I am unable to find the list of privilege's that are required -
1.) For a Role to create Row Access Policy 2.) Grant Usage on the Policy to a different Role 3.) Grant Modify on the Policy to a different Role
Need simple step by step example starting from DBADMIN.
Snowflake supports adding and dropping row access policies in a single SQL statement.
For a given resource (i.e. table or view), to ADD or DROP a row access policy you must have either the APPLY ROW ACCESS POLICY privilege on the schema, or the OWNERSHIP privilege on the resource and the APPLY privilege on the row access policy resource.
The APPLY privilege allows ADD and DROP operations for the Row Access Policies on a table or view, and executing the DESCRIBE operation on tables and views.
The OWNERSHIP privilege allows full control over the row access policy. This is required to alter most properties of a row access policy. Only a single role can hold this privilege on a specific object at a time.
USAGE privilege on the parent database and schema are also required.