You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/purview/register-scan-snowflake.md
+7-3Lines changed: 7 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -44,14 +44,16 @@ When scanning Snowflake, Purview supports:
44
44
45
45
### Required permissions for scan
46
46
47
-
Azure Purview supports basic authentication (username and password) for scanning Snowflake. The default role of the given user will be used. The Snowflake user must have read access to system tables in order to access advanced metadata. Here is a sample walkthrough to set up the permission. If you choose to use an existing user, make sure it has adequate rights.
47
+
Azure Purview supports basic authentication (username and password) for scanning Snowflake. The default role of the given user will be used to perform the scan. The Snowflake user must have usage rights on a warehouse and the database(s) to be scanned, and read access to system tables in order to access advanced metadata.
48
+
49
+
Here is a sample walkthrough to create a user specifically for Purview scan and set up the permissions. If you choose to use an existing user, make sure it has adequate rights to the warehouse and database objects.
48
50
49
51
1. Set up a `purview_reader` role. You will need _ACCOUNTADMIN_ rights to do this.
50
52
51
53
```sql
52
54
USE ROLE ACCOUNTADMIN;
53
55
54
-
--create role to allow read only access - this will later be assigned to the purview USER
56
+
--create role to allow read only access - this will later be assigned to the Purview user
55
57
CREATE OR REPLACE ROLE purview_reader;
56
58
57
59
--make sysadmin the parent role
@@ -75,7 +77,7 @@ Azure Purview supports basic authentication (username and password) for scanning
75
77
GRANT USAGE ON WAREHOUSE purview_wh TO ROLE purview_reader;
76
78
```
77
79
78
-
3. Create a USER`purview` for Purview scan.
80
+
3. Create a user`purview` for Purview scan.
79
81
80
82
```sql
81
83
CREATE OR REPLACEUSERpurview
@@ -91,6 +93,8 @@ Azure Purview supports basic authentication (username and password) for scanning
91
93
4. Grant reader rights to the database objects.
92
94
93
95
```sql
96
+
GRANT USAGE ON DATABASE <your_database_name> TO purview_reader;
97
+
94
98
--grant reader access to all the database structures that purview can currently scan
95
99
GRANT USAGE ON ALL SCHEMAS IN DATABASE <your_database_name> TO role purview_reader;
96
100
GRANT USAGE ON ALL FUNCTIONS IN DATABASE <your_database_name> TO role purview_reader;
0 commit comments