To enable usage of Solvimon’s data seamlessly in your Snowflake instance. This page describes the steps necessary to connect your Snowflake instance to Solvimon for data exporting.

Getting started

Requirements

The following access is required for us to set-up a connection from your Snowflake instance to Solvimon.

• A Snowflake account with the ACCOUNTADMIN role. If you don’t have an account with the ACCOUNTADMIN role, contact your Snowflake administrator to set one up for you.
• If enforcing a network policy, allow Solvimon’s IP addresses to interact with your Snowflake instance.

Step 1: Create dedicated role, user, warehouse and database

This step will ensure granular control and separates Solvimon’s data from your own data. By executing the script below, this will automatically set-up a new user and warehouse that can be used for the data exports.

📘 Using an existing warehouse.

By default the script creates a new warehouse and database. This ensures granular controls on the data export process. If you’d prefer to use an existing warehouse, change the solvimon_warehouse variable from SOLVIMON_WAREHOUSE to the name of the warehouse to be shared. In case of an existing database change the solvimon_database variable from SOLVIMON_WAREHOUSE to the name of the database to be shared.

When running the script below, make sure you edit the password ({PASSWORD}) with a secure password. Note that special characters should not be used in the password. We recommend to exclusively use alphanumeric characters in the password.

1
-- set variables (these need to be uppercase)
2
set solvimon_role = 'SOLVIMON_ROLE';
3
set solvimon_username = 'SOLVIMON_USER';
4
set solvimon_warehouse = 'SOLVIMON_WAREHOUSE';
5
set solvimon_database = 'SOLVIMON_DATABASE';
6
set solvimon_schema = 'SOLVIMON_SCHEMA';
7
8
-- set user password
9
set solvimon_password = '{PASSWORD}';
10
11
begin;
12
13
-- create Solvimon Export role
14
use role securityadmin;
15
create role if not exists identifier($solvimon_role);
16
grant role identifier($solvimon_role) to role SYSADMIN;
17
18
-- create Solvimon Export user
19
create user if not exists identifier($solvimon_username)
20
password = $solvimon_password
21
default_role = $solvimon_role
22
default_warehouse = $solvimon_warehouse;
23
24
grant role identifier($solvimon_role) to user identifier($solvimon_username);
25
26
-- change role to sysadmin for warehouse / database steps
27
use role sysadmin;
28
29
-- create Solvimon Export warehouse
30
create warehouse if not exists identifier($solvimon_warehouse)
31
warehouse_size = xsmall
32
warehouse_type = standard
33
auto_suspend = 60
34
auto_resume = true
35
initially_suspended = true;
36
37
-- create Solvimon Export database
38
create database if not exists identifier($solvimon_database);
39
40
-- grant Solvimon Export warehouse access
41
grant USAGE
42
on warehouse identifier($solvimon_warehouse)
43
to role identifier($solvimon_role);
44
45
-- grant Solvimon Export database access
46
grant OWNERSHIP
47
on database identifier($solvimon_database)
48
to role identifier($solvimon_role);
49
50
commit;
51
52
begin;
53
54
USE DATABASE identifier($solvimon_database);
55
56
-- create schema for Solvimon Export data
57
CREATE SCHEMA IF NOT EXISTS identifier($solvimon_schema);
58
59
commit;
60
61
begin;
62
63
-- grant Solvimon Export schema access
64
grant OWNERSHIP
65
on schema identifier($solvimon_schema)
66
to role identifier($solvimon_role);
67
68
commit;

👍 Successful query execution

In your Snowflake interface, select the All Queries checkbox, and click Run. This will run every query in the script at once. If successful, you will see Statement executed successfully in the query results.

You can limit this grant down to specific schemas instead of the whole database. Note that to replicate data from multiple Snowflake databases, you can re-run the command above to grant access to all the relevant schemas.

Step 2: Authentication

We support two ways of authenticating:

• Username and Password
• OAuth2.0

Username and Password

This is the default authentication option. In this case we will use the username and password generated in Step 1 or a user created by you with the required access.

OAuth2.0

When using OAuth2.0 instead of sharing a username and password you will need to share the client ID (Client ID of your Snowflake developer application) and the client secret (Client Secret of your Snowflake developer application). Optionally you can also share the access and refresh token. For more information you can use this guide to generate the client ID and secret.

Step 3: Set network policies

This step is optional and only required if you are actively denying external access to you Snowflake instance. By default, Snowflake allows users to connect to the service from any computer or device IP address. A security administrator (i.e. users with the SECURITYADMIN role) or higher can create a network policy to allow or deny access to a single IP address or a list of addresses.

In case you actively deny external access you will need to add Solvimon’s IP addresses to the accepted list. Please reach out to us to receive the relevant static IP addresses that should be whitelisted.

Check network policies

To determine whether a network policy is set on your account or for a specific user, execute the SHOW PARAMETERS command (make sure you replace with the relevant username in the User example):

Account

1
SHOW PARAMETERS LIKE 'network_policy' IN ACCOUNT;

User

1
SHOW PARAMETERS LIKE 'network_policy' IN USER {USERNAME};

Step 4: Share the relevant information with Solvimon

Please confidently share the following information with us:

As soon as we receive this information we will reach out and work with you directly to set-up the relevant data exports.