Skip to main content

Snowflake initial setup

Setup varies depending on what authentication type you choose. See Introducing connection profiles.

The Snowflake account to be used by Striim must have the following privileges:

  • For all authentication types:

    • USAGE on the database and schema to be read

    • SELECT and OWNERSHIP on the tables to be read

  • For OAuth:

    • CREATE INTEGRATION on the account

The OWNERSHIP privilege gives Striim the ability to enable change tracking on the tables to be read. If you prefer not to grant OWNERSHIP to the account, you must enable change tracking manually by executing the command ALTER TABLE <tablename> SET CHANGE_TRACKING = TRUE; for each table to be read (see Explicitly Enable Change Tracking on the Underlying Tables).

Authentication

See Introducing connection profiles for additional setup steps depending on which authentication type you choose.

Private Link

To use AWS PrivateLink, an ACCOUNTADMIN must execute the following (replace <AWS ID> and <federated token> with the appropriate ID and token for your environment)::

SELECT SYSTEM$AUTHORIZE_PRIVATELINK ('<AWS ID>',‘<federated token>')

To use Azure Private Link, an ACCOUNTADMIN must execute the following (replace <Azure subscription ID> with your subscription ID):

SELECT SYSTEM$AUTHORIZE_PRIVATELINK ('<Azure subscription ID>');

Configuring Snowflake

You must have appropriate permissions in Snowflake for completing these configurations.