Skip to content

You are viewing documentation for Immuta version 2023.1.

For the latest version, view our documentation for Immuta SaaS or the latest self-hosted version.

cancel

Snowflake Project Workspaces Pre-Configuration Details

Audience: Project members

Content Summary: This page outlines prerequisites and provides an overview of the integration process for Snowflake project workspaces.

See the Overview page for information on the utility of project workspaces and the Configuration page for installation instructions.

Prerequisites

Project Workspace Workflow

  1. An Immuta User with the CREATE_PROJECT permission creates a new project with Snowflake data sources.

  2. The Immuta Project Owner enables Project Equalization which balances every Project Members’ access to the data to be the same.

  3. The Immuta Project Owner creates a Snowflake Project Workspace which automatically generates a subfolder in the root path specified by the Application Admin and remote database associated with the project.

  4. Project members can access data sources within the project and use WRITE to create derived tables. To ensure equalization, users will only see data sources within their project as long as they are working in the Snowflake Context.

  5. The CREATE_DATA_SOURCE_IN_PROJECT permission is given to specific users so they can expose their derived tables in the Immuta project; the derived tables will inherit the policies, and then the data can be shared outside the project.

  6. If a project member leaves a project or a project is deleted, that Snowflake Context will be removed from the user's Snowflake account.

Root Directory Details

  • Immuta only supports a single root location, so all projects will write to a subdirectory under this single root location.

  • If an administrator changes the default directory, the Immuta user must have full access to that directory. Once any workspace is created, this directory can no longer be modified.