About this task
This topic provides instructions for obtaining the connection values for the Snowflake connector.
Procedure
To obtain the connection values (Database, Schema,
Warehouse, and Role) for Snowflake and to connect to App Connect, complete the following steps:
-
Log in to your Snowflake account.
- To find your database and schema name (MLTS and BASIC
OAUTH), complete the following steps:
- On the left sidebar, go to
. Choose the
database that you want to use from the list, and then copy the name of your database.
- Click the database that you have chosen earlier, then select the Schemas
tab to view the list of schema names.
- Choose the schema that you want to use from the list, and then copy the name of your
schema.
- To find your warehouse name (MLTS and BASIC
OAUTH), complete the following steps:
- On the left sidebar, go to
.
- Choose a warehouse that you want to use from the list or create a new warehouse, and then copy
the name of your warehouse.
- To find your role (MLTS and BASIC OAUTH),
complete the following steps:
- On the left sidebar, go to .
- Click the Roles tab to view the list of applicable roles, and then copy
the role name that you would like to use.
- To obtain the private key (MLTS), complete the following
steps:
- Open a terminal window and run one of the following commands to generate the private
key.
- To generate an encrypted version of the private key, run the following
command:
openssl genrsa 2048 | openssl pkcs8 -topk8 -v2 des3 -inform PEM -out rsa_key.p8
- To generate an unencrypted version of the private key, run the following
command:
openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt
The
commands generate a private key in stringified PEM format.
For example,
-----BEGIN PRIVATE KEY-----\nMIIEvQIBAHDANBgkqh...\n-----END PRIVATE KEY-----
Note: Snowflake supports cryptographic keys that are
created with the following algorithms:
-
RSA digital signature algorithms RS256, RS384, and RS512.
-
Elliptic Curve Digital Signature Algorithms (ECDSA) algorithms ES256(P-256), ES384
(P-384), and ES512 (P-512).
For detailed instructions on generating private keys, see
Generate the private keys on the
Snowflake documentation page.
- To generate a public key at the same location as the private key, run the
following command. Snowflake uses the public key to verify the
signature that the private key creates and confirms the user identity.
openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub
Note: The preceding command assumes that the private key is encrypted and is stored in a file named
rsa_key.p8.
- To assign the public key to a Snowflake user,
complete the following steps:
Important: Before you assign the public key, the user must have access to one of the
following roles or privileges:
- The MODIFY PROGRAMMATIC AUTHENTICATION METHODS or OWNERSHIP privilege on the user.
- The SECURITYADMIN role or higher.
To know more about the roles and privileges to assign the public key to a Snowflake user, see
Grant the privilege to assign a public key to a Snowflake user
on the
Snowflake documentation page.
- Log in to your Snowflake account.
- Go to My Workspace, and then select a
Scratchpad.
- To set the RSA_PUBLIC_KEY property of the user, run the following command on the
scratchpad:
ALTER USER example_user SET RSA_PUBLIC_KEY='<public key>';
Note: Replace
<public key> with your public key value. To obtain the public key, see step
6.
- Optional: If you have already connected your Snowflake account to App Connect
through BASIC OAUTH, you can assign the public key to a Snowflake user using
the following steps.
- Log in to App Connect Designer, and then open the Snowflake
Execute custom SQL query action.
- Run the following command on the Custom SQL string field:
ALTER USER example_user SET RSA_PUBLIC_KEY='<public key>';
Note: Replace
<public key> with your public key value. To obtain the public key,
see step
6.