Snowflake provides many ways to secure sensitive data and one of the way is RBAC i.e. Role Based Access Control or RBAC Hierarchy which is easy to maintain and audit. Based on my understanding about this topic, I have prepared one close to Real time example where we are creating a multiple level hierarchy along with privileges ,assigned to the Roles based on their Business Functional portfolio.
As per the RBAC Hierarchy we have following scenario where we are maintaining multilevel hierarchy :
REPS : collection Representative who talks to the Customer to recover the amount.
These are Call center employees whose task is contact the customers who is having outstanding amount and are supposed to pay to their Invoices.
FLM : First Line Manager ,REPS reports to FLM. Every organization has hierarchy and here REPS reports to FLM for any escalation.
OPS: Operational Manager : FLM reports to OPS, so via the virtue of FLM OPS have full control on the objects governed by REPS.
Here we are maintaining three level of hierarchy where FLM reports to the OPS manager in case of any escalation arises in the process.
REPS have Read only privilege’s to the Tables. Orange color indicates READ privileges.
Recovery Team and Billing Team has Write/Insert privileges to the tables. They have UPDATE privileges on the table.
Support team : Along with Insert ,Have Update privilege’s on the tables.
OPS have all privileges i.e. INSERT,UPDATE,DELETE.
Please find below technical steps to achieve the above Scenario:
For Task Hierarchy Query, Click here.