Use Certificate for Authentication in Snowflake Connector¶
You can use a certificate to authenticate the service user in Snowflake. This document outlines the steps to configure the Snowflake connector with Privacera using a certificate for authentication.
Prerequisites¶
- Snowflake User: You need a Snowflake user with the necessary privileges to manage the access policies in Snowflake.
- Key Pair: You need a key pair to authenticate the service user in Snowflake. You can use either a self-signed certificate or a certificate signed by a certificate authority (CA). Please refer Configure key-pair authentication on Snowflake for further details.
Setup¶
Property | Description |
---|---|
Private key | An RSA private key generated for key-pair authentication with Snowflake. |
Private key Password | Mandatory if the private key is encrypted. Here, add the passphrase used to encrypt the private key |
- SSH to the instance where Privacera Manager is installed.
If you have multiple connectors, then replace instance1
with the appropriate connector instance name.
-
Run the following command to open the
.yml
file to be edited.Bash -
Add the following properties to the
vars.connector.snowflake.yml
file:
You don't need to set the CONNECTOR_SNOWFLAKE_JDBC_PASSWORD
property when using key-pair authentication.
- Copy the private key file to the directory where the
vars.connector.snowflake.yml
file is located. Make sure the file name matches with the value provided in the.yml
file.
- In PrivaceraCloud, navigate to Settings -> Applications.
- On the Connected Applications screen, select Snowflake.
- Click the edit icon, click on Access Management -> ADVANCED tab.
- Enable the following toggle Use Key Pair Authentication.
- Enter the private key string in the Snowflake JDBC private key field.
- If the private key is encrypted with a password, enter the password in the Snowflake JDBC private key password field.
- Click on Save to save the configuration.
- Prev topic: Advanced Configuration