DEA-C02 Question #107: Real Exam Question with Answer & Explanation

Question

A Data Engineer runs the following sequence: use role ACCOUNTADMIN; create role ROLE1; grant role ROLE1 to role ACCOUNTADMIN; grant create database on account to role ROLE1; use role ROLE1; create database DB1; use role ACCOUNTADMIN; drop role ROLE1; Who is the owner of database DB1?

Options

• AThe deleted ROLE1 remains the owner of the DB1 database.
• BThe ACCOUNTADMIN becomes the owner of the DB1 database.
• CROLE1, because the role cannot be dropped as long as it owns the DB1 database.
• DDatabase has no owner.

Explanation

In Snowflake, a role that owns securable objects cannot be dropped - the DROP ROLE ROLE1 statement fails with an error because ROLE1 is the owner of DB1 (ownership is assigned to the role that executes CREATE DATABASE). Since the drop never succeeds, ROLE1 still exists and remains DB1's owner, making C correct.

Why the distractors fail:

• A is close but wrong in its premise - it assumes the role was successfully deleted, which it wasn't; the drop operation errors out.
• B is wrong because ACCOUNTADMIN only inherits ownership after an explicit GRANT OWNERSHIP transfer or after a successful role drop, neither of which occurred here.
• D is wrong because Snowflake always assigns an owner to every securable object; there is no ownerless state.

Memory tip: Think of it as a lease law - you can't evict a tenant who still holds the title to the property. Before dropping a role in Snowflake, you must first transfer (GRANT OWNERSHIP) or drop all objects that role owns.

No community discussion yet for this question.