Managing Snowflake roles and resources
Snowflake is a cloud-native data platform built on a unique architecture that decouples storage from compute resources. This separation allows administrators to precisely control costs and access by creating granular roles and assigning them to independent, scalable compute clusters known as virtual warehouses.
{More Info} administrators can perform the following actions using Snowflake:
Managing resources
Admins can view all resources, such as warehouses, databases, schemas, and tables, on the Resources tab of the PingOne Privilege admin console.
Privileges can be granted on a resource by:
-
Clicking Grant Privilege
-
Selecting the role to grant the privileges to
-
Selecting the specific privileges to grant
Managing roles and privileges
On the Roles tab, admins can:
-
View the list of all privileges that have been assigned to a resource as part of that role
-
Revoke privileges from a role
-
Delete roles
Creating or configuring a Snowflake user
-
Sign on to your Snowflake account.
-
Create a new user with the
ACCOUNTADMINrole, or use an existing user with this role. -
Ensure the user has a default warehouse granted.
-
Open a terminal or command prompt on your local machine.
Run the following command to generate a private key:
openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocryptRun the following command to generate a public key:
openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub -
Save both the
rsa_key.p8(private key) andrsa_key.pub(public key) files securely. -
Copy the contents of the
rsa_key.pubfile.Replace
<username>with the actual Snowflake username and run the following query in Snowflake to set the public key for the user:ALTER USER <username> SET RSA_PUBLIC_KEY='MIIBIjANB...'; -
Ensure that the public key is entered as a single line string within the quotes.