Skip to main content

Step 1: locate your public key

Locate the public key provided to you. The public key will be a long string of text, loosely resembling the format: MIIBI...<SHORTENED>...Xrw2nwIDAQAB. You will register this public key on the Snowflake user you create in Step 2.

Step 2: create role, user, and warehouse

To complete the following setup steps, you or a Snowflake admin on your team must have the SECURITYADMIN and SYSADMIN roles. To check your account for these roles, run SHOW GRANTS TO USER <your_username>; and review the role column.
1

Review the setup script

Review and make any changes to the following setup script. Update database_name and schema_name to point at the database and schema you want to read from, list the tables you want to sync in the grant statements, and paste the public key from Step 1 into RSA_PUBLIC_KEY.
Setup script
By default, this script creates a new warehouse. If you would prefer to use an existing warehouse, change the warehouse_name variable from TRANSFER_WAREHOUSE to the name of the warehouse to be shared.
To grant access to every table in the schema instead of listing tables individually, replace the per-table grants with a single grant on all tables in the schema.
Grant all tables
2

Run the script

In the Snowflake interface, select the dropdown next to the Run button, and click Run All. This will run every query in the script at once. If successful, you will see Statement executed successfully in the query results.

Step 3: configure the Snowflake access policy

If your Snowflake data warehouse is using Snowflake Access Policies, a new policy must be added to allow the static IP to read from the warehouse. Reach out to your contact for the static IP address to use.
1

Review current network policies

Run the following to check for existing IP safelists.
Show network policies
If there is no existing Snowflake network policy (the SHOW query returns no results), you can skip to Step 4. If there is an existing Snowflake network policy, you must alter the existing policy or create a new one to safelist the static IP address.
2

Create a network policy

Run the following to create a new network policy that safelists the static IP address.
Create network policy
If you have no existing network policies and you create your first as part of this step, all other IPs outside of the ALLOWED_IP_LIST will be blocked. Snowflake does not allow setting a network policy that blocks your current IP address, and will return an error if you try. Be careful when setting your first network policy.

Step 4: submit your connection details

Provide the following details to complete the source setup:
  1. The name is a descriptive name of the source
  2. The host (e.g., account.us-central1.gcp.snowflakecomputing.com)
  3. The port [e.g., 443]
  4. The database from Step 2
  5. The username from Step 2