Snowflake
An overview of the Snowflake integration with Secoda
Last updated
Was this helpful?
An overview of the Snowflake integration with Secoda
Last updated
Was this helpful?
There are four steps to connect Snowflake with Secoda.
Create Role for Secoda
Create User for Secoda
Whitelist
Connect Snowflake to Secoda in the Secoda UI
You must be either an ACCOUNTADMIN, or have MANAGE GRANTS privileges in order to run the commands necessary to connect.
We recommend naming the User, Role, and Warehouse, SECODA_USER, SECODA_ROLE, SECODA_WAREHOUSE respectively. However, naming them this way is not necessary to integrate.
Navigate to Worksheets, select a database, and run the following commands in that database. You'll need to run these commands for all of the databases that you'd like Secoda to import metadata from.
[Optional] If you are using Snowflake Dynamic Tables, to bring in those tables, you have to grant MONITOR permissions to the SECODA role on all of those tables.
This step has to be repeated for every single dynamic table that you wish to bring into Secoda.
[Optional] If you are using Snowflake Snowpies, to bring in those pipes, you have to grant MONITOR USAGE permissions to the SECODA role and MONITOR permissions on all of those pipes. The stages that the pipes reference must also be granted access privileges.
[Optional] If you are using Snowflake Streamlit, to bring in those apps, you have to grant MONITOR permissions to the SECODA role on all of those apps.
If you would like you use key-pair authentication instead of a password you will need to:
Take the final key and convert it to base64 encoding. You can run the following command to convert the key.
In the Secoda App, select Add Integration on the Integrations page. Search for and select “Snowflake”.
Add your credentials as follows:
User - The name of the User created in Step 2.
Password - The Password set in Step 2.
Alternatively you can select the key-pair authentication and enter the private key and passphrase created in step 2.
Account - This is the Account ID of your cluster.
Warehouse - The Warehouse set in Step 1.
The account ID will likely be the business name, as well as the cloud region, if Snowflake is cloud hosted. See below for some examples.
URL: https://secoda.snowflakecomputing.com
ACCOUNT ID: secoda
URL: https://secoda.us-east-1.snowflakecomputing.com
ACCOUNT ID: secoda.us-east-1
URL: https://secoda.west-europe.azure.snowflakecomputing.com
ACCOUNT ID: secoda.west-europe.azure
Snowflake has made some recent changes where URLs can be different than the standard format above. In these cases, you can find the correct account id by:
Clicking on the account selector in Snowflake
This should create a URL ending with snowflakecomputing.comand you can follow the steps abvoe to determine the account id.
In order to resolve this error, please run the following command:
GRANT imported privileges on database SNOWFLAKE to ROLE SECODA;
This error could be the result of an incorrect Account ID. Please double check that your Account ID is properly added.
No active warehouse selected in the current session
This error can be due to the warehouse name not being fully uppercase. Updating the warehouse name to all uppercase letters should resolve this issue.
If you would like to enable the feature, the SECODA_USER must be the owner of the tables, have INSERT privileges on the table, and MODIFY privileges on the schema and database.
. Once the key is created, you can run the following command to connect the key to the SECODA_USER.
If you create a network policy with Snowflake, add the following to the “Allowed IP Addresses” list.
You can find the Account ID in the Snowflake URL. The account ID is usually a substring of the URL, before snowflakecomputing.com. If your Snowflake URL does not contain snowflakecomputing.com, see to determine your Account ID.
Hovering over the specific account you want to connect to \
Then clicking the copy account URL button on the 3rd section that shows the accounts details (organization id,
