bulkRevokePrivilegeFromShare

Revokes a privilege on all objects of a specific type within a schema from a Snowflake share. This is a bulk operation that removes the privilege from all objects matching the criteria.

Note: This change type does not support automatic rollback or database inspection features (snapshot, diff, diff-changelog, and generate-changelog commands).

Available attributes

Attribute	Type	Description	Required
`shareName`	String	Name of the share to revoke the privilege from	Yes
`objectType`	String	Type of objects to revoke privilege on*	Yes
`catalogName`	String	Name of the catalog (database) containing the schema	No
`schemaName`	String	Name of the schema containing the objects	Yes
`privilege`	String	Privilege to revoke: `SELECT` or `EVOLVE SCHEMA`	Yes

* Supported types: TABLE, EXTERNAL_TABLE, ICEBERG_TABLE, DYNAMIC_TABLE

<?xml version="1.0" encoding="UTF-8"?>
<databaseChangeLog
  xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
  xmlns:pro-snowflake="http://www.liquibase.org/xml/ns/pro-snowflake"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
        http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd
        http://www.liquibase.org/xml/ns/pro-snowflake
        http://www.liquibase.org/xml/ns/pro-snowflake/liquibase-pro-snowflake-latest.xsd">
  <!-- Revoke SELECT from all tables -->
  <changeSet id="bulk-revoke-tables" author="examples">
    <pro-snowflake:bulkRevokePrivilegeFromShare
                shareName="MY_SHARE"
                objectType="TABLE"
                catalogName="MY_DATABASE"
                schemaName="PUBLIC"
                privilege="SELECT"/>
  </changeSet>
  <!-- Revoke SELECT from all external tables -->
  <changeSet id="bulk-revoke-external-tables" author="examples">
    <pro-snowflake:bulkRevokePrivilegeFromShare
                shareName="MY_SHARE"
                objectType="EXTERNAL_TABLE"
                catalogName="MY_DATABASE"
                schemaName="STAGING"
                privilege="SELECT"/>
  </changeSet>
  <!-- Revoke SELECT from all iceberg tables -->
  <changeSet id="bulk-revoke-iceberg-tables" author="examples">
    <pro-snowflake:bulkRevokePrivilegeFromShare
                shareName="MY_SHARE"
                objectType="ICEBERG_TABLE"
                catalogName="MY_DATABASE"
                schemaName="LAKEHOUSE"
                privilege="SELECT"/>
  </changeSet>
  <!-- Revoke without catalog name (uses current database) -->
  <changeSet id="bulk-revoke-no-catalog" author="examples">
    <pro-snowflake:bulkRevokePrivilegeFromShare
                shareName="MY_SHARE"
                objectType="TABLE"
                schemaName="PUBLIC"
                privilege="SELECT"/>
  </changeSet>
</databaseChangeLog>

<?xml version="1.0" encoding="UTF-8"?>
<databaseChangeLog
  xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
  xmlns:pro-snowflake="http://www.liquibase.org/xml/ns/pro-snowflake"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
        http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd
        http://www.liquibase.org/xml/ns/pro-snowflake
        http://www.liquibase.org/xml/ns/pro-snowflake/liquibase-pro-snowflake-latest.xsd">
  <!-- Revoke SELECT from all tables -->
  <changeSet id="bulk-revoke-tables" author="examples">
    <pro-snowflake:bulkRevokePrivilegeFromShare
                shareName="MY_SHARE"
                objectType="TABLE"
                catalogName="MY_DATABASE"
                schemaName="PUBLIC"
                privilege="SELECT"/>
  </changeSet>
  <!-- Revoke SELECT from all external tables -->
  <changeSet id="bulk-revoke-external-tables" author="examples">
    <pro-snowflake:bulkRevokePrivilegeFromShare
                shareName="MY_SHARE"
                objectType="EXTERNAL_TABLE"
                catalogName="MY_DATABASE"
                schemaName="STAGING"
                privilege="SELECT"/>
  </changeSet>
  <!-- Revoke SELECT from all iceberg tables -->
  <changeSet id="bulk-revoke-iceberg-tables" author="examples">
    <pro-snowflake:bulkRevokePrivilegeFromShare
                shareName="MY_SHARE"
                objectType="ICEBERG_TABLE"
                catalogName="MY_DATABASE"
                schemaName="LAKEHOUSE"
                privilege="SELECT"/>
  </changeSet>
  <!-- Revoke without catalog name (uses current database) -->
  <changeSet id="bulk-revoke-no-catalog" author="examples">
    <pro-snowflake:bulkRevokePrivilegeFromShare
                shareName="MY_SHARE"
                objectType="TABLE"
                schemaName="PUBLIC"
                privilege="SELECT"/>
  </changeSet>
</databaseChangeLog>

bulkRevokePrivilegeFromShare

Available attributes

XML

JSON

YAML

SQL

More like this