Categories: Book ReviewSnowflake

Book Review – Snowflake Security

When I was working with Snowflake on a project, it seemed security (assigning roles to users, assigning permissions etc.) is not as straight forward as it is in SQL Server. That’s why I bought the book Snowflake Security – Securing Your Snowflake Data Cloud, written by Ben Herzberg and Yoav Cohen, and published by Apress. The book itself is quite short – it is quite a niche topic – as it is only 185 pages long. This makes it quite digestible. I enjoyed the book, but in my opinion the chapter on authorization & data access control was a bit too theoretical and not enough practical. Since authorization was the exact reason I bought the book for, I would have liked more detailed examples on how to set-up a role hierarchy in Snowflake.

Anyway, the book is still practical and talks about many aspects of security in Snowflake. It talks about infrastructure (for example the different editions of Snowflake and time-travel), encryption, authentication (how to set up integration with Azure AD for example, or how to use MFA), authorization (again, a bit too theoretical about different access control methods), auditing & monitoring (a great long chapter with many examples queries on how to use the different system views and functions), data sharing and a final chapter about how you can use Snowflake to analyze security data.

I would definitely recommend the book for anyone who is going to be the “Snowflake DBA” at their company. You’ll learn many things about the different security aspects of Snowflake, and the book contains good example queries and even some tips on how to create a dashboard in Snowsight.


------------------------------------------------
Do you like this blog post? You can thank me by buying me a beer 🙂
Koen Verbeeck

Koen Verbeeck is a Microsoft Business Intelligence consultant at AE, helping clients to get insight in their data. Koen has a comprehensive knowledge of the SQL Server BI stack, with a particular love for Integration Services. He's also a speaker at various conferences.

View Comments

  • I would recommend the Snowflake DBA training class too. The security model is really not unlike SQL Server with one exception - all objects are owned by roles, not users. It actually makes security simpler for the DBA. Roles serve two purposes: to aggregate permission, and aggregate users. The latter purpose is similar to what we do with AD groups.

Recent Posts

Free webinar – Tackling the Gaps and Islands Problem with T-SQL Window Functions

I'm hosting a free webinar at MSSQLTips.com at the 19th of December 2024, 6PM UTC.…

5 days ago

dataMinds Connect 2024 – Session Materials

The slides and scripts for my session "Tackling the Gaps & Islands Problem with T-SQL…

4 weeks ago

Connect to Power BI as a Guest User in another Tenant

Sometimes your Microsoft Entra ID account (formerly known as Azure Active Directory) is added as…

2 months ago

How to use a Script Activity in ADF as a Lookup

In Azure Data Factory (ADF, but also Synapse Pipelines and Fabric Pipelines), you have a…

4 months ago

Database Build Error – Incorrect syntax near DISTINCT

I wrote a piece of SQL that had some new T-SQL syntax in it: IS…

4 months ago

Speaking at dataMinds Connect 2024

I'm very excited to announce I've been selected as a speaker for dataMinds Connect 2024,…

5 months ago