> ## Documentation Index
> Fetch the complete documentation index at: https://docs.firebolt.io/llms.txt
> Use this file to discover all available pages before exploring further.
## Submitting Feedback
If you encounter incorrect, outdated, or confusing documentation on this page, submit feedback:
POST https://docs.firebolt.io/feedback
```json
{
"path": "/overview/security/rbac/database-permissions/view-permissions",
"feedback": "Description of the issue"
}
```
Only submit feedback when you have something specific and actionable to report.
> Learn about the permissions that can be assigned to views in Firebolt, including controlling access to view data and managing view-level operations.
# View permissions
In Firebolt, **views** are objects that allow users to query data from one or more underlying tables or views. Permissions on these views determine who can interact with the view and what actions they can perform.
To interact with a view, roles must also have **USAGE** permissions on the parent schema and the parent database.
## View-level privileges
| Privilege | Description | GRANT Syntax | REVOKE Syntax |
| ----------------- | ---------------------------------------------- | -------------------------------------------------- | ----------------------------------------------------- |
| SELECT | Allows selecting data from a view. | `GRANT SELECT ON VIEW TO ;` | `REVOKE SELECT ON VIEW FROM ;` |
| MODIFY | Allows modifying and dropping a view. | `GRANT MODIFY ON VIEW TO ;` | `REVOKE MODIFY ON VIEW FROM ;` |
| ALL \[PRIVILEGES] | Grants all privileges over the view to a role. | `GRANT ALL ON VIEW TO ;` | `REVOKE ALL ON VIEW FROM ;` |
Views are created at the schema level. To grant privileges to create views, refer to the [schema-level privileges documentation](/overview/security/rbac/database-permissions/schema-permissions).
## Examples of granting view permissions
### SELECT permission
To allow querying data from a view, the role must have **SELECT** privileges on the view. Additionally, the **view owner** must have **SELECT** privileges on all underlying tables or views referenced within the view.
The following examples [grant](/reference-sql/commands/access-control/grant) the role `read_role` permission to query data from the `viewtest` view and ensure the `view_owner` has the necessary permission to read data from the `referenced_table` table, allowing the view to function correctly.
```sql theme={"theme":{"light":"github-light","dark":"github-dark"}}
-- Grant SELECT on the view to a user:
GRANT SELECT ON VIEW "viewtest" TO read_role;
-- Grant SELECT on the referenced table to the view owner:
GRANT SELECT ON TABLE "referenced_table" TO view_owner;
```
If the **view owner** loses access to any of these referenced objects, users with **SELECT** on the view will no longer be able to query it, even if their **SELECT** privilege remains.
You can use this owner rights model to implement **column-level** and **row-level security** by creating views that expose only specific columns or filter rows, then granting users `SELECT` on the view instead of the underlying table. For a detailed walkthrough, see [Using secure views](/guides/security/rbac-views-security).
### MODIFY permission
The following code example grants the role `developer_role` permission to alter or drop the `my_view` view:
```sql theme={"theme":{"light":"github-light","dark":"github-dark"}}
GRANT MODIFY ON VIEW my_view TO read_role;
```
### ALL permissions
The following code example grants the role `developer_role` with all permissions over the `my_view` view:
```sql theme={"theme":{"light":"github-light","dark":"github-dark"}}
GRANT ALL ON VIEW my_view TO read_role;
```