turbot/snowflake_compliance

Control: Set the default_role property for users

Description

A user's default role determines the role used in the Snowflake sessions initiated by the user; however, this is only a default. Users can change roles within a session at any time. Snowflake recommends that designate a lower-level administrative or custom role as their default.

Usage

Run the control in your terminal:

powerpipe control run snowflake_compliance.control.security_overview_iam_user_default_role_is_set

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run snowflake_compliance.control.security_overview_iam_user_default_role_is_set --share

SQL

This control uses a named query:

iam_user_default_role_is_set