Snowflake Cortex Code brings LLMs like GPT and Claude directly into the data cloud, but unrestricted access can cause runaway costs. This post presents a production-ready SQL governance script that enforces a tiered RBAC model with three roles (Standard, Enhanced, Premium), assigns specific LLM models to each tier, and applies per-user daily credit limits using Snowflake Scripting. The approach follows a default-deny stance, disabling global model access and requiring explicit role grants. Concrete use cases map each tier to real-world personas: junior analysts on cost-efficient models, senior engineers on advanced reasoning models, and architects with unlimited access to top-tier models.
Table of contents
Concrete Use Cases: Who Gets What?Tier 1: Standard (2 Credits/Day)Tier 2: Enhanced (5 Credits/Day)Tier 3: Premium (Unlimited / High Limit)SummarySort: