Guide for Resmo Snowflake integration.
Resmo integrates with Snowflake to help you safeguard your cyber assets for security and compliance.
- Consolidate and monitor all your Snowflake resources in one place.
- Query your Snowflake users, schemas, databases, and more.
- Set up rules to continuously evaluate your resource conformance.
- Add notification rules to get alerted on rule violations in near real-time.
Once you sign up for Resmo, you can easily integrate your account with Snowflake using an account with the required privileges. Resmo uses API to do the initial polling and collect existing resources. Then, we receive resource changes and updates in real-time by regular polling.
Resmo aggregates Snowflake resources such as databases, users, keys, tables, and more
See the full list:
(To be added)
- 1.Login to your Resmo account and navigate to Integrations. Then, add Snowflake.
2. Name the integration and write a description (optional.)
3. Go to your Snowflake Account and Create Security Integration with the following properties.
create security integration INTEGRATION_NAME
type = oauth
enabled = true
oauth_client = custom
oauth_client_type = 'CONFIDENTIAL'
oauth_redirect_uri = 'https://id.resmo.app:443/integration/snowflake/callback'
oauth_issue_refresh_tokens = true;
- OAUTH_REFRESH_TOKEN_VALIDITY is 90 days for custom clients in Snowflake. Resmo will check your refresh token validity and inform you if it expires soon.
- Check your security integration by executing
desc security integration INTEGRATION_NAME;
- Get credentials for your security integration by executing
select SYSTEM$SHOW_OAUTH_CLIENT_SECRETS( 'INTEGRATION_NAME' );. Enter the Client Id and Client Secret in the integration configuration screen.
4. Create a new user/role with required privileges.
- Resmo uses SHOW commands to gather resources from the Snowflake system. The credentials provided to Resmo must be configured with the read permissions required to perform these commands.
- Example: role with MANAGE GRANTS global privilege
grant manage grants on account to ROLE_NAME;
- The user must be granted this role.
5. Enter the role name in the integration configuration screen on Resmo.
6. Enter the account URL to the Account Url field in the integration configuration screen.
7. Hit the create button, and you'll be redirected to Snowflake. Accept permissions.
8. You are ready to run queries.
- 1.Go to your Resmo Integrations page.
2. Click the Snowflake integration you wish to remove.
3. You have two options. To temporarily pause the integration click the Disable button; to permanently uninstall it, click the Delete button.
4. Optionally, you can remove your oAuth token after uninstalling the integration permanently. Follow instructions here.
If you have any questions or issues regarding the Snowflake integration, feel free to contact us via live chat or email us at [email protected]