Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

This page outlines the process of configuring and using the Snowflake API through Zilla to sync groups, permissions, and users.

Configure a snowflake account with RSA Key pair ( Public & Private )

  • You need ACCOUNTADMIN access to do these configurations on a snowflake account,

  • Login to your snowflake account switch role to ACCOUNTADMIN

  • Click on Account tab

  • Go to Users tab,

  • Click on Create user, In General section give name & password details, Then click Next

  • In Advanced Section fill in the details,

Note: Give Login name same as User Name you provided in the previous page, i.e. on General page,

Email associate some email from your organization sam@zillasecurit.com is just for example. Click Next

  • In next Preferences select ACCOUNTADMIN as default role, Click finish.

  • Note down the name Zilla you can choose any different name but make a note of it, It will be used later.

  • Before proceeding login with the above user to see if the user has been created & has the default role as ACCOUNTADMIN

  • Now let us Configuring Key Pair Authentication for this user “Zilla”

  • Step 1: Generate the Private Key

To generate an unencrypted version, use the following command:

$ openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt

To generate an encrypted version, use the following command (which omits “-nocrypt”):

$ openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8

  • Step 2: Generate a Public Key

$ openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub

  • Step 3: Store the Private and Public Keys Securely: These are sensitive keys shall be stored securely so that no one can access

  • Step 4: Assign the Public Key to a Snowflake User Zilla we created before, Use the following SQL query,

// Execute this query to enable admin previlige, SO that we can modify user Zilla
USE ROLE ACCOUNTADMIN;

  • Then execute the following query

// Make change to user Zilla to associate RSApublic key
ALTER USER Zilla SET RSA_PUBLIC_KEY='MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC........;

Note: To print the contents of the public key type $ cat rsa_key.pub on the terminal.

Note: The public key we assigned is without the beginning & end part of it, i.e. -----BEGIN PUBLIC KEY----- & -----END PUBLIC KEY----- respectively.

Now we have all the artifacts we need to configure the Snowflake integration.

Configure A Snowflake integration on Zilla Dashboard

  • Login to Zilla with your admin account

  • Go to Applications tab click on `Add Application

  • Type Snowflake in the search box, A suggested Snowflake library entry shall appear click Add Applications button right next to it,

  • Fill in the Add Application form in details & click Add to Applications

  • The Snowflake application entry shall appear in the Applications tab click on the app name,

  • Next on the App details page to the right side, you will see Update now button click it, You will see configuration box appeared,

  • Here fill in the details as follows,

    • RSA Private Key: The PVT RSA key generated in the above step, You can print the key on the terminal using $cat rsa_key.p8 command, Note that key shall be copied with -----BEGIN PRIVATE KEY----- & -----END PRIVATE KEY----- otherwise app will throw an error, Paste the key in the input box,

    • RSA Private Key Passphrase: If you created an encrypted RSA PVT key then a passphrase to decrypt the key shall be provided here, If you have not created an encrypted key leave this blank, ( In the above step we have not created an encrypted key by providing flag -nocrypt )

    • Snowflake Account Id: If your snowflake URL is https://unaXXXXX.us-east-1.snowflakecomputing.com/ then unaXXXXX.us-east-1 is your account id

    • Account Admin Username: In our case, it’s Zilla If you have chosen any custom name provide that name

    • Warehouse name ( Where SNOWFLAKE db & ACCOUNT_USAGE schema is located ): Name of the warehouse which has the SNOWFLAKE database & ACCOUNT_USAGE schema. Use show warehouses; command to see available warehoused in your account,

  • After filling in the above details click on Next

  • You will see configuration stored success toast as well as a small dialog saying In the next step, you will be asked to log in to Snowflake - 1, and then the data sync will start automatically. Click Next

Hopefully, the sync will be complete & you shall see all the users in your snowflake account.

  • No labels