To interact with a view, roles must also have USAGE permissions on the parent schema and the parent database.
View-level privileges
| Privilege | Description | GRANT Syntax | REVOKE Syntax |
|---|---|---|---|
| SELECT | Allows selecting data from a view. | GRANT SELECT ON VIEW <view_name> TO <role_name>; | REVOKE SELECT ON VIEW <view_name> FROM <role_name>; |
| MODIFY | Allows modifying and dropping a view. | GRANT MODIFY ON VIEW <view_name> TO <role_name>; | REVOKE MODIFY ON VIEW <view_name> FROM <role_name>; |
| ALL [PRIVILEGES] | Grants all privileges over the view to a role. | GRANT ALL ON VIEW <view_name> TO <role_name>; | REVOKE ALL ON VIEW <view_name> FROM <role_name>; |
Examples of granting view permissions
SELECT permission
To allow querying data from a view, the role must have SELECT privileges on the view. Additionally, the view owner must have SELECT privileges on all underlying tables or views referenced within the view. The following examples grant the roleread_role permission to query data from the viewtest view and ensure the view_owner has the necessary permission to read data from the referenced_table table, allowing the view to function correctly.
If the view owner loses access to any of these referenced objects, users with SELECT on the view will no longer be able to query it, even if their SELECT privilege remains.
MODIFY permission
The following code example grants the roledeveloper_role permission to alter or drop the my_view view:
ALL permissions
The following code example grants the roledeveloper_role with all permissions over the my_view view: