Snowflake
Here is how to connect decube with Snowflake.
Connecting to decube is as easy as providing us with credentials to your Snowflake instance. We require the following credentials:
usernamepasswordaccount_namewarehouse_namerole_name
Connect to Snowflake
The
source name will be for you to differentiate and recognize particular sources within the decube application.To ensure a smooth experience configuring the connection.
- 1.The user
decubeuserand roledecuberoleis created and given the proper privileges for monitoring. - 2.Steps 4 or 5 below needs to be repeated for every
databasethat needs to be monitored.
Copy the account url and it should look like
https://<account_number>.<region>.snowflakecomputing.com. Your account name will be the
<account_number>.<region>1. On a Snowflake worksheet, copy the commands below and modify as necessary. We have the user called
decubeuser and role called decuberole CREATE ROLE decuberole;
CREATE USER decubeuser DEFAULT_ROLE = "decuberole" MUST_CHANGE_PASSWORD = FALSE;
GRANT ROLE decuberole TO USER decubeuser;
GRANT MONITOR EXECUTION ON ACCOUNT TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES ON DATABASE SNOWFLAKE TO ROLE decuberole;
2. The
source type for the database has to be known. To get this information, from Snowflake dashboard click on Data -> Databases. On the left panel, a list of Databases can be seen along with Source.3. If
Source if local, modify database_name, copy into a worksheet and run the commands.SET database_name='change_me'
-- for datasets that are local
GRANT USAGE ON ALL SCHEMAS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT USAGE ON FUTURE SCHEMAS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT SELECT ON ALL TABLES IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT SELECT ON FUTURE TABLES IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT SELECT ON ALL VIEWS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT SELECT ON FUTURE VIEWS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT SELECT ON ALL MATERIALIZED VIEWS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT SELECT ON FUTURE MATERIALIZED VIEWS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
4. If
Source is shared, modify database_name, copy into a worksheet and run the commands.SET database_name='change_me'
-- for datasets that are shared
GRANT IMPORTED PRIVILEGES ON DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES ON ALL SCHEMAS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT SELECT ON FUTURE SCHEMAS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES ON ALL SCHEMAS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES ON FUTURE SCHEMAS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES ALL TABLES IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES FUTURE TABLES IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES ALL VIEWS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES FUTURE VIEWS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES ALL IN MATERIALIZED VIEWS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
GRANT IMPORTED PRIVILEGES FUTURE IN MATERIALIZED VIEWS IN DATABASE IDENTIFIER($database_name) TO ROLE decuberole;
5. Steps 4 or 5 needs to be repeated for every
database that needs to be monitored.Last modified 1mo ago