Implementing inherited grants using secure schemas

What is claimed is: 1. A method comprising: defining a secure schema, wherein the secure schema is a schema that transfers ownership of an object created in the secure schema to a role that owns the secure schema; generating an inherited grant that specifies a permission on a first type of object in the secure schema and a grant of the permission to the role that owns the secure schema; attaching the inherited grant to the secure schema; in response to creating a set of objects in the secure schema, transferring, by the secure schema, ownership of each of the set of objects to the role that owns the secure schema to authorize the role that owns the secure schema to manage grants to the set of objects on the secure schema; in response to a first object of the set of objects being referenced via the role, creating, by a processing device, a virtual implied grant based on the inherited grant, wherein the virtual implied grant is a transient grant that only exists in-memory to authorize utilization of the permission on the first object; and authorizing utilization of the permission on the first object using the virtual implied grant. 2. The method of claim 1 , further comprising: granting to the role that owns the secure schema, an account level privilege to create inherited grants. 3. The method of claim 1 , wherein access to the first object by an original owner of the first object is governed by permissions set by the owner of the secure schema. 4. The method of claim 1 , further comprising: in response to attaching the inherited grant to the secure schema, materializing the inherited grant in a metadata store associated with the secure schema by persisting a grant record corresponding to the inherited grant in the metadata store, wherein the grant record is the only grant record corresponding to the inherited grant. 5. The method of claim 1 , wherein at the time the inherited grant is attached to the secure schema, authorizing utilization of the permission on any of the set of objects is performed using a corresponding virtual implied grant that is created based on the inherited grant. 6. The method of claim 1 , further comprising: removing the inherited grant from the secure schema, wherein at the time the inherited grant is removed from the secure schema, authorizing utilization of the permission on any of the set of objects is no longer performed using a corresponding virtual implied grant that is created based on the inherited grant. 7. The method of claim 1 , further comprising: defining an access group within the secure schema, wherein the inherited grant is attached to the access group; and adding one or more of the set objects to the access group, wherein: authorizing utilization of the permission on any of the one or more objects is performed using a corresponding virtual implied grant that is created based on the inherited grant; and authorizing utilization of the permission on any of the set of objects not added to the access group is performed using a grant that is materialized in response to any of the set of objects being referenced. 8. The method of claim 1 , further comprising: defining an access group within the secure schema, wherein the inherited grant is attached to the access group; adding one or more of the set objects to the access group, wherein: authorizing utilization of the permission on any of the one or more objects is performed using a grant that is materialized in response to any of the set of objects being referenced; and authorizing utilization of the permission on any of the set of objects not added to the access group is performed using a corresponding virtual implied grant that is created based on the inherited grant. 9. The method of claim 1 , wherein the first type of object is one of: a table, a view, a function, or a native application. 10. The method of claim 1 , wherein the permission is one of: a select privilege, an insert privilege, or a modify privilege. 11. A system comprising: a memory; and a processing device operatively coupled to the memory, the processing device to: define a secure schema, wherein the secure schema is a schema that transfers ownership of an object created in the secure schema to a role that owns the secure schema; generate an inherited grant that specifies a permission on a first type of object in the secure schema and a grant of the permission to the role that owns the secure schema; attach the inherited grant to the secure schema; in response to creating a set of objects in the secure schema, transfer, by the secure schema, ownership of each of the set of objects to the role that owns the secure schema to authorize the role that owns the secure schema to manage grants to the set of objects on the secure schema; in response to a first object of the set of objects being referenced via the role, create a virtual implied grant based on the inherited grant, wherein the virtual implied grant is a transient grant that only exists in-memory to authorize utilization of the permission on the first object; and authorize utilization of the permission on the first object using the virtual implied grant. 12. The system of claim 11 , wherein the processing device is further to: grant to the role that owns the secure schema, an account level privilege to create inherited grants. 13. The system of claim 11 , wherein access to the first object by an original owner of the first object is governed by permissions set by the owner of the secure schema. 14. The system of claim 11 , wherein the processing device is further to: in response to attaching the inherited grant to the secure schema, materialize the inherited grant in a metadata store associated with the secure schema by persisting a grant record corresponding to the inherited grant in the metadata store, wherein the grant record is the only grant record corresponding to the inherited grant. 15. The system of claim 11 , wherein at the time the inherited grant is attached to the secure schema, the processing device authorizes utilization of the permission on any of the set of objects using a corresponding virtual implied grant that is created based on the inherited grant. 16. The system of claim 11 , wherein the processing device is further to: remove the inherited grant from the secure schema, wherein at the time the inherited grant is removed from the secure schema, authorizing utilization of the permission on any of the set of objects is no longer performed using a corresponding virtual implied grant that is created based on the inherited grant. 17. The system of claim 11 , wherein the processing device is further to: define an access group within the secure schema, wherein the inherited grant is attached to the access group; and add one or more of the set objects to the access group, wherein: to authorize utilization of the permission on any of the one or more objects, the processing device uses a corresponding virtual implied grant that is created based on the inherited grant; and to authorize utilization of the permission on any of the set of objects not added to the access group, the processing device uses a grant that is materialized in response to any of the set of objects being referenced. 18. The system of claim 11 , wherein the processing device is further to: define an access group within the secure schema, wherein the inherited grant is attached to the access group; add one or more of the set objects to the access group, wherein: to authorize utilization of the permission on any of the