An individual user. You must quote the identifier with back-ticks (`) due to the @ character.
A service principal, specified by its
applicationIdvalue. You must quote the identifier with back-ticks (`) due to the dash characters in the ID.
An identifier specifying a group of users or groups.
The root group to which all workspace level users belong.
The root group to which all account level users belong.
Workspace level principals are managed in each workspace.
They apply to all objects defined in the
You can also create and manage workspace level groups using the following statements:
-- Granting a privilege to the user email@example.com > GRANT SELECT ON TABLE t TO `firstname.lastname@example.org`; -- Granting a privilege to the service principal fab9e00e-ca35-11ec-9d64-0242ac120002 > GRANT SELECT ON TABLE t TO `fab9e00e-ca35-11ec-9d64-0242ac120002`; -- Revoking a privilege from the general public group. > REVOKE SELECT ON TABLE t FROM users; -- Transfering owbership of an object to `some_group` > ALTER SCHEMA some_schema OWNER TO some_group;