What Are Secure Views?

Imagine you’re running a library. You’ve got shelves full of books—some are public novels anyone can read, but others are private journals only certain people should see. Now, suppose you want to let visitors browse a catalog of book titles without revealing the private stuff inside. In Snowflake, a secure view is like that catalog: it shows users a controlled version of your data without letting them peek at the raw, sensitive details underneath.

A secure view is a special type of view in Snowflake (a view being a virtual table based on a query) that adds an extra layer of protection. It hides the actual data and the query logic from users, so they can only see the results you want them to see—not how you got there or the full dataset.

Why Use Secure Views?

Snowflake is all about sharing data easily, but not every user should see everything. Here’s why secure views are a game-changer:

  • Hide Sensitive Data
    Let’s say you have a table with customer info—names, emails, and credit card numbers. You want your marketing team to see names and emails but not the credit cards. A secure view can show just the columns you choose, keeping the rest locked away.
  • Protect the “How”
    With a regular view, users might figure out the query behind it—like seeing which tables or filters you used. Secure views block that, so your logic stays secret. It’s like giving someone a cake without revealing the recipe.
  • Work with Data Sharing
    Snowflake lets you share data with other accounts (like partners or clients). Secure views ensure they only see what you intend, even if they’re outside your organization.
  • Extra Security Boost
    Even if someone has permission to see a view, they can’t dig into the underlying tables unless you explicitly allow it. It’s an added shield against sneaky access attempts.

How Do Secure Views Differ from Regular Views?

Think of a regular view as a window into your data: anyone with access can look through it and might even guess what’s behind the curtain. A secure view is more like a TV screen—it shows a specific picture, but the wires and machinery behind it are hidden.

Here’s the difference in Snowflake terms:

  • Regular View: Users can see the SQL definition (the query that builds the view) and might access the base tables if they have permissions.
  • Secure View: The SQL definition is hidden, and Snowflake enforces stricter rules to prevent users from bypassing it to reach the raw data.

Setting Up a Secure View: A Simple Example

Let’s walk through how to create a secure view. Suppose you have a table called CUSTOMERS in a database MY_DB and schema PUBLIC:

| CUSTOMER_ID | NAME         | EMAIL              | CREDIT_CARD       |
|-------------|--------------|--------------------|-------------------|
| 1           | Sarah Brown  | sarah@example.com  | 4111-2222-3333-4444 |
| 2           | Mike Smith   | mike@example.com   | 5555-6666-7777-8888 |

You want your marketing team to see names and emails but not credit card numbers. Here’s how to do it:

Step 1: Create the Secure View

Use the CREATE SECURE VIEW command:

CREATE SECURE VIEW MY_DB.PUBLIC.MARKETING_VIEW AS
SELECT 
    NAME,
    EMAIL
FROM 
    MY_DB.PUBLIC.CUSTOMERS;
  • SECURE: This keyword tells Snowflake to lock down the view.
  • MARKETING_VIEW: The name of your new secure view.
  • The SELECT picks only NAME and EMAIL, leaving out CREDIT_CARD.

Step 2: Grant Access to the Right Role

Let’s say you have a role called MARKETING_TEAM. Give them permission to see the view:

GRANT USAGE ON DATABASE MY_DB TO ROLE MARKETING_TEAM;
GRANT USAGE ON SCHEMA MY_DB.PUBLIC TO ROLE MARKETING_TEAM;
GRANT SELECT ON VIEW MY_DB.PUBLIC.MARKETING_VIEW TO ROLE MARKETING_TEAM;

Step 3: Assign the Role to Users

Give the MARKETING_TEAM role to a user, like “Jane”:

GRANT ROLE MARKETING_TEAM TO USER JANE;

What Happens?

When Jane logs in and queries the view:

SELECT * FROM MY_DB.PUBLIC.MARKETING_VIEW;

She sees:

| NAME         | EMAIL             |
|--------------|-------------------|
| Sarah Brown  | sarah@example.com |
| Mike Smith   | mike@example.com  |

But:

  • She can’t see the CREDIT_CARD column—it’s not in the view.
  • She can’t peek at the CUSTOMERS table directly unless you give her separate access.
  • She can’t even see the SQL code behind MARKETING_VIEW (try SHOW VIEWS;—it’s obscured!).

When to Use Secure Views

Secure views shine in situations like:

  • Data Sharing: You’re sharing a dataset with another Snowflake account and want to limit what they see.
  • Sensitive Data: You’ve got PII (personally identifiable information) like SSNs or medical records that need tight control.
  • Role-Based Access: Different teams need different slices of the same table (e.g., HR sees employee details, but sales sees only client info).

Tips for Using Secure Views

  1. Combine with Row-Level Security
    Want to limit rows (e.g., only New York customers)? Add a WHERE clause or use a row access policy with your secure view: 
    CREATE SECURE VIEW NY_MARKETING_VIEW AS
SELECT NAME, EMAIL
FROM CUSTOMERS
WHERE CITY = 'New York';
  2. Test It Out
    Log in as a user with the assigned role and query the view. Make sure they see only what you expect.
  3. Keep Base Tables Locked
    Don’t grant direct access to the CUSTOMERS table unless necessary—let the secure view be the only way in.
  4. Monitor Usage
    Use ACCOUNT_USAGE.QUERY_HISTORY to see who’s querying the view and ensure it’s working as planned.

Why Secure Views Are Awesome

Secure views are like a bouncer at a club—they let in only the right crowd and keep the VIP secrets safe. They’re easy to set up, fit perfectly with Snowflake’s role-based access control (RBAC), and make data sharing secure and painless. Whether you’re protecting customer data or sharing insights with a partner, secure views give you peace of mind without a lot of fuss.

Wrapping Up

Snowflake’s secure views are a simple yet powerful way to control who sees what in your data warehouse. By hiding sensitive columns, obscuring the query logic, and working seamlessly with roles, they help you strike a balance between sharing data and keeping it secure. So next time you need to protect your data while still letting people use it, give secure views a try—they’re your secret weapon in the Snowflake world!

Have questions or want to see more examples? Drop a comment below—I’d love to help!