Snowflake Component
Snowflake is a cloud data platform. Use the Snowflake component to access and update data in a Snowflake Database.
Component key: snowflake
Description
Snowflake is a cloud data platform. Use the Snowflake component to access and update data in a Snowflake Database.
Connections
Snowflake Key Pair Authentication
Set up key-pair authentication. For more information refer to the following guide.
As part of this process, you must:
- Generate a public-private key pair. The generated private key should be in a file (e.g. named rsa_key.p8).
- Assign the public key to your Snowflake user. After you assign the key to the user, run the DESCRIBE USER command. In the output, the RSA_PUBLIC_KEY_FP property should be set to the fingerprint of the public key assigned to the user.
| Input | Notes | Example |
|---|---|---|
| Account Identifier | You can find the account identifier in the organization's account panel https://docs.snowflake.com/en/user-guide/admin-account-identifier | |
| Passphrase | The passphrase for the provided private key (Required). | |
| Private Key | The private key for the Snowflake Key Pair Authentication. | |
| Snowflake Username | Your Snowflake username. | MY_ACCOUNT.API_DEMO_USER |
Snowflake OAuth 2.0
Snowflake will use OAuth 2.0 for authentication and making API calls on behalf of customers.
Follow these steps to set up an OAuth integration on your snowflake. More information for these steps can be found here https://docs.snowflake.com/en/user-guide/oauth-custom
- Login to Snowflake and create a worksheet to set a new integration.
- Create a new security integration by copying the following SQL statement into Snowflake and selecting the Play button at the top right of the screen. Make sure to change the
INTEGRATIONNAMEto something you will remember
CREATE SECURITY INTEGRATION
INTEGRATIONNAME
TYPE = OAUTH
OAUTH_CLIENT = CUSTOM
OAUTH_REDIRECT_URI = 'https://oauth2.your-domain.com/callback'
OAUTH_CLIENT_TYPE = 'PUBLIC'
- Run The following SQL statement to get your Auth URL, Token URL, and Client ID. Change
INTEGRATIONNAMEto the name you used during the create statement.
DESCRIBE INTEGRATION INTEGRATIONNAME
-
Run the following SQL statement to get your Client Secret.
a. Its important that you use the secret listed as AUTH_CLIENT_SECRET from the return
SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('INTEGRATIONNAME')
- Run the following SQL statement to enable the Integration.
ALTER SECURITY INTEGRATION INTEGRATIONNAME SET ENABLED = TRUE
-
Enter your Authorization URL, Token URL, Client ID, and Client Secret.
a. Once attempting to authenticate its important to note that users with the roles of
ACCOUNTADMIN,SECURITYADMIN, andORGADMINwill receive an “invalid consent request error” message as snowflake blocks these roles by default. We suggest authenticating with a different user without these roles assigned.
| Input | Notes | Example |
|---|---|---|
| Authorize URL | The OAuth 2.0 Authorization URL for the API | |
| Client ID | Client Identifier of your app for the API | |
| Client Secret | Client Secret of your app for the API | |
| Headers | Additional header to supply to authorization requests | |
| Scopes | Space separated OAuth 2.0 permission scopes for the API | |
| Token URL | The OAuth 2.0 Token URL for the API |
Actions
Execute SQL
Executes one or more SQL statements in your Snowflake DB. | key: executeSql
| Input | Notes | Example |
|---|---|---|
| Account Locator | You can find the account locator in the organization's account panel or https://docs.snowflake.com/en/user-guide/admin-account-identifier#finding-the-region-and-locator-for-an-account | xy12345 |
| Bindings | Values of bind variables in the SQL statement. Bindings should have this format: | |
| Database | Database in which the statement should be executed. | TESTDB |
| Debug Request | Enabling this flag will log out the current request. | false |
| Number of statements to execute | 0 Indicates that a variable number of statements can be included in the request. | 1 |
| Parameters | Session parameters that you want to set for this request. Parameters should have this format: | |
| Role | Role to use when executing the statement. | TESTROLE |
| Schema | Schema in which the statement should be executed. | TESTSCHEMA |
| Poll for asynchronous results | If true, action will handle polling for results on queries that take > 45 seconds to execute, If false, action will return immediately after executing the query. | |
| Connection | ||
| Snowflake Identifier URL | The Snowflake URL for you account. Has to have the format: https://<account-name>.snowflakecomputing.com | https://myorg-account123.snowflakecomputing.com |
| SQL statements to run | ||
| Timeout | Timeout in seconds for statement execution. If the execution of a statement takes longer than the specified timeout, the execution is automatically canceled. | 60 |
| Warehouse | Warehouse to use when executing the statement. | TESTWH |
Get Statement Handle
Retrieve the current status of a executed statement from Snowflake. | key: getStatementHandle
| Input | Notes | Example |
|---|---|---|
| Account Locator | You can find the account locator in the organization's account panel or https://docs.snowflake.com/en/user-guide/admin-account-identifier#finding-the-region-and-locator-for-an-account | xy12345 |
| Debug Request | Enabling this flag will log out the current request. | false |
| Partition | The partition number to retrieve. | 1 |
| Connection | ||
| Snowflake Identifier URL | The Snowflake URL for you account. Has to have the format: https://<account-name>.snowflakecomputing.com | https://myorg-account123.snowflakecomputing.com |
| Statement Handle ID | The ID of the statement handle. | 01234567-89ab-cdef-0123-456789abcdef |