ARA-C01 Question #63: Real Exam Question with Answer & Explanation

Question

A new user user_01 is created within Snowflake. The following two commands are executed: Command 1-> show grants to user user_01; Command 2 ~> show grants on user user 01; What inferences can be made about these commands?

Options

• ACommand 1 defines which user owns user_01
• BCommand 1 defines all the grants which are given to user_01 Command 2 defines which user
• CCommand 1 defines which role owns user_01
• DCommand 1 defines all the grants which are given to user_01 Command 2 defines which role

Explanation

The SHOW GRANTS command in Snowflake can be used to list all the access control privileges that have been explicitly granted to roles, users, and shares. The syntax and the output of the command vary depending on the object type and the grantee type specified in the command. In this question, the two commands have the following meanings: Command 1: show grants to user user_01; This command lists all the roles granted to the user user_01. The output includes the role name, the grantee name, and the granted by role name for each grant. This command is equivalent to show grants to user current_user if user_01 is the Command 2: show grants on user user_01; This command lists all the privileges that have been granted on the user object user_01. The output includes the privilege name, the grantee name, and the granted by role name for each grant. This command shows which role owns the user object user_01, as the owner role has the privilege to modify or drop the user object. Therefore, the correct inference is that command 1 defines all the grants which are given to user_01, and command 2 defines which role owns user_01.

No community discussion yet for this question.