> ## Documentation Index
> Fetch the complete documentation index at: https://docs.firebolt.io/llms.txt
> Use this file to discover all available pages before exploring further.

<AgentInstructions>

## Submitting Feedback

If you encounter incorrect, outdated, or confusing documentation on this page, submit feedback:

POST https://docs.firebolt.io/feedback

```json
{
  "path": "/guides/security/ownership",
  "feedback": "Description of the issue"
}
```

Only submit feedback when you have something specific and actionable to report.

</AgentInstructions>

> Learn about object Ownership in Firebolt.

# Ownership

Ownership allows users to perform all operations on objects they created without having to manually grant privileges for these operations. This provides a smoother user experience because objects are immediately available to use once created. These operations include granting privileges on owned objects.

## Ownership Levels

Firebolt implements ownership at two distinct levels:

1. **Account-level ownership** — Applies to objects within an account
2. **Organization-level ownership** — Applies to objects at the organization level

These two ownership levels are isolated from each other— you cannot make a user the owner of an organization-level object, and you cannot make a login or service account the owner of an account-level object.

## Supported Object Types

### Account-Level Objects

The account-level object types that support ownership are:

* Role
* User
* Engine
* Database
* Schema
* Table
* View

### Organization-Level Objects

The organization-level object types that support ownership are:

* Organization
* Account
* Login
* Service Account
* Network Policy

## Viewing Current Owners

The current owner of an object can be viewed in the corresponding information\_schema view:

### Account-Level Objects

| Object   | View                                                                                                                                           |
| :------- | :--------------------------------------------------------------------------------------------------------------------------------------------- |
| Role     | [information\_schema.enabled\_roles](/reference-sql/information-schema/enabled-roles)                                                          |
| User     | [information\_schema.users](/reference-sql/information-schema/users)                                                                           |
| Database | [information\_schema.catalogs](/reference-sql/information-schema/catalogs)                                                                     |
| Engine   | [information\_schema.engines](/reference-sql/information-schema/engines)                                                                       |
| Schema   | [information\_schema.schemata](/reference-sql/information-schema/schemata)                                                                     |
| Table    | [information\_schema.tables](/reference-sql/information-schema/tables)                                                                         |
| View     | [information\_schema.views](/reference-sql/information-schema/views) or [information\_schema.tables](/reference-sql/information-schema/tables) |

<Note>
  Index ownership, shown in [information\_schema.indexes](/reference-sql/information-schema/indexes), will always show the table owner as an index's owner.
</Note>

### Organization-Level Objects

| Object          | View                                                                                        |
| :-------------- | :------------------------------------------------------------------------------------------ |
| Organization    | [information\_schema.organization](/reference-sql/information-schema/organization)          |
| Account         | [information\_schema.accounts](/reference-sql/information-schema/accounts)                  |
| Login           | [information\_schema.logins](/reference-sql/information-schema/logins)                      |
| Service Account | [information\_schema.service\_accounts](/reference-sql/information-schema/service-accounts) |
| Network Policy  | [information\_schema.network\_policies](/reference-sql/information-schema/network_policies) |

## Changing an Object's Owner

### Account-Level Objects

The owner of an account-level object may alter its ownership using the following syntax:

```sql theme={"theme":{"light":"github-light","dark":"github-dark"}}
ALTER <object type> <object name> OWNER TO <user_or_role>
```

Where `<user_or_role>` can be either a user name or a role name.

Examples:

```sql theme={"theme":{"light":"github-light","dark":"github-dark"}}
ALTER DATABASE db OWNER TO new_owner
ALTER ENGINE eng OWNER TO new_owner
ALTER ROLE r OWNER TO new_owner
ALTER USER u OWNER TO new_owner
ALTER SCHEMA public OWNER TO new_owner
ALTER TABLE t OWNER TO new_owner
ALTER VIEW v OWNER TO new_owner
```

### Organization-Level Objects

The owner of an organization-level object may alter its ownership using the following syntax:

```sql theme={"theme":{"light":"github-light","dark":"github-dark"}}
ALTER <object type> <object name> OWNER TO <identity>
```

Where `<identity>` refers to a login or service account.

