openapi: 3.0.0 servers: - description: Snowflake REST Server url: https://org-account.snowflakecomputing.com info: version: 0.0.1 title: Snowflake Database Role API description: The Snowflake Database Role API is a REST API that you can use to access, update, and perform certain actions on Database Role resource in a Snowflake database. contact: name: Snowflake, Inc. url: https://snowflake.com email: support@snowflake.com paths: /api/v2/databases/{database}/database-roles: get: summary: List Database Roles tags: - database-role description: List database roles operationId: listDatabaseRoles parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/showLimit - $ref: common.yaml#/components/parameters/fromName responses: '200': description: successful headers: X-Snowflake-Request-ID: $ref: common.yaml#/components/headers/X-Snowflake-Request-ID Link: $ref: common.yaml#/components/headers/Link content: application/json: schema: type: array items: $ref: '#/components/schemas/DatabaseRole' examples: Listdatabaseroles200Example: summary: Default listDatabaseRoles 200 response x-microcks-default: true value: - name: Example Title comment: example_value created_on: '2026-01-15T10:30:00Z' granted_to_roles: 10 granted_to_database_roles: 10 granted_database_roles: 10 owner: example_value owner_role_type: example_value '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK post: summary: Create a Database Role tags: - database-role description: Create a database role operationId: createDatabaseRole parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/createMode responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/DatabaseRole' examples: CreatedatabaseroleRequestExample: summary: Default createDatabaseRole request x-microcks-default: true value: name: Example Title comment: example_value created_on: '2026-01-15T10:30:00Z' granted_to_roles: 10 granted_to_database_roles: 10 granted_database_roles: 10 owner: example_value owner_role_type: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/databases/{database}/database-roles/{name}: delete: summary: Delete a Database Role tags: - database-role description: Delete a database role operationId: deleteDatabaseRole parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/ifExists responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/databases/{database}/database-roles/{name}:clone: post: summary: Create a New Database Role by Cloning From the Specified Resource tags: - database-role description: Create a new database role by cloning from the specified resource operationId: cloneDatabaseRole parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/createMode - name: targetDatabase description: Database of the target resource. Defaults to the source's database in: query required: false schema: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ example: example_value responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/DatabaseRoleClone' examples: ClonedatabaseroleRequestExample: summary: Default cloneDatabaseRole request x-microcks-default: true value: name: Example Title x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/databases/{database}/database-roles/{name}/grants: get: summary: List All Grants to the Role tags: - database-role description: List all grants to the role operationId: listGrants parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/showLimit responses: '200': description: successful headers: X-Snowflake-Request-ID: $ref: common.yaml#/components/headers/X-Snowflake-Request-ID Link: $ref: common.yaml#/components/headers/Link content: application/json: schema: type: array items: $ref: '#/components/schemas/Grant' examples: Listgrants200Example: summary: Default listGrants 200 response x-microcks-default: true value: - securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK post: summary: Grant Privileges to the Role tags: - database-role description: Grant privileges to the role operationId: grantPrivileges parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/name responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Grant' examples: GrantprivilegesRequestExample: summary: Default grantPrivileges request x-microcks-default: true value: securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/databases/{database}/database-roles/{name}/grants:revoke: post: summary: Revoke Grants From the Role tags: - database-role description: Revoke grants from the role operationId: revokeGrants parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/mode responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Grant' examples: RevokegrantsRequestExample: summary: Default revokeGrants request x-microcks-default: true value: securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/databases/{database}/database-roles/{name}/future-grants: get: summary: List All Future Grants to the Role tags: - database-role description: List all future grants to the role operationId: listFutureGrants parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/showLimit responses: '200': description: successful headers: X-Snowflake-Request-ID: $ref: common.yaml#/components/headers/X-Snowflake-Request-ID Link: $ref: common.yaml#/components/headers/Link content: application/json: schema: type: array items: $ref: '#/components/schemas/Grant' examples: Listfuturegrants200Example: summary: Default listFutureGrants 200 response x-microcks-default: true value: - securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK post: summary: Grant Future Privileges to the Role tags: - database-role description: Grant future privileges to the role operationId: grantFuturePrivileges parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/name responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Grant' examples: GrantfutureprivilegesRequestExample: summary: Default grantFuturePrivileges request x-microcks-default: true value: securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/databases/{database}/database-roles/{name}/future-grants:revoke: post: summary: Revoke Future Grants From the Role tags: - database-role description: Revoke future grants from the role operationId: revokeFutureGrants parameters: - $ref: common.yaml#/components/parameters/database - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/mode responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Grant' examples: RevokefuturegrantsRequestExample: summary: Default revokeFutureGrants request x-microcks-default: true value: securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK components: schemas: DatabaseRole: type: object description: A Snowflake database role properties: name: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Name of the database role example: Example Title comment: type: string description: User comment associated to an object in the dictionary example: example_value created_on: type: string format: date-time readOnly: true description: Date and time when the database role was created example: '2026-01-15T10:30:00Z' granted_to_roles: type: integer format: int64 readOnly: true description: How many roles this database role has been granted to example: 10 granted_to_database_roles: type: integer format: int64 readOnly: true description: How many database roles this database role has been granted to example: 10 granted_database_roles: type: integer format: int64 readOnly: true description: How many database roles this database role has been granted example: 10 owner: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ readOnly: true description: Role that owns the database role example: example_value owner_role_type: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ readOnly: true description: The type of role that owns the database role example: example_value required: - name DatabaseRoleClone: type: object properties: name: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Name of the database role example: Example Title required: - name Grant: type: object properties: securable: $ref: '#/components/schemas/Securable' description: Securable of the grant containing_scope: $ref: '#/components/schemas/ContainingScope' description: Containing scope of the grant securable_type: type: string description: Type of the securable to be granted. example: example_value grant_option: type: boolean description: If true, allows the recipient role to grant the privileges to other roles. example: true privileges: type: array items: type: string description: List of privileges to be granted. example: [] created_on: type: string format: date-time readOnly: true description: Date and time when the grant was created example: '2026-01-15T10:30:00Z' granted_by: type: string readOnly: true description: The role that granted this privilege to this grantee example: example_value required: - securable_type Securable: type: object properties: database: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Database name of the securable if applicable. example: example_value schema: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Schema name of the securable if applicable. example: example_value service: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Service name of the securable if applicable. example: example_value name: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Name of the securable if applicable. example: Example Title required: - name ContainingScope: type: object properties: database: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Database name of the securable scope if applicable. example: example_value schema: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Schema name of the securable scope if applicable. example: example_value required: - database securitySchemes: KeyPair: $ref: common.yaml#/components/securitySchemes/KeyPair ExternalOAuth: $ref: common.yaml#/components/securitySchemes/ExternalOAuth SnowflakeOAuth: $ref: common.yaml#/components/securitySchemes/SnowflakeOAuth security: - KeyPair: [] - ExternalOAuth: [] - SnowflakeOAuth: []