Take advantage of SNOWFLAKE role hierarchies to align access to database objects with business functions in your organization.
✅ In a role hierarchy, roles are granted to other roles to form an inheritance relationship.
✅ Permissions granted to roles at a lower level are inherited by roles at a higher level.
✅ For optimal flexibility in controlling access to database objects, create a combination of object access roles with different permissions on objects and assign them as appropriate to functional roles.
✅ Grant permissions on database objects or account objects (such as warehouses) to access roles. (My personal preference is to grant permissions on warehouses to the functional role, this makes more sense to me, as a parent functional role will have one or more child access roles.)
✅ Grant access roles to functional roles to create a role hierarchy. These roles correspond to the business functions of your organization and serve as a catch-all for any access roles required for these functions.
