This table provides information on Cirro roles.
Column Name Type Length Nullable Contents
UUID VARCHAR 512 true Universally Unique Identifier. A system generated value that serves as the primary key for the table.
ROLEID VARCHAR 512 true Unique ID for the role.
GRANTEE VARCHAR 512 true User receiving the role membership.
GRANTOR VARCHAR 512 true User granting the role membership.
WITHADMINOPTION VARCHAR 512 true Whether the permission is granted with the ADMIN OPTION.
ISDEF VARCHAR 512 true ISDEF distinguishes between Role Definition if true and a Role Grant (Role Assignment) if false.
LASTUPDATEDATE DATE 10 true The date the role membership was granted or updated.
EXTERNALNAME VARCHAR 512 true n/a

Cirro Roles

These are the built-in Cirro Roles.

Cirro has several built-in roles which enable permissions to cirro objects and target systems.

Role Description
Public All users belong to the Public Role which enables login. No permission to cirro objects and target systems. Default privileges associated with PUBLIC role are CONNECT, SET DESCRIBE and SELECT (on metadata tables). These can be changed by a system administrator, but it is not recommended. The PUBLIC role cannot be dropped.
secure_connect Execute only Passthrough SQL
federated_read_only Execute Federated Queries
federated_read_write Execute Federated Queries, DDL, and DML
data_migrator Manage and Execute Data Projects
cirro_admin Administrator