Assign user role to SSO users #103
-
Hi, My company has SSO configured with Snowflake. How should we manage the user permission in SnowDDL? Obviously we don't really want to store plain passwords as mentioned in the following document. Can we basically just specify the user name and the roles being assigned? Thanks for creating SnowDDL! This looks like a much better RBAC management solution for Snowflake than Terraform. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
Currently I have one org which uses SnowDDL on account with activated SSO. Once you configure SECURITY INTEGRATION, you can simply add new users like this: john_doe:
login_name: "john_doe@myorg.com"
first_name: "John"
last_name: "Doe"
email: "john_doe@myorg.com"
business_roles:
- finance_analyst
- ml_engineer As far as I know, setting Terraform is really good for managing infra, but definitely not for objects in Snowflake. At some point I had no choice but to open source SnowDDL, since it was too difficult to manage large accounts. |
Beta Was this translation helpful? Give feedback.
Currently I have one org which uses SnowDDL on account with activated SSO.
Once you configure SECURITY INTEGRATION, you can simply add new users like this:
As far as I know, setting
login_name
for user is enough to make things work.Terraform is really good for managing infra, but definitely not for objects in Snowflake. At some point I had no choice but to open source SnowDDL, since it was too difficult to manage large accounts.