Any objects created after the command is issued are owned by the role in use when the object is created.
https://docs.snowflake.com/en/sql-reference/sql/grant-ownership#
Each object has an owner, who can in turn grant access to that object. To own an object means that a role has the OWNERSHIP privilege on the object. Each securable object is owned by a single role, which by default is the role used to create the object. When this role is assigned to users, they effectively have shared control over the object. In a regular schema, the owner role has all privileges on the object by default, including the ability to grant or revoke privileges on the object to other roles.
https://docs.snowflake.com/en/user-guide/security-access-control-overview
To own an object means that a role has the OWNERSHIP privilege on the object. Each securable object is owned by a single role, which by default is the role used to create the object. When this role is assigned to users, they effectively have shared control over the object. In a regular schema, the owner role has all privileges on the object by default, including the ability to grant or revoke privileges on the object to other roles. In addition, ownership can be transferred from one role to another
https://docs.snowflake.com/en/user-guide/security-access-control-overview#securable-objects
It's an ambiguous question, if was
... automatically and "exclusively" owned by the user who created it.
Then is sure B but in this way, as long as that user has that role, he has the ownersiph of the objet can alter it and even drop it.
Can we assume a user as a credential you log in with & role is what you privilege to do
Also can we assume an object created by a role can be accessible to all users under the same role?
Discretionary Access Control (DAC): Each object has an owner, who can in turn grant access to that object.
Role-based Access Control (RBAC): Access privileges are assigned to roles, which are in turn assigned to users.
https://docs.snowflake.com/en/user-guide/security-access-control-overview.html
Each object has an owner, who can in turn grant access to that object. To own an object means that a role has the OWNERSHIP privilege on the object. Each securable object is owned by a single role, which by default is the role used to create the object. When this role is assigned to users, they effectively have shared control over the object. In a regular schema, the owner role has all privileges on the object by default, including the ability to grant or revoke privileges on the object to other roles.
https://docs.snowflake.com/en/user-guide/security-access-control-overview
If you create a table as ACCOUNTADMIN then the owner will be ACCOUNTADMIN. Then you can grant it to role but the owner won't change.
You can check is on the IU > Data > Databases > Then click on a table for example and the metadata show the user as owner.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Surbin
Highly Voted 2 years, 7 months agoMallikharjuna452
Most Recent 4 months agoKnightVictor
1 year, 5 months agoMayuri917233
1 year, 6 months agoisolated_sniper
1 year, 6 months agoBagvi
1 year, 8 months agoc0d3g
1 year, 8 months agoRaju039
1 year, 8 months agoalloshz11
1 year, 9 months agoMultiCloudIronMan
1 year, 9 months agoKarBiswa
1 year, 9 months agoBigDataBB
1 year, 10 months agoBala1802
1 year, 10 months agoSV1122
1 year, 10 months agoc0d3g
1 year, 8 months agobaig123
1 year, 11 months agoallthingsdata
2 years, 5 months agoaddixion
2 years, 7 months ago