Immuta - Snowflake integration overview

The integration architecture

  1. Immuta-Snowflake is a policy-push native integration. The creates an Immuta integration database in the Snowflake data warehouse.

  2. Datasources and tables ingested to Immuta - manual, auto, API, or through schema-monitoring

  3. Snowflake policy objects are ADD or SET to tables when impacted by Immuta policies. Immuta subscription policy creates prefix_POLICY_xxxx and prefix_USER_username roles which are then granted to users for table access.

Immuta-Snowflake Integration highlevel checklist reviews:

  • PrivateLink between Immuta SaaS tenant and Snowflake accounts. More details here.

  • Review Enhanced Onboarding for Snowflake datasources. More detail here.

  • Snowflake Permissions required. Also, Integration Approach: Automated or Manual. More details here.

  • Snowflake tags as data catalog. More details here.

  • Review TableGrants and LowRAP(row-access-policy objects). More details on TableGrants and LowRAP.

  • Review Snowflake Query Audit feature. More details here.

  • Review Snowflake warehouse sizing criteria and consideration. More details here.

  • Review schema monitoring or object sync - depending on the integration approach. More details here: schema monitoring and object sync for enhanced onboarding.

NextSnowflake Minimum Permissions needed to run Immuta SQL script for the integration

Last updated