Here the answer should be SECURITYADMIN as it is parent of USERADMIN (which is the correct answer)
More details: https://docs.snowflake.com/en/user-guide/security-access-control-considerations
Attention
By default, when your account is provisioned, the first user is assigned the ACCOUNTADMIN role. This user should then create one or more additional users who are assigned the USERADMIN role. All remaining users should be created by the user(s) with the USERADMIN role or another role that is granted the global CREATE USER privilege.
the answear is D because the ACCOUNTADMIN in the snowflake documentation its "Role that encapsulates the SYSADMIN and SECURITYADMIN system-defined roles" , also in documentation USERADMIN is "Role that is dedicated to user and role management only."
The question is flawed. The correct role for creating and managing users and roles in Snowflake is USERADMIN, which is not listed among the answer choices.
While SECURITYADMIN can assign roles and manage grants, --->it cannot create users<--- (guys, be careful with this!!!!!).
The only listed role that technically can create users is ACCOUNTADMIN, but using it for routine user management is not a best practice—it's overly privileged and should be reserved for account-level administration only.
Conclusion:
If USERADMIN is not an option, the only technically correct choice is D. ACCOUNTADMIN, even though the question is poorly constructed and encourages bad practice.
ORGADMIN manages operations at the organizational level
ACCOUNTADMIN performs administrative functions
SECURITYADMIN creates and manages users and roles, and manages grants
USERADMIN creates users and roles
SYSADMIN creates and manages databases, schemas, and warehouses
PUBLIC is available to all users, but (by default) cannot do anything but log in
TYPES OF ROLES:
SYSTEM ROLES:
● ORGADMIN manages operations at the organizational level
● ACCOUNTADMIN performs administrative functions
● SECURITYADMIN creates and manages users and roles, and manages grants
● USERADMIN creates users and roles
● SYSADMIN creates and manages databases, schemas, and warehouses
● PUBLIC is available to all users, but (by default) cannot do anything but log in
CUSTOM ROLES:
● Created by the SECURITYADMIN or USERADMIN based on a company's desired hierarchy
● Custom roles generally "roll up" to the SYSADMIN role
B. SECURITYADMIN
The SECURITYADMIN role is specifically designed to handle security-related tasks, including the creation and management of users and roles. This role has the necessary privileges to manage all aspects of user and role administration, which is essential for maintaining a secure and well-managed Snowflake environment.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
blazingliverbird
Highly Voted 3 years, 5 months agoc0d3g
Highly Voted 2 years, 4 months agohoussam_ben
Most Recent 3 weeks, 4 days agotardigradum
1 month, 1 week ago84d4057
1 month, 2 weeks agodbairfan
2 months, 3 weeks agoYayi123
3 months agoPrasantSadangi
3 months, 1 week agotharangaweer
5 months agohotflake
11 months agoMallikharjuna452
11 months, 3 weeks agopranalig
1 year agoPrashantGupta1616
1 year, 1 month agoJasMozai
1 year, 1 month agoAnireddySaikiranReddy
1 year, 4 months ago_yyukta
1 year, 4 months agoengo
1 year, 5 months ago