Skip to content

Commit

Permalink
Add grants, add sage and recover folders, and add paths to ignore
Browse files Browse the repository at this point in the history
  • Loading branch information
@thomasyu888
thomasyu888 committed Oct 31, 2023
1 parent 9df0098 commit 9cd7d1a
Show file tree
Hide file tree
Showing 7 changed files with 69 additions and 642 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ on:
- 'transforms/*'
- 'analytics/*'
- 'README.md'
- 'recover/*'
- 'sage/*'
branches:
- "main"
- "dev"
Expand Down
14 changes: 0 additions & 14 deletions admin/genie_setup.sql
View file

This file was deleted.

52 changes: 52 additions & 0 deletions admin/grants.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,3 +94,55 @@ GRANT ALL PRIVILEGES ON FUTURE SCHEMAS IN DATABASE SYNAPSE_DATA_WAREHOUSE_DEV
TO ROLE DATA_ENGINEER;
GRANT ALL PRIVILEGES ON FUTURE TABLES IN DATABASE SYNAPSE_DATA_WAREHOUSE_DEV
TO ROLE DATA_ENGINEER;

-- Sage database privileges
GRANT USAGE ON FUTURE SCHEMAS IN DATABASE SAGE
TO ROLE PUBLIC;
GRANT SELECT ON FUTURE TABLES IN DATABASE SAGE
TO ROLE PUBLIC;
GRANT USAGE ON DATABASE SAGE
TO ROLE PUBLIC;
GRANT ALL PRIVILEGES ON FUTURE SCHEMAS IN DATABASE SAGE
TO ROLE DATA_ENGINEER;
GRANT ALL PRIVILEGES ON FUTURE TABLES IN DATABASE SAGE
TO ROLE DATA_ENGINEER;
GRANT CREATE SCHEMA, USAGE ON DATABASE SAGE
TO ROLE DATA_ENGINEER;

-- AD database privileges
GRANT ALL PRIVILEGES ON SCHEMA AD
TO ROLE AD;
GRANT ALL PRIVILEGES ON FUTURE TABLES IN SCHEMA AD
TO ROLE SYSADMIN;
GRANT USAGE ON DATABASE SAGE
TO ROLE AD;

-- GENIE database privileges
GRANT USAGE ON DATABASE GENIE
TO ROLE GENIE_ADMIN;
GRANT USAGE ON FUTURE SCHEMAS IN DATABASE GENIE
TO ROLE GENIE_ADMIN;
GRANT SELECT ON FUTURE TABLES IN DATABASE GENIE
TO ROLE GENIE_ADMIN;

GRANT USAGE ON WAREHOUSE TABLEAU
TO ROLE GENIE_ADMIN;

-- RECOVER database privileges

GRANT CREATE SCHEMA, USAGE ON DATABASE RECOVER
TO ROLE RECOVER_DATA_ENGINEER;
GRANT ALL PRIVILEGES ON FUTURE SCHEMAS IN DATABASE RECOVER
TO ROLE RECOVER_DATA_ENGINEER;
GRANT ALL PRIVILEGES ON FUTURE TABLES IN DATABASE RECOVER
TO ROLE RECOVER_DATA_ENGINEER;
GRANT USAGE ON WAREHOUSE RECOVER_XSMALL
TO ROLE RECOVER_DATA_ENGINEER;
GRANT USAGE ON DATABASE RECOVER
TO ROLE RECOVER_DATA_ANALYTICS;
GRANT USAGE ON FUTURE SCHEMAS IN DATABASE RECOVER
TO ROLE RECOVER_DATA_ANALYTICS;
GRANT SELECT ON FUTURE TABLES IN DATABASE RECOVER
TO ROLE RECOVER_DATA_ANALYTICS;
GRANT USAGE ON INTEGRATION RECOVER_DEV_S3
TO ROLE SYSADMIN;
41 changes: 0 additions & 41 deletions admin/sage_setup.sql
View file

This file was deleted.

21 changes: 2 additions & 19 deletions admin/recover_setup.sql → recover/recover_setup.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,31 +3,14 @@ CREATE SCHEMA IF NOT EXISTS pilot_raw
WITH MANAGED ACCESS;
USE SCHEMA recover.pilot_raw;

USE ROLE securityadmin;
GRANT CREATE SCHEMA, USAGE ON DATABASE recover
TO ROLE recover_data_engineer;
GRANT ALL PRIVILEGES ON FUTURE SCHEMAS IN DATABASE recover
TO ROLE recover_data_engineer;
GRANT ALL PRIVILEGES ON FUTURE TABLES IN DATABASE recover
TO ROLE recover_data_engineer;
GRANT USAGE ON WAREHOUSE recover_xsmall
TO ROLE recover_data_engineer;
GRANT USAGE ON DATABASE recover
TO ROLE recover_data_analytics;
GRANT USAGE ON FUTURE SCHEMAS IN DATABASE recover
TO ROLE recover_data_analytics;
GRANT SELECT ON FUTURE TABLES IN DATABASE recover
TO ROLE recover_data_analytics;

-- Set up storage integration
DESC INTEGRATION recover_dev_s3;
GRANT USAGE ON INTEGRATION recover_dev_s3
TO ROLE sysadmin;

USE ROLE sysadmin;
CREATE STAGE IF NOT EXISTS recover_dev
STORAGE_INTEGRATION = recover_dev_s3 --noqa: LT02,PRS
URL = 's3://recover-dev-processed-data' --noqa: LT02
FILE_FORMAT = (TYPE = PARQUET COMPRESSION = AUTO); --noqa: LT02
DESC INTEGRATION recover_dev_s3;

CREATE STAGE IF NOT EXISTS recover_dev_intermediate
STORAGE_INTEGRATION = recover_dev_s3 --noqa: LT02
Expand Down
13 changes: 13 additions & 0 deletions sage/sage_setup.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
USE ROLE sysadmin;
USE DATABASE sage;

CREATE SCHEMA IF NOT EXISTS portal_raw
WITH MANAGED ACCESS;

CREATE SCHEMA IF NOT EXISTS portal_downloads
WITH MANAGED ACCESS;
-- ! One time addition
-- ALTER TABLE portal_raw.NF ADD COLUMN "tissue" STRING;

CREATE SCHEMA IF NOT EXISTS ad
WITH MANAGED ACCESS;
Loading

0 comments on commit 9cd7d1a

Please sign in to comment.