Snowflake is cloud-based data storage and analytics service.

Prerequisites

1. Create a custom role, e.g. READ_ONLY.

2. Create a user, e.g. CLOUDAWARE, and assign the READ_ONLY role by default.

create user CLOUDAWARE default_role=READ_ONLY
CODE

3. Provide the role with access to Warehouse*:

grant usage on warehouse <warehouse_name> to role READ_ONLY
CODE

*Note that Cloudaware will collect only those objects that the access has been granted to. Assign the permissions below depending on the preferred level of access:

Basic Access

GRANT IMPORTED PRIVILEGES ON DATABASE SNOWFLAKE TO ROLE READ_ONLY

Detailed Access

Snowflake Integration: GRANT USAGE ON INTEGRATION <integration_name> TO READ_ONLY

Snowflake Database: GRANT USAGE ON DATABASE <database_name> TO READ_ONLY

Snowflake Schema:

GRANT USAGE ON ALL SCHEMAS IN DATABASE <database_name> TO READ_ONLY
GRANT USAGE ON FUTURE SCHEMAS IN DATABASE <database_name> TO READ_ONLY

Snowflake Stage:

GRANT USAGE ON ALL STAGES IN DATABASE <database_name> TO READ_ONLY
GRANT USAGE ON FUTURE STAGES IN DATABASE <database_name> TO READ_ONLY

Snowflake Table:

GRANT REFERENCES ON ALL EXTERNAL TABLES IN DATABASE <database_name> TO READ_ONLY
GRANT REFERENCES ON FUTURE EXTERNAL TABLES IN DATABASE <database_name> TO READ_ONLY

Snowflake Pipe:

GRANT MONITOR ON PIPE <database_name>.<schema_name>.<pipe_name> TO READ_ONLY
GRANT MONITOR ON FUTURE PIPES IN DATABASE <database_name> TO READ_ONLY

Adding Snowflake Account

1. Log in to your Cloudaware account → Admin.

2. Find Snowflake in the list of integrations, click +Add.

3. To add Snowflake integration, fill out the form:

1) Account ID - Snowflake account ID (check on how to locate account Id here)

Username - name of the user created for this integration (e.g. CLOUDAWARE)

2) Click +Create New to add a new KeyPair in Certificate Name.

3) Click Copy query to the clipboard to copy the command. Run the command in Snowflake to change the user's rsa_public_key.

4) Click Get Warehouses. Select one of the available warehouses from the list in Warehouse.

Click Save.

4. The green light in 'Status' means that Snowflake integration has been successfully configured. If there is a red light, please contact support@cloudaware.com.

5. Once the integration is added, go to Cloudaware CMDB Navigator to view the Snowflake data collected under the tab 'SNOWFLAKE':

List of Supported Objects

Cloudaware supports the following Snowflake objects:

Snowflake Account
Snowflake Database
Snowflake Integration
Snowflake Integration Location
Snowflake Pipe
Snowflake Role
Snowflake Schema
Snowflake Stage
Snowflake Table
Snowflake User
Snowflake User Role Link
Snowflake View
Snowflake Warehouse