P0 App Documentation
Sign up for FreeSandbox
  • What Is P0?
    • πŸŽ›οΈIAM Dashboard
    • πŸ”ŽAccess Inventory
    • πŸͺ‘IAM Posture
    • ⏱️Just-In-Time Access
    • ♻️Service-Account Key Rotation
  • Getting Started
    • ⬇️Quick Start
    • 🎁Share P0 With Your Team
  • INVENTORY
    • πŸ—ΊοΈAccess Inventory
    • πŸ”¬Result Details
    • ❔Query Search
      • πŸ“–Search Reference
  • Posture
    • βš–οΈPosture Overview
  • Monitor Results
  • πŸ€”Finding Details
  • ORCHESTRATION
    • ⏰Just-in-time access
      • πŸ–οΈRequesting Access
        • πŸ‘‰For Another Party
      • 🏁Approving Access
        • Pre-approving Access
      • πŸ”€Request Routing
        • Google Cloud Filtering
        • AWS Filtering
  • Environments
    • ☁️Creating an Environment
    • πŸ““Environment Terminology
    • βš™οΈSettings
  • Integrations
    • πŸ“žNotifier integrations
      • πŸ’¬Slack
      • πŸ‘¬Microsoft Teams
      • πŸ“£Custom Notifier
    • πŸ”‘Resource integrations
      • ☁️Google Cloud
        • Requesting Access
        • Permissions Reference
          • Cloud Storage
          • Compute Engine
      • πŸ“¦AWS
        • Requesting Access
      • ☸️Kubernetes
        • Requesting Access
        • Advanced Requests
      • πŸ”‹PostgreSQL
        • Requesting Access
      • ❄️Snowflake
      • πŸ–₯️SSH
      • GitHub
        • Requesting Access
      • πŸ› οΈCustom Resource
    • πŸ‘₯Directory integrations
      • Microsoft Entra ID
        • Requesting Access
      • Google Workspace
      • Integrate P0 with Okta
    • βœ”οΈApproval integrations
      • πŸ””PagerDuty
    • πŸ”ŒSIEM Integrations
      • Splunk HEC Setup
  • P0 Management
    • 🎩Role-Based Access Control
Powered by GitBook
On this page
  • Before you begin
  • Setting up Snowflake
  • Configuring Snowflake
  1. Integrations
  2. Resource integrations

Snowflake

Last updated 7 months ago

Installing P0 on Snowflake takes about five minutes.

Before you begin

You'll need privileges to create users and roles, manage grants, and create databases, shemata, and procedures. You can gain these privileges via the ACCOUNTADMIN role.

Setting up Snowflake

  1. Navigate to "Integrations" on , then select "Snowflake". Select "IAM management" from the list of available components:

  1. Click "Add Account":

  1. Enter your Snowflake account identifier, then click "Next":

  1. You'll see a list of SQL commands to run on your Snowflake account. Create a worksheet in the account, run this SQL in the worksheet, then click "Next":

Configuring Snowflake

  1. Choose a default warehouse for generated roles. When P0 creates a role, it will grant access to run queries on this warehouse. You can leave this blank, but users will need to manually specify a warehouse for each request.

  2. Choose how users are provisioned in the account:

    1. If users are manually provisioned, and their email address appears in the user object's EMAIL column, choose "Manually, with email in EMAIL".

    2. If users are manually provisioned, and their email address appears in the user object's LOGIN_NAME column, choose "Manually, with email in LOGIN_NAME".

    3. If users are provisioned via SCIM, choose the "By SCIM via membership in ..." option corresponding to the directory group that is used to provision users. When choosing this option, P0 will dynamically provision users in Snowflake as access is needed, and remove them when they no longer need access.

SCIM provisioning only works with the Okta directory.

That's it. You're ready to make least-privileged, just-in-time requests with Snowflake using p0!

Select your desired configuration options and then click "Finish" to complete the installation. See below for more information about these settings:

πŸ”‘
❄️
Configuring Snowflake
p0.app