Skip to main content

Snowflake

The Snowflake connector for rudol allows you to connect your Snowflake data warehouse instances.

caution

As Snowflake credits are charged per use we recommend you to choose a Scanning Frequency that matches your team's workflow to minimize your warehouse costs

Connection parameters

NameTypeDescription
UsernametextSnowflake user name
PasswordpasswordSnowflake user password
AccounttextSnowflake account. You can find your account in your snowflake URL. For example https://app.snowflake.com/us-central1.gcp/xy67456/, your account would be xy67456
RegiontextWarehouse instance region. You can find the region in your snowflake URL. For example https://app.snowflake.com/us-central1.gcp/xy67456/, your region would be us-central1.gcp
WarehousetextWarehouse name (optional)
DatabasetextDatabase name
SchematextSchema name (optional)

User permissions

In order to grant rudol the necessary permissions to fetch your database metadata we recommend you to create a new Snowflake user with a specific role.

Here is a sample code to create a new user for rudol with minimal permissions for metadata scan:

-- You will need ACCOUNTADMIN role in order to execute the next commands
CREATE ROLE rudol_role;
CREATE USER rudol_catalog_user PASSWORD='my-super-secret-password' DEFAULT_ROLE = rudol_role;
GRANT ROLE rudol_role TO USER rudol_catalog_user;

GRANT USAGE ON WAREHOUSE COMPUTE_WH TO ROLE rudol_role;

GRANT USAGE ON DATABASE RUDOL_TEST_DATABASE TO ROLE rudol_role;
GRANT USAGE ON SCHEMA RUDOL_TEST_DATABASE.PUBLIC TO ROLE rudol_role;
GRANT SELECT ON ALL TABLES IN SCHEMA RUDOL_TEST_DATABASE.PUBLIC TO ROLE rudol_role;

Restrict connections by IP Address

You can also restrict access to only accept incoming connections from the rudol public IP Address 52.6.101.83.

To do this you will probably have to alter a network policy. You can read more about this [here](https://docs.snowflake.com/en/sql-reference/sql/alter-network-policy.html