Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

This page outlines the process of configuring and using the Snowflake API through Zilla to sync groups, permissions, and users.

Configure a snowflake account with RSA Key pair ( Public & Private )

  • You need ACCOUNTADMIN access to do these configurations on a snowflake account,

  • Login to your snowflake account switch role to ACCOUNTADMIN

  • Click on Account tab

  • Go to Users tab,

  • Click on Create user, In General section give name & password details, Then click Next

  • In Advanced Section fill in the details,

Note: Give Login name same as User Name you provided in the previous page, i.e. on General page,

Email associate some email from your organization sam@zillasecurit.com is just for example. Click Next

  • In next Preferences select ACCOUNTADMIN as default role, Click finish.

  • Note down the name Zilla you can choose any different name but make a note of it, It will be used later.

  • Before proceeding login with the above user to see if the user has been created & has the default role as ACCOUNTADMIN

  • Now let us Configuring Key Pair Authentication for this user “Zilla”

  • Step 1: Generate the Private Key

To generate an unencrypted version, use the following command:

$ openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt

To generate an encrypted version, use the following command (which omits “-nocrypt”):

$ openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8

  • Step 2: Generate a Public Key

$ openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub

  • Step 3: Store the Private and Public Keys Securely: These are sensitive keys shall be stored securely so that no one can access

  • Step 4: Assign the Public Key to a Snowflake User Zilla we created before, Use the following SQL query,

// Execute this query to enable admin previlige, SO that we can modify user Zilla
USE ROLE ACCOUNTADMIN;

  • Then execute the following query

// Make change to user Zilla to associate RSApublic key
ALTER USER Zilla SET RSA_PUBLIC_KEY='MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC........;

Note: To print the contents of the public key type $ cat rsa_key.pub on the terminal.

Note: The public key we assigned is without the beginning & end part of it, i.e. -----BEGIN PUBLIC KEY----- & -----END PUBLIC KEY----- respectively.

Now we have all the artifacts we need to configure the Snowflake integration.

Configure A Snowflake integration on Zilla Dashboard

  • Login to Zilla with your admin account

  • Go to Applications tab click on `Add Application

  • Type Snowflake in the search box, A suggested Snowflake library entry shall appear click Add Applications button right next to it,

  • Fill in the Add Application form in details & click Add to Applications

  • The Snowflake application entry shall appear in the Applications tab click on the app name,

  • Next on the App details page to the right side, you will see Update now button click it, You will see configuration box appeared,

  • Here fill in the details as follows,

    • RSA Private Key: The PVT RSA key generated in the above step, You can print the key on the terminal using $cat rsa_key.p8 command, Note that key shall be copied with -----BEGIN PRIVATE KEY----- & -----END PRIVATE KEY----- otherwise app will throw an error, Paste the key in the input box,

    • RSA Private Key Passphrase: If you created an encrypted RSA PVT key then a passphrase to decrypt the key shall be provided here, If you have not created an encrypted key leave this blank, ( In the above step we have not created an encrypted key by providing flag -nocrypt )

    • Snowflake Account Id: If your snowflake URL is https://unaXXXXX.us-east-1.snowflakecomputing.com/ then unaXXXXX.us-east-1 is your account id

    • Account Admin Username: In our case, it’s Zilla If you have chosen any custom name provide that name

    • Warehouse name ( Where SNOWFLAKE db & ACCOUNT_USAGE schema is located ): Name of the warehouse which has the SNOWFLAKE database & ACCOUNT_USAGE schema. Use show warehouses; command to see available warehoused in your account,

  • After filling in the above details click on Next

  • You will see configuration stored success toast as well as a small dialog saying In the next step, you will be asked to log in to Snowflake - 1, and then the data sync will start automatically. Click Next

Hopefully, the sync will be complete & you shall see all the users in your snowflake account.

When you have finished with all the steps above, review the information in Zilla that was synced.

Having trouble? Try our Troubleshooting articles or contact support@zillasecurity.com.

  • No labels