.png%3Falt%3Dmedia%26token%3D8fd7bcf1-91f0-4b44-bc24-68ac03de00b1)
.png%3Falt%3Dmedia%26token%3D8fd7bcf1-91f0-4b44-bc24-68ac03de00b1)
Comment on page
Create and grant access to Protecto
Execute the below commands in Snowflake using a role with sufficient privileges (preferably ACCOUNTADMIN)
- 1.Create a role "PROTECTO_ROLE" in Snowflake.
- 2.Create a warehouse "PROTECTO_WH".
- 3.Create a user "PROTECTO_USER" and assign to the above role.
CREATE ROLE "PROTECTO_ROLE";
CREATE WAREHOUSE PROTECTO_WH WITH WAREHOUSE_SIZE = 'MEDIUM' WAREHOUSE_TYPE = 'STANDARD' AUTO_SUSPEND = 900 AUTO_RESUME = TRUE MIN_CLUSTER_COUNT = 1 MAX_CLUSTER_COUNT = 2 SCALING_POLICY = 'STANDARD';
GRANT USAGE ON WAREHOUSE "PROTECTO_WH" TO ROLE "PROTECTO_ROLE";
CREATE USER "PROTECTO_USER"
MUST_CHANGE_PASSWORD = FALSE
DEFAULT_ROLE = "PROTECTO_ROLE"
PASSWORD = "<password>";
GRANT ROLE "PROTECTO_ROLE" TO USER "PROTECTO_USER";
Granting access required in Snowflake
- Grant "SELECT" and "USAGE" privilege for all databases, schemas and tables for "PROTECTO_ROLE" role.
- Grant 'imported privileges' on database snowflake to read logs from the snowflake history.
Reference queries:
GRANT USAGE ON DATABASE "<database_name>" TO ROLE "PROTECTO_ROLE";
GRANT USAGE ON FUTURE SCHEMAS IN DATABASE "<database_name>" TO ROLE "PROTECTO_ROLE";
GRANT USAGE ON ALL SCHEMAS IN DATABASE "<database_name>" TO ROLE "PROTECTO_ROLE";
GRANT SELECT ON FUTURE TABLES IN DATABASE "<database_name>" TO ROLE "PROTECTO_ROLE";
GRANT SELECT ON ALL TABLES IN DATABASE "<database_name>" TO ROLE "PROTECTO_ROLE";
Note: Above commands should be executed on all the databases created in the future on which Protecto should perform analysis
Grant "IMPORTED PRIVILEGES" on database snowflake to "PROTECTO_ROLE";
Details required for the next step:
- Warehouse name
- Account name
- Role
- Username
- Password
Last modified 3mo ago