What would be the best way to enable users to share Snowsight worksheets & dashboards for data with row-level security/row access policies?
It seems like sharing a worksheet would be dangerous because everyone would have access to the entire query history, which would allow people to see data they shouldn't normally have access to.
And for shared dashboards, everyone would be able to see the results based on the last user who updated it.
It seems like these features bypass row access policies entirely. Or am I missing something?
I wish there was something like a "secure mode", where previous results wouldn't be stored at all.
Well, I just discovered this warning in the Snowflake documentation, so it seems like it is a known issue without any workaround:
Caution
When you share a worksheet, you also share a cached version of the results. If your worksheet queries data protected by masking or row access policies, or if you have secondary roles enabled for your user, the cached results might contain results visible only to your user. Recipients of the shared worksheet might not have permission to generate those results, but if they have the worksheet role, they can view all cached results.