Skip to content

Use Certificate for Authentication in Snowflake Connector

You can use a certificate to authenticate the service user in Snowflake. This document outlines the steps to configure the Snowflake connector with Privacera using a certificate for authentication.

Prerequisites

  • Snowflake User: You need a Snowflake user with the necessary privileges to manage the access policies in Snowflake.
  • Key Pair: You need a key pair to authenticate the service user in Snowflake. You can use either a self-signed certificate or a certificate signed by a certificate authority (CA). Please refer Configure key-pair authentication on Snowflake for further details.

Setup

Property Description
Private key An RSA private key generated for key-pair authentication with Snowflake.
Private key Password Mandatory if the private key is encrypted. Here, add the passphrase used to encrypt the private key
  1. SSH to the instance where Privacera Manager is installed.

If you have multiple connectors, then replace instance1 with the appropriate connector instance name.

  1. Run the following command to open the .yml file to be edited.

    Bash
    vi ~/privacera/privacera-manager/config/custom-vars/connectors/snowflake/instance1/vars.connector.snowflake.yml
    

  2. Add the following properties to the vars.connector.snowflake.yml file:

    YAML
    1
    2
    3
    4
    CONNECTOR_SNOWFLAKE_USE_KEY_PAIR_AUTHENTICATION: "true"
    CONNECTOR_SNOWFLAKE_JDBC_PRIVATE_KEY_FILE_NAME: "<private-key-file-name>"
    # if private-key is encrypted with a password add
    CONNECTOR_SNOWFLAKE_JDBC_PRIVATE_KEY_PASSWORD: "<private-key-password>"
    

You don't need to set the CONNECTOR_SNOWFLAKE_JDBC_PASSWORD property when using key-pair authentication.

  1. Copy the private key file to the directory where the vars.connector.snowflake.yml file is located. Make sure the file name matches with the value provided in the .yml file.
  1. In PrivaceraCloud, navigate to Settings -> Applications.
  2. On the Connected Applications screen, select Snowflake.
  3. Click the edit icon, click on Access Management -> ADVANCED tab.
  4. Enable the following toggle Use Key Pair Authentication.
  5. Enter the private key string in the Snowflake JDBC private key field.
  6. If the private key is encrypted with a password, enter the password in the Snowflake JDBC private key password field.
  7. Click on Save to save the configuration.

Comments