Just like every other field, data storage is also a very wide field, and one must understand the way he or she will be communicating to their server owners to ensure a smooth running of their operations. While using snowflake roles management, one must have some terminologies at the back of their mind, I am going to brief you on the most common words that are used while engaging with data storage. These include the following;
Just like the normal meaning, this could be a person or an application that utilizes some resources in the stored data. Right from the data owner, to their employees and even the data analysts they are all classified here. As an identity entity, it means that they have the ability to enter more data, edit the data, delete or transfer but can only perform these tasks when given access to do so. Some may just be given the right to view and do nothing to the stored data, and they are still classified as a user.
A Securable Object
Roles management in snowflake defines a securable object as an entity that can be granted or denied access to specific stored data. The securable objects are always owned by the owner who created them or the data owner, they clearly define who can access the secured object and who should not. The object may be a database, schema, warehouse, or even just a table.
From the normal knowledge, we understand a privilege as a special right that is made available only to a particular person or group of people towards something. This term is also used in Data storage and for the roles management in snowflake users, a privilege is allowing a part of account users or data access group to be able to read a certain part of the data that the rest of the group is denied access. The privilege can also grant the ability to edit, add or delete some of the already stored data.
In global data storage, when talking about the role, the meaning comes out slightly different from the English definition of the same word. A role is a term that refers to an entry that can be made to your stored data to create a privilege. It, therefore, means that privileges are declared as a role, a user can have access to certain restricted data when they have been given access through a role.