Every Base user has 1 snowflake username: ICA_U_<id>


For each user/project-bundle combination a role is created: ICA_UR_<id>_<name project/bundle>__<id>

This role receives the viewer or contributor role of the project/bundle, depending on their permissions in ICA.


Every project or bundle has a dedicated Snowflake database.

For each database, 2 roles are created:

  • <project/bundle name>_<id>_VIEWER

  • <project/bundle name>_<id>_CONTRIBUTOR

Project viewer role

This role receives

  • REFERENCE and SELECT rights on the tables/views within the project's PUBLIC schema.

  • Grants on the viewer roles of the bundles linked to the project.

Project contributor role

This role receives the following rights on current an future objects in the project's/bundle database in the PUBLIC schema:

  • ownership

  • select, insert, update, delete, truncate and references on tables/views/materialized views

  • usage on sequences/functions/procedures/file formats

  • write, read and usage on stages

  • select on streams

  • monitor and operate on tasks

It also receives grant on the viewer role of the project.


For each project (not bundle!) 2 warehouses are created, whose size can be changed ICA at projects > your_project > project settings > details.

  • <projectname>_<id>_QUERY

  • <projectname>_<id>_LOAD

Last updated