/
App Ownership Change

App Ownership Change

New Syntax

There's a new (yet undocumented) syntax available for assigning a database role to an application:

GRANT DATABASE ROLE db.dbr TO APPLICATION app;

This allows direct delegation of access through a database role to a Native Application, providing finer control over object permissions.

Managed Access + Future Grants

By combining:

  • Managed access schemas

  • Future grants

  • Setting OWNERSHIP to a database role

you can ensure that both the Native App and Snowflake users are able to manage objects (like tables) in a custom database and schema.

This enables use cases such as:

  • Modifying tables created by the app

  • Applying clustering, retention, compression settings, etc.

Example: CLUSTER BY via Snowflake User

Even though the table was created by the Native App, a Snowflake user was able to modify it using appropriate privileges via the database role:

ALTER TABLE ZVG_TEST1.GP1.ZVG_TAB1_M CLUSTER BY(MANDT, CARRID, CONNID, FLDATE);

Benefits

  • Flexibility to manage Native App–created objects

  • Easier tuning and optimization (e.g., clustering)

  • Shared ownership model between app and users

The GRANT DATABASE ROLE ... TO APPLICATION syntax is currently not documented in the official Snowflake documentation. Use cautiously in testing or prototyping environments.