Whenever a temporary PR schema is created in Redshift via Integration Testing CI Jobs in dbt Cloud, Redshift users don’t have access to the schema, and every time a new PR is triggered, or when a CI Job is rerun, the permissions must be set again. It would be nice to be able to specify users or groups of users who can gain automatic permissions to select from temporary PR schemas. Our current workaround is to ping an admin who can grant permissions, but this is not ideal. Is there a configuration to dbt that can achieve what I’m after?
Hey @awray3, I was going to suggest using post-hooks for this, but then stumbled upon grants: grants | dbt Developer Hub
This looks like exactly what you’re after. The issue you’ll likely run into is that - given users can’t select these schemas in the first place - they won’t have perms to grant schema access to others. Might be something you need to work out with your DBA.
EDIT: It looks like grants are only for specific models/seeds/snapshots, rather than schemas, so I’d revert back to my original idea of trying post-hooks: pre-hook & post-hook | dbt Developer Hub