Snowflake Integration

Euno's Snowflake integration supports auto-discovery of:

  • Usage information of applications using Snowflake, like Tableau

Setting up Snowflake integration

Required Snowflake Permissions

In order to integrate with Euno, create a custom role in Snowflake with the permissions listed below. In the code snippet below, we create a user euno_user, with password and a role euno_role.

Euno discovers Snowflake resources by issuing SQL queries on Snowflake's system database and information schema. The Snowflake role require the Snowflake USAGE grant on a Snowflake warehouse. In the code snippet below, we use the warehouse euno_dwh.

CREATE ROLE euno_role;
CREATE USER euno_user PASSWORD='euno_password' DEFAULT_ROLE='euno_role';
GRANT ROLE euno_role TO USER euno_user;
GRANT USAGE ON WAREHOUSE euno_dwh TO ROLE euno_role;
GRANT DATABASE ROLE SNOWFLAKE.OBJECT_VIEWER TO ROLE euno_role;
GRANT DATABASE ROLE SNOWFLAKE.GOVERNANCE_VIEWER TO ROLE euno_role;

Setup Steps

To integrate a Snowflake account please follow the below steps:

1

Click on the "Account settings" found in the left side menu.

2

Locate the Snowflake tile under the Integrations tab and click “Configure”.

3

Fill out the integration configuration. See integration configuration section below.

4

Your Snowflake integration is now configured. To add another instance, click on “Add account” and repeat step 3.

Integration Configuration

Asterik (*) means a mandatory field.

ConfigurationDescription

Host*

This is the Snowflake host associated with your Snowflake account. Below are some examples of Snowflake hosts: - mycompany.eu-central-1.snowflakecomputing.com - org-account.us-west-2.snowflakecomputing.com

Username*

The Snowflake user to use for the integration

Password*

The password of the Snowflake user for the integration

Role

The Snowflake role to use. If you configured the Snowflake user to have a default role, you can keep this blank.

Warehouse

The Snowflake warehouse to use for queries. If you configured the Snowflake user to have a default warehouse, you can keep this blank.

Table to use for query history

By default, Euno uses the table snowflake.account_usage.query_history to access your Snowflake's query history. If you prefer to use a different table, enter it here. See "Using a non-default query history view" below.

Skip SSL certificate verification

Skip SSL certificate verification. This is used in cases where Euno accessess Snowflake through a proxy. We recommend leaving this unchecked.

Use Snowflake system database to query for Snowflake views

By default, Euno uses the system view snowflake.account_usage.views to discover all Snowflake views defined in the snowflake account. If you prefer not to grant the integration permission for this system view, and instead have Euno iterate over all databases it has access to and query their information_schema, then uncheck this box.

Using a non-default query history view

By default, Euno uses the system view snowflake.account_usage.query_history to discover the query history.

You might prefer, for security reasons, to limit the rows or columns that Euno integration has access to.

In that case, you can manually create a Snowflake view to expose a subset of the query hisotry. In order for Euno to use this non-default Snowflake view, the following columns, available in snowflake.account_usage.query_history, must be exposed by the view:

  • query_tag

  • total_elapsed_time

  • bytes_scanned

  • start_time

  • end_time

  • query_type

Make sure you grant Euno permissions to SELECT on this view. Below is an example of creating such a view, and excluding records that were initiated by the user PRIVATE_USER

CREATE OR REPLACE VIEW user.public.query_history_for_euno AS (
  SELECT query_tag, total_elapsed_time, start_time, end_time, bytes_scanned, query_type
  FROM snowflake.account_usage.query_history
  WHERE user_name != 'PRIVATE_USER'
);

GRANT SELECT ON VIEW user.public.query_history_for_euno TO ROLE euno_role;

Discovered Resources

The Euno-Snowflake integration discovers the following resources:

Snowflake views

PropertyValue

name

The name of the Snowflake view. This does not include the database or schema. So, for example, if the full name of the view is some_database.some_schema.some_view, then Euno will set the name to some_view

type

always table

database technology

always snowflake

materialized

false

schema

the name of the snowflake schema this table is in. For example, for the view some_database.some_schema.some_view, this will be set to some_schema.

database

the name of the snowflake schema this table is in. For example, for the view some_database.some_schema.some_view, this will be set to some_database.

created at

the time this view was created

updated at

the time this view's definition was last updated

description

If the view has a COMMENT, then it will be used as the description

owner

The Snowflake users set as the owner of the view

Last updated