Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Snowflake Exam ARA-R01 Topic 3 Question 31 Discussion

Actual exam question for Snowflake's ARA-R01 exam
Question #: 31
Topic #: 3
[All ARA-R01 Questions]

An Architect needs to grant a group of ORDER_ADMIN users the ability to clean old data in an ORDERS table (deleting all records older than 5 years), without granting any privileges on the table. The group's manager (ORDER_MANAGER) has full DELETE privileges on the table.

How can the ORDER_ADMIN role be enabled to perform this data cleanup, without needing the DELETE privilege held by the ORDER_MANAGER role?

Show Suggested Answer Hide Answer

Contribute your Thoughts:

Nancey
1 months ago
Wait, is the ORDER_MANAGER role allowed to own the procedure in the first place? Seems like a potential security risk. I'd go with option B to be on the safe side.
upvoted 0 times
...
Emiko
1 months ago
Haha, D is a classic 'this is not possible' answer. At least the question is giving us a real-world scenario to work with.
upvoted 0 times
Ressie
17 days ago
A) Create a stored procedure that runs with caller's rights, including the appropriate '> 5 years' business logic, and grant USAGE on this procedure to ORDER_ADMIN. The ORDER_MANAGER role owns the procedure.
upvoted 0 times
...
...
Shelba
1 months ago
Ah, I see. Option A looks like it would work too, but having the ORDER_MANAGER own the procedure is a bit sketchy. I don't know, I'm torn between B and C.
upvoted 0 times
Junita
7 days ago
Yeah, I see your point. Option B does provide more flexibility. Let's go with that.
upvoted 0 times
...
Kimberlie
13 days ago
I agree, but having ORDER_MANAGER own the procedure does seem a bit risky. Option B gives more control over rights during execution.
upvoted 0 times
...
Sherell
1 months ago
I think Option A is the best choice. It allows ORDER_ADMIN to clean old data without needing DELETE privilege.
upvoted 0 times
...
...
Louisa
2 months ago
I think option C is the way to go. Keeping the business logic in the stored procedure and running it with the owner's rights is a cleaner approach.
upvoted 0 times
But wouldn't it be better to have the flexibility of choosing between caller's and owner's rights, like in option B?
upvoted 0 times
...
Lillian
5 days ago
I agree, option C seems like the most secure way to handle this.
upvoted 0 times
...
Effie
8 days ago
True, it's important to consider both security and organization when granting permissions.
upvoted 0 times
...
Carisa
1 months ago
That's a good point, but I think having the business logic in the stored procedure itself, like in option C, is more organized.
upvoted 0 times
...
Naomi
1 months ago
But wouldn't it be better to have the flexibility of choosing rights during execution, like in option B?
upvoted 0 times
...
Selene
2 months ago
I agree, option C seems like the most secure way to handle this.
upvoted 0 times
...
...
Rose
2 months ago
I'm not sure about option A. Maybe we should consider option B as well, since it allows the user to specify rights during execution.
upvoted 0 times
...
Apolonia
2 months ago
I agree with Nikita. Option A seems like the most secure and efficient solution for this scenario.
upvoted 0 times
...
Oretha
2 months ago
Hmm, option B seems like the best choice here. Giving the ORDER_ADMIN users the ability to choose which rights to use during execution is a pretty neat solution.
upvoted 0 times
Santos
14 days ago
I see your point. It's important to consider the level of control given to ORDER_ADMIN.
upvoted 0 times
...
Alease
15 days ago
True, but with option B, ORDER_ADMIN can have more control over the execution rights.
upvoted 0 times
...
My
16 days ago
But wouldn't option A also work since it grants USAGE on the procedure to ORDER_ADMIN?
upvoted 0 times
...
Tuyet
23 days ago
I agree, option B sounds flexible and secure.
upvoted 0 times
...
Maryann
1 months ago
I see your point. Having the ability to choose rights during execution can be beneficial in this case.
upvoted 0 times
...
Amina
1 months ago
True, option A could work as well, but option B gives more control to the ORDER_ADMIN users.
upvoted 0 times
...
Kayleigh
1 months ago
But wouldn't option A also work since it grants USAGE on the procedure to ORDER_ADMIN?
upvoted 0 times
...
Michel
1 months ago
I agree, option B sounds like a flexible solution for this scenario.
upvoted 0 times
...
...
Nikita
2 months ago
I think option A is the best choice. It allows ORDER_ADMIN to clean old data without needing DELETE privilege.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77