Skip to main content Link Search Menu Expand Document (external link)

Snowflake

Snowflake is a cloud-based data warehouse that you can use without having to worry about infrastructure. Its data object hierarchy is database > schema > table > column. Additionally, you need access to a compute resource, or warehouse, to run queries. Snowflake uses role-based access controls.

The current connector supports

  • Import and export of Snowflake roles
  • Import into Raito Cloud of users
  • Import into Raito Cloud of data objects
  • Import into Raito Cloud of data usage information

The connector is available here.

Snowflake-specific parameters

To see all parameters, type

$> raito info raito-io/cli-plugin-snowflake

in a terminal window.

Currently, the following configuration parameters are available:

  • sf-account (mandatory): The account name of the Snowflake account to connect to. For example, xy123456.eu-central-1
  • sf-user (mandatory): The username to authenticate against the Snowflake account.
  • sf-password (mandatory): The username to authenticate against the Snowflake account.
  • sf-role (optional): The name of the role to use for executing the necessary queries. If not specified ‘ACCOUNTADMIN’ is used.
  • sf-excluded-databases (optional): The optional comma-separated list of databases that should be skipped.
  • sf-excluded-schemas (optional): The optional comma-separated list of schemas that should be skipped. This can either be in a specific database (as .) or a just a schema name that should be skipped in all databases (e.g. `INFORMATION_SCHEMA`).
  • sf-excluded-owners (optional): The optional comma-separated list of owners that need to be skipped when syncing users or marked as read-only when importing roles as Access Providers. This is typically used to not synchronize the users that were imported from an external Identity Store (like Okta, Active Directory, …).
  • sf-standard-edition (optional, false (default) or true): If set to true, Enterprise features will not be used. Relevant features to Raito that the Standard edition does not support are row access and masking policies, and tagging in the future.