---|---|---|
iam_arn | text | Name of the namespace. |
command_type | text | Privilege types. Possible values are COPY, UNLOAD, CREATE MODEL, or EXTERNAL FUNCTION. |
identity_id | integer | Identity ID. Possible values are user ID, role ID, or group ID. |
identity_name | text | Identity name. |
identity_type | text | Identity type. Possible values are user, role, group, or public. |
Sample queries
The following example shows the results of SVV_IAM_PRIVILEGES.
SELECT * from SVV_IAM_PRIVILEGES ORDER BY IDENTITY_ID; iam_arn | command_type | identity_id | identity_name | identity_type ----------------------+--------------+-------------+---------------+--------------- default-aws-iam-role | COPY | 0 | public | public default-aws-iam-role | UNLOAD | 0 | public | public default-aws-iam-role | CREATE MODEL | 0 | public | public default-aws-iam-role | EXFUNC | 0 | public | public default-aws-iam-role | COPY | 106 | u1 | user default-aws-iam-role | UNLOAD | 106 | u1 | user default-aws-iam-role | CREATE MODEL | 106 | u1 | user default-aws-iam-role | EXFUNC | 106 | u1 | user default-aws-iam-role | COPY | 118413 | r1 | role default-aws-iam-role | UNLOAD | 118413 | r1 | role default-aws-iam-role | CREATE MODEL | 118413 | r1 | role default-aws-iam-role | EXFUNC | 118413 | r1 | role (12 rows)