Free Preparation Discussions
MENU
Snowflake ADA-C01 Exam - Topic 4 Question 43 Discussion
Topic #: 4
A Snowflake account is configured with SCIM provisioning for user accounts and has bi-directional synchronization for user identities. An Administrator with access to SECURITYADMIN uses the Snowflake UI to create a user by issuing the following commands:
use role USERADMIN;
create or replace role DEVELOPER_ROLE;
create user PTORRES PASSWORD = 'hello world!' MUST_CHANGE_PASSWORD = FALSE
default_role = DEVELOPER_ROLE;
The new user named PTORRES successfully logs in, but sees a default role of PUBLIC in the web UI. When attempted, the following command fails:
use DEVELOPER_ROLE;
Why does this command fail?
According to the Snowflake documentation1, creating a user with a default role does not automatically grant that role to the user. The user must be explicitly granted the role by the role owner or a higher-level role. Therefore, the USERADMIN role, which created the DEVELOPER_ROLE, needs to explicitly grant the DEVELOPER_ROLE to the new user PTORRES using the GRANT ROLE command. Otherwise, the user PTORRES will not be able to use the DEVELOPER_ROLE and will see the default role of PUBLIC in the web UI. Option A is incorrect because the DEVELOPER_ROLE does not need to be granted to SYSADMIN before user PTORRES can use the role. Option B is incorrect because the new role can take effect immediately after it is created and granted to the user, and does not depend on the USERADMIN role logging out. Option D is incorrect because the new role will not be affected by the identity provider synchronization, as it is created and managed in Snowflake.
Alana
1 day agoGlynda
7 days agoReid
12 days agoJulio
17 days agoMargo
22 days agoAmalia
27 days agoSocorro
1 month agoBillye
1 month agoPercy
1 month agoRoxane
2 months agoLera
2 months agoKayleigh
2 months agoTammara
2 months agoAmmie
2 months agoGary
3 months agoCordie
3 months agoEstrella
3 months agoJose
3 months agoGlory
2 months ago