Medium severityaccess control
Power BI Refresh Error:
Snowflake GRANT OPTION Error (Insufficient Privileges to Grant)
What does this error mean?
A GRANT statement failed because the executing role does not have the WITH GRANT OPTION privilege on the object being granted, or the role is not the object owner.
Common causes
- 1A non-owner role attempting to GRANT a privilege it received without the WITH GRANT OPTION flag
- 2SECURITYADMIN or SYSADMIN is not the current role when performing object grants
- 3Stored procedure or TASK attempting to GRANT privileges without EXECUTE AS OWNER
- 4Sharing a database object with a share without owning the object
- 5Attempting to re-grant a privilege on an object that was granted to the role without GRANT OPTION
How to fix it
- 1Switch to the object owner role before issuing the GRANT: `USE ROLE <owner_role>`
- 2Or use SECURITYADMIN which can manage all grants: `USE ROLE SECURITYADMIN`
- 3If a stored procedure needs to GRANT privileges, define it with `EXECUTE AS OWNER`
- 4Grant the privilege WITH GRANT OPTION to the intermediate role: `GRANT SELECT ON TABLE t TO ROLE r WITH GRANT OPTION`
- 5Review role hierarchy with `SHOW GRANTS TO ROLE <role>` to understand current privilege chain