Examples:

```sql theme={"theme":{"light":"github-light","dark":"github-dark"}}
ALTER ORGANIZATION my_organization OWNER TO "alice@acme.com"
ALTER ACCOUNT dev OWNER TO "alice@acme.com"
ALTER LOGIN "bob@acme.com" OWNER TO "alice@acme.com"
ALTER SERVICE ACCOUNT "machine_user" OWNER TO "alice@acme.com"
ALTER NETWORK POLICY "my_policy" OWNER TO "alice@acme.com"
```

## Dropping Objects with Ownership Relationships

### Dropping Users that Own Objects

Any objects owned by a user must first be dropped or have their owner changed before dropping the user.

<Note>
  A table owner can drop the table even if there are views referencing it that are not owned by the table's owner, using the `CASCADE` parameter to [DROP TABLE](/reference-sql/commands/data-definition/drop-table).
</Note>

### Dropping Logins or Service Accounts that Own Objects

Similarly, any organization-level objects owned by a login or service account must first be dropped or have their owner changed before dropping the login or service account.

## Managing Ownership in the Firebolt Workspace

You can use the user interface in the **Firebolt Workspace** to transfer ownership of objects as follows:

1. Log in to the [Firebolt Workspace](https://firebolt.go.firebolt.io/signup). If you don't yet have an account with Firebolt, you can sign up for one.
2. Select the Govern icon (<img src="https://mintcdn.com/firebolt/9sNth3Ot9OA4_h_K/assets/images/govern-icon.png?fit=max&auto=format&n=9sNth3Ot9OA4_h_K&q=85&s=bbfca79e9e552ca1fb3d19186c838681" alt="The icon to open the Govern Space." style={{"display": "inline", "margin-bottom": "0", "margin-top": "0", "width": "20px"}} width="54" height="55" data-path="assets/images/govern-icon.png" />) in the left navigation pane to open the **Govern Space**.
3. Select **Ownership** from the left navigation pane.
4. Select the three horizontal dots (...) to the right of the object that you want to transfer ownership of.
5. Select **Transfer ownership** from the drop-down list.
6. In the **Transfer ownership** window that opens, choose a new owner from the drop-down list.
7. Select the **Transfer ownership** button to confirm.

### Viewing all Objects Owned by a User

1. From the [Firebolt Workspace](https://firebolt.go.firebolt.io/signup), select the Govern icon (<img src="https://mintcdn.com/firebolt/9sNth3Ot9OA4_h_K/assets/images/govern-icon.png?fit=max&auto=format&n=9sNth3Ot9OA4_h_K&q=85&s=bbfca79e9e552ca1fb3d19186c838681" alt="The icon to open the Govern Space." style={{"display": "inline", "margin-bottom": "0", "margin-top": "0", "width": "20px"}} width="54" height="55" data-path="assets/images/govern-icon.png" />) in the left navigation pane to open the **Govern Space**.
2. Select **Users** from the left navigation pane.
3. Select the user from the **User Name** column.
4. Select the **Ownership** tab to view a list of objects owned by the selected user.

### Bulk Transferring or Deleting Objects Owned by a User

1. From the [Firebolt Workspace](https://firebolt.go.firebolt.io/signup), select the Govern icon (<img src="https://mintcdn.com/firebolt/9sNth3Ot9OA4_h_K/assets/images/govern-icon.png?fit=max&auto=format&n=9sNth3Ot9OA4_h_K&q=85&s=bbfca79e9e552ca1fb3d19186c838681" alt="The icon to open the Govern Space." style={{"display": "inline", "margin-bottom": "0", "margin-top": "0", "width": "20px"}} width="54" height="55" data-path="assets/images/govern-icon.png" />) in the left navigation pane to open the **Govern Space**.
2. Select **Users** from the left navigation pane.
3. Select the three horizontal dots (...) to the right of the user whose objects you want to transfer ownership of.
4. Select **Transfer ownership** from the drop-down list.
5. In the window that opens, select the checkboxes next to objects that you want to delete or transfer ownership of.
6. Select the **Delete object** or **Transfer ownership** button to apply changes.

<Note>
  Ownership transfer using the **Firebolt Workspace** is not available for `Schema`, `Table`, and `View` objects. These must be modified using SQL commands in the **Develop Workspace** or using the [Firebolt API](/reference-api).
</Note>

<Note>
  The Firebolt Workspace currently only supports managing ownership for account-level objects. Organization-level object ownership must be managed using SQL commands.
</Note>