Exam4Training

Which permission sets must be granted to this role?

There are two databases in an account, named fin_db and hr_db which contain payroll and employee data, respectively. Accountants and Analysts in the company require different permissions on the objects in these databases to perform their jobs. Accountants need read-write access to fin_db but only require read-only access to hr_db because the database is maintained by human resources personnel.

An Architect needs to create a read-only role for certain employees working in the human resources department.

Which permission sets must be granted to this role?
A . USAGE on database hr_db, USAGE on all schemas in database hr_db, SELECT on all tables in database hr_db
B . USAGE on database hr_db, SELECT on all schemas in database hr_db, SELECT on all tables in database hr_db
C . MODIFY on database hr_db, USAGE on all schemas in database hr_db, USAGE on all tables in database hr_db
D . USAGE on database hr_db, USAGE on all schemas in database hr_db, REFERENCES on all tables in database hr_db

Answer: A

Explanation:

To create a read-only role for certain employees working in the human resources department, the role needs to have the following permissions on the hr_db database:

USAGE on the database: This allows the role to access the database and see its schemas and objects.

USAGE on all schemas in the database: This allows the role to access the schemas and see their objects.

SELECT on all tables in the database: This allows the role to query the data in the tables.

Option A is the correct answer because it grants the minimum permissions required for a read-only role on the hr_db database.

Option B is incorrect because SELECT on schemas is not a valid permission. Schemas only support USAGE and CREATE permissions.

Option C is incorrect because MODIFY on the database is not a valid permission. Databases only support USAGE, CREATE, MONITOR, and OWNERSHIP permissions. Moreover, USAGE on tables is not sufficient for querying the data. Tables support SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, and OWNERSHIP permissions.

Option D is incorrect because REFERENCES on tables is not relevant for querying the data. REFERENCES permission allows the role to create foreign key constraints on the tables.

Reference:

https://docs.snowflake.com/en/user-guide/security-access-control-privileges.html#database-privileges

: https://docs.snowflake.com/en/user-guide/security-access-control-privileges.html#schema-privileges

: https://docs.snowflake.com/en/user-guide/security-access-control-privileges.html#table-privileges

Latest ARA-R01 Dumps Valid Version with 134 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Exit mobile version