We are developing in a lower environment with developer credentials; these credentials expand way beyond the scope of any individual project. So when we create a new Snowflake functional user to execute our dbt work in production, we need to give the DBAs the appropriate database/schema permissions; no more, no less.
Any recommended ways to produce a list of required database grants (Snowflake) for a given execution DAG?
E.g., to return the databases & schemas that would be required for all the reading & writing for something like
dbt run --models +foo+ +bar
I can execute dbt ls --select my_selector_criteria, but it will return aliases, not the actual DATABASE.SCHEMA involved.