Skip to content
Datablast Docs

Snowflake

Snowflake Data Warehouse Connection

Section titled “Snowflake Data Warehouse Connection”

Snowflake is a cloud-based data warehouse platform. Datablast connects to Snowflake using your account identifier and user credentials. This guide covers both simple setup for existing users and advanced configuration for administrators.

1. Choose Your Setup Method

Section titled “1. Choose Your Setup Method”

Method 1: Simple Setup (Most Users)

Section titled “Method 1: Simple Setup (Most Users)”

Best for:

  • Users with existing Snowflake access
  • Basic data querying needs
  • Non-administrative users

What you need:

  • Your Snowflake login credentials
  • Account identifier from your admin
  • Access to Snowflake web interface

Method 2: Advanced Setup (Administrators)

Section titled “Method 2: Advanced Setup (Administrators)”

Best for:

  • Setting up new users
  • Key-pair authentication
  • Enterprise security requirements
  • Database administrators

What you need:

  • Administrative access to Snowflake
  • Understanding of user roles and permissions
  • Security policies knowledge

2. Method 1: Simple Setup (Existing Users)

Section titled “2. Method 1: Simple Setup (Existing Users)”

💡 Most Common: If you already log into Snowflake for work, use this method.

Find Your Account Information

Section titled “Find Your Account Information”

  1. Log into Snowflake
    • Go to your company’s Snowflake URL (usually provided by IT)
    • Sign in with your normal username and password

  2. Get Account Identifier
    • In Snowflake web interface, look at the URL bar
    • Your account identifier is in the URL: https://app.snowflake.com/[REGION]/[ACCOUNT]/
    • Or click your profile (top right) → Account to see account details

  3. Note Your Username
    • This is the username you use to log into Snowflake
    • Usually your email or company username

Configure Datablast Connection

Section titled “Configure Datablast Connection”
FieldValueExample
Connection NameFriendly name for this connectionProduction Snowflake
AccountYour Snowflake account identifierxy12345.us-east-1
UserYour Snowflake usernamejohn.doe
PasswordYour Snowflake password••••••••••••
DatabaseDefault database (optional)ANALYTICS_DB
WarehouseDefault warehouse (optional)COMPUTE_WH
RoleYour default role (optional)ANALYST
DescriptionNotes about this connectionMain analytics database

That’s it! Test the connection and you’re ready to use Snowflake with Datablast.

3. Method 2: Advanced Setup (Administrators)

Section titled “3. Method 2: Advanced Setup (Administrators)”

⚠️ For Admins Only: This section requires administrative access and technical knowledge.

Prerequisites

Section titled “Prerequisites”
  1. Administrative Access: USERADMIN or ACCOUNTADMIN role in Snowflake
  2. Security Knowledge: Understanding of Snowflake roles and permissions
  3. Network Access: Ability to configure firewalls and security groups

Find Account Identifier Programmatically

Section titled “Find Account Identifier Programmatically”

Option 1: Using SQL

-- Get your account identifier
SELECT CURRENT_ORGANIZATION_NAME() || '-' || CURRENT_ACCOUNT_NAME() AS ACCOUNT_IDENTIFIER;

Option 2: Using Account URL

  • Legacy format: xy12345.us-east-1.snowflakecomputing.com
  • New format: orgname-accountname.snowflakecomputing.com

Create a Dedicated User for Datablast

Section titled “Create a Dedicated User for Datablast”

Step 1: Create User

-- Create a dedicated user for Datablast
CREATE USER datablast_user
    PASSWORD = 'secure_random_password'
    DEFAULT_ROLE = 'ANALYST'
    DEFAULT_WAREHOUSE = 'DATABLAST_WH'
    DEFAULT_NAMESPACE = 'ANALYTICS_DB.PUBLIC'
    MUST_CHANGE_PASSWORD = FALSE
    COMMENT = 'Service account for Datablast integration';

Step 2: Create or Assign Role

-- Create a custom role (optional)
CREATE ROLE datablast_role;


-- Grant necessary permissions
GRANT USAGE ON WAREHOUSE DATABLAST_WH TO ROLE datablast_role;
GRANT USAGE ON DATABASE ANALYTICS_DB TO ROLE datablast_role;
GRANT USAGE ON SCHEMA ANALYTICS_DB.PUBLIC TO ROLE datablast_role;
GRANT SELECT ON ALL TABLES IN SCHEMA ANALYTICS_DB.PUBLIC TO ROLE datablast_role;


-- Grant role to user
GRANT ROLE datablast_role TO USER datablast_user;

Advanced Authentication Options

Section titled “Advanced Authentication Options”
Click to expand key-pair authentication setup

Key-Pair Authentication (More Secure)

  1. Generate Key Pair:
Terminal window
# Generate private key
openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt


# Generate public key
openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub
  1. Configure User for Key-Pair Auth:
-- Set public key for user
ALTER USER datablast_user SET RSA_PUBLIC_KEY='MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A...';
  1. Configure Datablast:
  • Store private key in secure vault
  • Use key-pair authentication option in Datablast
  • No password required with this method

