createRole

Creates a new role in Snowflake. Roles are named entities to which privileges can be granted and are used to control access to database objects.

Note: Automatic rollback drops the role.

Note: This change type does not support database inspection features (snapshot, diff, diff-changelog, and generate-changelog commands).

Available attributes

Attribute	Type	Description	Required
`roleName`	String	Name of the role to create	Yes
`replaceIfExists`	Boolean	Replace the role if it exists using `OR REPLACE`*	No
`ifNotExists`	Boolean	Only create if the role doesn't exist using `IF NOT EXISTS`*	No
`comment`	String	Comment describing the role	No
`tags`	Nested	Key-value pairs of tags to apply	No

* replaceIfExists and ifNotExists are mutually exclusive

tags attributes

Key-value pairs of tags to apply to the role. Tags must exist before use.

Attribute	Type	Description	Required
`key`	String	Tag name	Yes
`value`	String	Tag value	Yes

<?xml version="1.0" encoding="UTF-8"?>
<databaseChangeLog
  xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
  xmlns:pro-snowflake="http://www.liquibase.org/xml/ns/pro-snowflake"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
        http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd
        http://www.liquibase.org/xml/ns/pro-snowflake
        http://www.liquibase.org/xml/ns/pro-snowflake/liquibase-pro-snowflake-latest.xsd">
  <!-- Basic role -->
  <changeSet id="create-role-basic" author="examples">
    <pro-snowflake:createRole roleName="DATA_ANALYST"/>
  </changeSet>
  <!-- Role with comment -->
  <changeSet id="create-role-with-comment" author="examples">
    <pro-snowflake:createRole
                roleName="ANALYTICS_TEAM_LEAD"
                replaceIfExists="true"
                comment="Analytics Team Lead - Full access to analytics schemas"/>
  </changeSet>
  <!-- Role with tags -->
  <changeSet id="create-role-with-tags" author="examples">
    <pro-snowflake:createRole
                roleName="SERVICE_ACCOUNT_ROLE"
                ifNotExists="true"
                comment="Service account role for API access">
      <pro-snowflake:tags>
        <pro-snowflake:entry key="environment" value="production"/>
        <pro-snowflake:entry key="owner" value="platform-team"/>
      </pro-snowflake:tags>
    </pro-snowflake:createRole>
  </changeSet>
</databaseChangeLog>

<?xml version="1.0" encoding="UTF-8"?>
<databaseChangeLog
  xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
  xmlns:pro-snowflake="http://www.liquibase.org/xml/ns/pro-snowflake"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
        http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd
        http://www.liquibase.org/xml/ns/pro-snowflake
        http://www.liquibase.org/xml/ns/pro-snowflake/liquibase-pro-snowflake-latest.xsd">
  <!-- Basic role -->
  <changeSet id="create-role-basic" author="examples">
    <pro-snowflake:createRole roleName="DATA_ANALYST"/>
  </changeSet>
  <!-- Role with comment -->
  <changeSet id="create-role-with-comment" author="examples">
    <pro-snowflake:createRole
                roleName="ANALYTICS_TEAM_LEAD"
                replaceIfExists="true"
                comment="Analytics Team Lead - Full access to analytics schemas"/>
  </changeSet>
  <!-- Role with tags -->
  <changeSet id="create-role-with-tags" author="examples">
    <pro-snowflake:createRole
                roleName="SERVICE_ACCOUNT_ROLE"
                ifNotExists="true"
                comment="Service account role for API access">
      <pro-snowflake:tags>
        <pro-snowflake:entry key="environment" value="production"/>
        <pro-snowflake:entry key="owner" value="platform-team"/>
      </pro-snowflake:tags>
    </pro-snowflake:createRole>
  </changeSet>
</databaseChangeLog>

createRole

Available attributes

tags attributes

XML example

JSON example

YAML example

SQL example