Skip to main content
All CollectionsConnector Setup
How to set up Snowflake
How to set up Snowflake
Updated over a month ago

Use this connector to have Foundational scan and determine lineage and downstream impact for Snowflake.

This setup should take about 15 minutes.

Permissions: You need to be a Snowflake admin for some parts of this setup.

Create an RSA key-pair

  1. Generate an encrypted private key by running the following in command line:

    $ openssl genrsa 2048 | openssl pkcs8 -topk8 -v2 des3 -inform PEM -out rsa_key.p8

    Generate the public key by then running this command:

    $ openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub

    Copy both keys to a local directory for storage and record the path (it will be used later).

  2. Assign the public key to a Snowflake user (Only Snowflake admins can do this):

    ALTER USER [Username] SET RSA_PUBLIC_KEY='[Public key string]';

    Verify the user has the key assigned to them by running DESCRIBE USER:

    DESCRIBE USER [Username]

    For further details, see the Snowflake guide on how to create key pair

Create a role in Snowflake for Foundational, and assign it to Foundational user

  1. This can be done by downloading the attached script, snowflake_permissions.sql

  2. In the script, make the following changes:

    1. Replace <your-warehouse> with the warehouse you want Foundational to run its extraction queries in
      ​Note: Foundational will extract information for all warehouses, but run its query within the warehouse you specified)

    2. If the user you created for Foundational is not named foundational_user, then replace this string with the user name you created.​

Why do we ask for these permissions?

  • DB level OBJECT_VIEWER, USAGE_VIEWER and GOVERNANCE_VIEWER are required to extract lineage from your snowflake database.

  • DB level usage and table/schema level references permissions allow us to extract more detailed schema definitions

  • Warehouse operate and usage are needed for us to run queries that extract these pieces of information

Fill in the relevant information in Foundational

In the Connectors page, click on Snowflake to configure the following:

  1. Account URL: This is the URL you use to access Snowflake. It follows this format: https://<Snowflake-Account-Id>.snowflakecomputing.com

  2. Warehouse Name: The name of the warehouse you used in the script

  3. Database Name: The name of the database you used in the script

  4. Ingestion Role: The name of the role that was created in the script

  5. User name: The name of the user that was created in the script

  6. Private Key: The encrypted private key (starts with: "-----BEGIN ENCRYPTED PRIVATE KEY-----")

  7. Private Key Passphrase: The password for the encrypted private key

Attachment icon
snowflake_permissions.sql
Related Articles
How to set up BigQuery
How to Set up Hive
On Premise Snowflake Connector
Extracting Lineage from Liquibase Migrations
How to set up Looker Studio
Did this answer your question?