We Keep Coding

Grant create user permission Snowflake

Its a newbie question but still I am trying to grant create user permission to sysadmin role from the accountAdmin role so that I can create users in the sysadmin role.
The statement I am trying to execute is:
grant create user to role sysadmin;
Error
SQL compilation error: syntax error line 1 at position 18 unexpected 'to'.
What's the exact statement to achieve this?
I tried googling but haven't found any exact query statement in a long time, so posting it here.

Grant create user on account to role role_name ;
Please note that this statement has to be submitted as an ACCOUNTADMIN
https://docs.snowflake.com/en/sql-reference/sql/grant-privilege.html
You could also choose to use the WITH GRANT OPTION which allows the grantee to regrant the role to other users.
Grant create user on account to role role_name WITH GRANT OPTION;

Specific table querying role in Snowflake can't USE a warehouse

I've created what I think is a very standard user with access to a single role that can query a single table:
create user new_user;
alter user new_user set password = 'some_pw';
create role new_role;
alter user new_user set default_warehouse = 'compute_wh';
alter user new_user set default_role = 'new_role';
grant role new_role to user new_user;
grant usage on warehouse compute_wh to role new_role;
grant usage on schema my_schema to new_role;
grant usage on database my_db to role new_role;
grant select on my_db.my_schema.my_table to role new_role;
GRANT OPERATE ON WAREHOUSE COMPUTE_WH TO ROLE new_role;
However, when I set this user up in a SQL client (like DBeaver), I can't run any queries:
USE WAREHOUSE COMPUTE_WH; -- fails even here
USE DATABASE my_db;
SELECT * FROM my_db.my_schema.my_table;
SQL Error [2043] [02000]: SQL compilation error: Object does not
exist, or operation cannot be performed.
What extra permissions could I be missing?

USE WAREHOUSE COMPUTE_WH; -- fails even here
If user has access to warehouse but cannot use it, it may indicate it is suspended. I would add operate privilige:
GRANT OPERATE ON WAREHOUSE COMPUTE_WH TO ROLE NEW_ROLE;
and check if auto-resume is on or explicitly start warehouse:
ALTER WAREHOUSE IF EXISTS COMPUTE_WH RESUME IF SUSPENDED;
USE WAREHOUSE COMPUTE_WH;
EDIT:
To check current role the following code could be used:
SELECT CURRENT_ROLE();
If the role is different than anticiapted, it could be changed with:
USE ROLE COMPUTE_WH;

Unable to grant role to user

I've created a role called CATDX_OWNER_RPT_RL and granted SELECT privileges on all tables within the schema. I've created a new user and granted both CONNECT, CREATE SESSION. Now I would like to assign the role I created to the new user with the following syntax - GRANT ROLE CATDX_OWNER_RPT_RL TO USER. It returns this error SQL Error: ORA-00990: missing or invalid privilege
00990. 00000 - "missing or invalid privilege"

Reinventing the wheel? Omit ROLE.
GRANT CATDX_OWNER_RPT_RL TO NEW_USER;

Preventing users from altering default privileges on PostgreSQL

I'm testing database permissions on PostgreSQL and i'm trying to prevent a common user (readuser) from executing an 'ALTER DEFAULT PRIVILEGES' statement. However i cannot find a way to revoke this specific permission, and couldn't find anything about it on documentation.
I started a local PostgreSQL 11.2 instance, removed connect permisssions, created a database testdb and revoked table creation on the public schema.
revoke connect on database postgres from public;
create database testdb with template template0 --lc_collate "pt_BR.utf8" lc_ctype "pt_BR.utf8";
revoke connect on database testdb from public;
\c :database
revoke all on schema public from public;
grant all on schema public to postgres;
create schema private;
After that, I created a user with read permissions only:
create user readuser
with nosuperuser
nocreatedb
nocreaterole
noreplication
login
encrypted password 'testpassword';
grant connect
on database testdb
to readuser;
Then create a schema testschema and granted read permissions on it's tables:
grant usage
on schema testschema
to readuser;
grant select
on all tables
in schema testschema
to readuser;
Even though i only set read permissions on all schemas and tables, the 'readuser' user can still perform 'alter default privileges' query without a permission error:
alter default privileges in schema testschema grant select on tables to readuser;
ALTER DEFAULT PRIVILEGES
I would like some help on preventing a user from altering it's default privileges, so that it cannot mess up permissions for tables created in the future.

Try this by revoking the EXECUTE from the role postgres that granted the default privilege of execute to readuser
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA testschema REVOKE EXECUTE ON FUNCTIONS FROM readuser;

AWS RDS - Oracle - Grant permissions on sys

I'm trying to create a role and grant select permissions on sys.dba_objects.
This is my sql:
grant select on sys.dba_objects to my_role
grant select on sys.dba_objects to my_role;
On RDS I get the following error:
Error: ORA-01031: insufficient privileges
I saw that RDS has a dedicated stored procedure for granting permissions on sys. I tried:
call rdsadmin.rdsadmin_util.grant_sys_object('SYS.REGISTRY$HISTORY', 'my_role', 'select')
Error I get:
ORA-44003: invalid SQL name
ORA-06512: at "RDSADMIN.RDSADMIN_UTIL", line 248
ORA-44003: invalid SQL name
ORA-06512: at line 1

This is how I made it work:
1. Removed the sys. prefix like suggested above
2. Used uppercase
Example:
call rdsadmin.rdsadmin_util.grant_sys_object('DBA_OBJECTS', 'ASSESSMENT_ROLE', 'SELECT');

I don't know AWS RDS, but ORA-01031 sounds like a known restriction: privileges granted via roles won't work in PL/SQL procedures - you'll have to grant them directly to user.

Try following...First you need to grant select to rdsadmin with grant option using SYS.
As SYS
grant select on DBA_objects to rdsadmin with grant option;
As rdsadmin
grant select on sys.dba_objects to my_role;