Access requests — Status notifications

Newly-opened access requests now send email notifications to approvers. These notifications are configurable and can be enabled or disabled on a per-user basis.

By default, notifications are sent to all Spyglass administrators who have authenticated via SSO.

Access requests — Easy reverts

After an access request has been merged and applied, an action is now available to open a new access request that reverts the original one in one click.

Recommendations — Over-provisioned access

Spyglass now identifies unused roles: roles that aren't granted to any users, so they can safely be cleaned up and deleted. A remediation is available to drop these roles in one click.

Spyglass now identifies duplicate roles: roles that have overlapping privileges, so that users can decide how they want to clean up these redundancies.

User experience

• Explorer

  • Database details page now shows which functional roles are granted access to that database.

  • Role details page now indicates whether a role is a functional role.

  • Privileges for ACCOUNTADMIN and other Snowflake builtin roles are now correctly displayed in the role details page.

• Functional Roles

  • Functional roles page now includes quick links to each database's details page in the explorer.

• Performance

  • Improved performance when staging changes for users with larger deployments.

  • Fixed issues with pagination and filtering on the recommendations listing page.