Network Security Configuration

Section titled “Network Security Configuration”

IP Whitelisting:

-- Allow specific IP ranges (if required)
CREATE NETWORK POLICY datablast_policy
  ALLOWED_IP_LIST = ('203.0.113.0/24', '198.51.100.0/24')
  COMMENT = 'Network policy for Datablast connections';


-- Apply to user
ALTER USER datablast_user SET NETWORK_POLICY = datablast_policy;

4. Testing Your Connection

Section titled “4. Testing Your Connection”

Simple Test (All Users)

Section titled “Simple Test (All Users)”
  1. Save Connection in Datablast
  2. Click Test Connection button
  3. Check Results - should show “Connection Successful”

✅ If successful, you’ll see database and schema information.

Advanced Testing (Administrators)

Section titled “Advanced Testing (Administrators)”
Click to expand SQL testing methods

Test Basic Connectivity:

-- Verify account and user
SELECT CURRENT_ACCOUNT(), CURRENT_USER(), CURRENT_ROLE();


-- Test warehouse access
SELECT CURRENT_WAREHOUSE();


-- List available databases
SHOW DATABASES;

Test Permissions:

-- Verify table access
SELECT COUNT(*) FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_SCHEMA = 'PUBLIC';


-- Test data access
SELECT * FROM your_table_name LIMIT 1;

5. Common Account Identifier Formats

Section titled “5. Common Account Identifier Formats”

Legacy Format (Still Supported)

Section titled “Legacy Format (Still Supported)”
xy12345.us-east-1
xy12345.eu-central-1
xy12345.ap-southeast-2

Modern Organization Format

Section titled “Modern Organization Format”
mycompany-production
mycompany-development
acme-marketing

Finding Your Format

Section titled “Finding Your Format”

In Snowflake Web UI:

  • URL shows account: https://app.snowflake.com/us-east-1/xy12345/
  • Account identifier: xy12345.us-east-1

For Organizations:

  • URL shows: https://app.snowflake.com/mycompany/production/
  • Account identifier: mycompany-production

6. Security Best Practices

Section titled “6. Security Best Practices”

For All Users

Section titled “For All Users”
  • Strong Passwords: Use complex passwords with numbers, symbols, and mixed case
  • Regular Updates: Change passwords according to your company policy
  • Secure Storage: Never share credentials or store them in plain text
  • Network Security: Only connect from trusted networks

For Administrators

Section titled “For Administrators”
Click to expand advanced security practices

User Management:

  • Create dedicated service accounts for integrations
  • Use least privilege principle for role assignments
  • Implement regular access reviews
  • Enable multi-factor authentication where possible

Network Security:

  • Configure network policies to restrict IP access
  • Use private connectivity (AWS PrivateLink, Azure Private Link)
  • Monitor connection logs for unusual activity
  • Implement connection timeout policies

Authentication:

  • Prefer key-pair authentication over passwords for service accounts
  • Rotate keys regularly (every 90 days recommended)
  • Store private keys in secure key management systems
  • Use federated authentication (SAML/OAuth) when available

7. Troubleshooting

Section titled “7. Troubleshooting”

Connection Issues

Section titled “Connection Issues”

Account Not Found:

  • Verify account identifier format and spelling
  • Check if account is in the correct region
  • Confirm organization name (for newer accounts)

Authentication Failed:

  • Double-check username and password
  • Verify user exists and is not suspended
  • Check if password has expired
  • Confirm user has necessary roles

Permission Denied:

  • Verify user has access to warehouse
  • Check database and schema permissions
  • Confirm role has necessary grants
  • Test with a simpler role first

Performance Issues

Section titled “Performance Issues”

Slow Connections:

  • Check network connectivity to Snowflake region
  • Verify warehouse is running and sized appropriately
  • Monitor for resource contention
  • Consider using connection pooling

Query Timeouts:

  • Increase query timeout settings
  • Optimize query performance
  • Check warehouse capacity
  • Monitor concurrent query limits

8. Workspace and Role Configuration

Section titled “8. Workspace and Role Configuration”

Default Settings

Section titled “Default Settings”

When creating your connection, you can specify defaults:

-- Common warehouse options
COMPUTE_WH          -- General purpose
LOAD_WH             -- Data loading
ANALYTICS_WH        -- Analytics workloads


-- Common roles
PUBLIC              -- Basic access
ANALYST             -- Read-only analyst
DEVELOPER           -- Development access
SYSADMIN            -- Administrative access

Best Practices for Defaults

Section titled “Best Practices for Defaults”
  • Warehouse: Use appropriate size for your workload
  • Database: Set to your primary analytics database
  • Schema: Usually ‘PUBLIC’ unless using custom schemas
  • Role: Use least privilege role that meets your needs
Section titled “Useful Links”

Always use dedicated service accounts for automated integrations and follow your organization’s security policies for credential management.