Book Image

Snowflake Cookbook

By : Hamid Mahmood Qureshi, Hammad Sharif
Book Image

Snowflake Cookbook

By: Hamid Mahmood Qureshi, Hammad Sharif

Overview of this book

Snowflake is a unique cloud-based data warehousing platform built from scratch to perform data management on the cloud. This book introduces you to Snowflake's unique architecture, which places it at the forefront of cloud data warehouses. You'll explore the compute model available with Snowflake, and find out how Snowflake allows extensive scaling through the virtual warehouses. You will then learn how to configure a virtual warehouse for optimizing cost and performance. Moving on, you'll get to grips with the data ecosystem and discover how Snowflake integrates with other technologies for staging and loading data. As you progress through the chapters, you will leverage Snowflake's capabilities to process a series of SQL statements using tasks to build data pipelines and find out how you can create modern data solutions and pipelines designed to provide high performance and scalability. You will also get to grips with creating role hierarchies, adding custom roles, and setting default roles for users before covering advanced topics such as data sharing, cloning, and performance optimization. By the end of this Snowflake book, you will be well-versed in Snowflake's architecture for building modern analytical solutions and understand best practices for solving commonly faced problems using practical recipes.
Table of Contents (12 chapters)

Configuring custom roles for managing access to highly secure data

In this recipe, we will explore securing access to highly confidential data through a custom role. We will also explore how we can deny access to specific datasets to even the administrative users.

Getting ready

Before proceeding with this recipe, please ensure that the user you will use can use the SECURITYADMIN role. Note that this recipe's steps can be run in either the Snowflake web UI or the SnowSQL command-line client.

How to do it…

We will create a new custom role and demonstrate how it can be configured to control access to sensitive data:

  1. Let's start by creating the database that will hold the sensitive data. In this database, we will also create a table that contains salary information:
    USE ROLE SYSADMIN;
    CREATE DATABASE sensitive_data;
    CREATE TABLE SALARY
    (
      EMP_ID INTEGER,
      SALARY NUMBER
    );

    You should see the database and the table created successfully...