Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Snowflake Exam ARA-R01 Topic 3 Question 31 Discussion

Actual exam question for Snowflake's ARA-R01 exam
Question #: 31
Topic #: 3
[All ARA-R01 Questions]

An Architect needs to grant a group of ORDER_ADMIN users the ability to clean old data in an ORDERS table (deleting all records older than 5 years), without granting any privileges on the table. The group's manager (ORDER_MANAGER) has full DELETE privileges on the table.

How can the ORDER_ADMIN role be enabled to perform this data cleanup, without needing the DELETE privilege held by the ORDER_MANAGER role?

Show Suggested Answer Hide Answer
Suggested Answer: C

This is the correct answer because it allows the ORDER_ADMIN role to perform the data cleanup without needing the DELETE privilege on the ORDERS table. A stored procedure is a feature that allows scheduling and executing SQL statements or stored procedures in Snowflake. A stored procedure can run with either the caller's rights or the owner's rights. A caller's rights stored procedure runs with the privileges of the role that called the stored procedure, while an owner's rights stored procedure runs with the privileges of the role that created the stored procedure. By creating a stored procedure that runs with owner's rights, the ORDER_MANAGER role can delegate the specific task of deleting old data to the ORDER_ADMIN role, without granting the ORDER_ADMIN role more general privileges on the ORDERS table. The stored procedure must include the appropriate business logic to delete only the records older than 5 years, and the ORDER_MANAGER role must grant the USAGE privilege on the stored procedure to the ORDER_ADMIN role.The ORDER_ADMIN role can then execute the stored procedure to perform the data cleanup12.


Snowflake Documentation: Stored Procedures

Snowflake Documentation: Understanding Caller's Rights and Owner's Rights Stored Procedures

by Renay at Apr 04, 2025, 01:38 AM

Limited Time Offer

25%

Off

Get Premium ARA-R01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Nancey
3 months ago
Wait, is the ORDER_MANAGER role allowed to own the procedure in the first place? Seems like a potential security risk. I'd go with option B to be on the safe side.
upvoted 0 times
...
Emiko
3 months ago
Haha, D is a classic 'this is not possible' answer. At least the question is giving us a real-world scenario to work with.
upvoted 0 times
Donte
2 months ago
Haha, D is a classic 'this is not possible' answer. At least the question is giving us a real-world scenario to work with.
upvoted 0 times
...
Nada
2 months ago
B) Create a stored procedure that can be run using both caller's and owner's rights (allowing the user to specify which rights are used during execution), and grant USAGE on this procedure to ORDER_ADMIN. The ORDER_MANAGER role owns the procedure.
upvoted 0 times
...
Ressie
2 months ago
A) Create a stored procedure that runs with caller's rights, including the appropriate '> 5 years' business logic, and grant USAGE on this procedure to ORDER_ADMIN. The ORDER_MANAGER role owns the procedure.
upvoted 0 times
...
...
Shelba
3 months ago
Ah, I see. Option A looks like it would work too, but having the ORDER_MANAGER own the procedure is a bit sketchy. I don't know, I'm torn between B and C.
upvoted 0 times
Junita
2 months ago
Yeah, I see your point. Option B does provide more flexibility. Let's go with that.
upvoted 0 times
...
Kimberlie
2 months ago
I agree, but having ORDER_MANAGER own the procedure does seem a bit risky. Option B gives more control over rights during execution.
upvoted 0 times
...
Sherell
3 months ago
I think Option A is the best choice. It allows ORDER_ADMIN to clean old data without needing DELETE privilege.
upvoted 0 times
...
...
Louisa
4 months ago
I think option C is the way to go. Keeping the business logic in the stored procedure and running it with the owner's rights is a cleaner approach.
upvoted 0 times
Arletta
2 months ago
True, but having the business logic centralized in the stored procedure, as in option C, can also help maintain consistency.
upvoted 0 times
...
Reyes
2 months ago
That's a good point. Having that flexibility could be useful in certain situations.
upvoted 0 times
...
German
2 months ago
But wouldn't it be better to have the flexibility of choosing between caller's and owner's rights, like in option B?
upvoted 0 times
...
Lillian
2 months ago
I agree, option C seems like the most secure way to handle this.
upvoted 0 times
...
Effie
2 months ago
True, it's important to consider both security and organization when granting permissions.
upvoted 0 times
...
Carisa
3 months ago
That's a good point, but I think having the business logic in the stored procedure itself, like in option C, is more organized.
upvoted 0 times
...
Naomi
3 months ago
But wouldn't it be better to have the flexibility of choosing rights during execution, like in option B?
upvoted 0 times
...
Selene
3 months ago
I agree, option C seems like the most secure way to handle this.
upvoted 0 times
...
...
Rose
4 months ago
I'm not sure about option A. Maybe we should consider option B as well, since it allows the user to specify rights during execution.
upvoted 0 times
...
Apolonia
4 months ago
I agree with Nikita. Option A seems like the most secure and efficient solution for this scenario.
upvoted 0 times
...
Oretha
4 months ago
Hmm, option B seems like the best choice here. Giving the ORDER_ADMIN users the ability to choose which rights to use during execution is a pretty neat solution.
upvoted 0 times
Santos
2 months ago
I see your point. It's important to consider the level of control given to ORDER_ADMIN.
upvoted 0 times
...
Alease
2 months ago
True, but with option B, ORDER_ADMIN can have more control over the execution rights.
upvoted 0 times
...
My
2 months ago
But wouldn't option A also work since it grants USAGE on the procedure to ORDER_ADMIN?
upvoted 0 times
...
Tuyet
3 months ago
I agree, option B sounds flexible and secure.
upvoted 0 times
...
Maryann
3 months ago
I see your point. Having the ability to choose rights during execution can be beneficial in this case.
upvoted 0 times
...
Amina
3 months ago
True, option A could work as well, but option B gives more control to the ORDER_ADMIN users.
upvoted 0 times
...
Kayleigh
3 months ago
But wouldn't option A also work since it grants USAGE on the procedure to ORDER_ADMIN?
upvoted 0 times
...
Michel
3 months ago
I agree, option B sounds like a flexible solution for this scenario.
upvoted 0 times
...
...
Nikita
4 months ago
I think option A is the best choice. It allows ORDER_ADMIN to clean old data without needing DELETE privilege.
upvoted 0 times
...

Save Cancel