Automating your Data types discovery and privacy requests fulfillment by integrating MineOS to Snowflake
This integration allows you to automate data types and delete & copy requests for Snowflake
Before you start
- Make sure your MineOS plan supports integrations.
- Make sure you have sufficient permissions to create an api key - Account Admin permissions
Setting up
To connect the Snowflake integration, follow the steps below:
- On the left sidebar, click Data Inventory and then Data Sources
- Click on Add data source
- Select Snowflake from the catalog, then enter the Snowflake page from your data sources list
- In the RequestHandling tab, check the Handle this data source in privacy requests or check the Use source in Content Discovery checkbox and choose the Integration handling style
- Create a custom user and role for the integration:
-
From your Snowflake account admin, go to Worksheets
-
Open a new worksheet and run each of the following commands (Separately. with the saymine user and password as you chose):
-
use role accountadmin;
CREATE ROLE SAYMINE;
CREATE USER <saymineUser>
PASSWORD = '<sayminePassword>'
LOGIN_NAME = <saymineUser>
GRANT ROLE SAYMINE TO USER <saymineUser>;
grant usage on database <my_db> to role SAYMINE;
grant usage on schema <my_db>.<my_schema> to role SAYMINE;
grant monitor on warehouse <warehouse_name> to role SAYMINE;
grant usage on warehouse COMPUTE_WH to role SAYMINE;
grant select on all tables in schema <my_db>.<my_schema> to role SAYMINE;
grant delete on all tables in schema <my_db>.<my_schema> to role SAYMINE;
6. Or do the following instead:
-
- Create a new role named “SAYMINE” (Note: the role MUST have this exact name).
- Create a new user for the integration, and grant with the role SAYMINE
- Grant ‘usage’ for the required database to the role SAYMINE
- Grant ‘usage’ for the required schema to the role SAYMINE
- Grant 'monitor' for the required warehouse to role SAYMINE;
- Grant 'usage' for the required warehouse to role SAYMINE;
-
- Grant ‘select’ and ‘delete’ on the required tables to the role SAYMINE
User and Account Details
- Under User Details: Insert your new Snowflake username & password in the following format:
username;password
- Under Account Details: Insert your Account Identifier, Region, and Warehouse in the following format:
accountIdentifier;region;warehouse
For more information on how to find your account identifier, please read here.
- Under Preview/Copy/Delete Query: Add a SQL query in the format as shown below at "DSR Queries", The queries are mandatory!
Content Discovery
When using Content Discovery for your tables data, you need to make sure you have given the snowflake user the required permissions to your relevant tables.
Upon content discovery we will scan your tables, and analyze each row's data in our PII Processing Engine. These scan results will be added to the data types of your integration general info.
DSR Queries
To manage your DSR handling actions, you need to define the queries that will run in Snowflake for each possible action:
Note: The queries you use won't be validated. You should run them in your Snowflake account to make sure they are running as expected
Preview Query
The Preview query will be used when opening the ticket processing screen and is responsible for showing how many records were found as well as showing a sample (preview) of the data.
Example Query:
SELECT name, age, country FROM db.schema.table WHERE NAME = {{endUserEmail}}
* Preview will return the count of the number of records returned in the query response
* Preview will show the first 3 values from the query response, it supports strings and long types
* The variable is mandatory
Copy Query
The Copy query will be used for the Copy action. Copy action is running on the ticket processing page in ticket of type Copy when clicking on Generate Copy
Example Query:
SELECT * FROM db.schema.table WHERE NAME = {{endUserEmail}}
* Copy will show all records returned in the query response
* The variable is mandatory
Delete Query
The Delete query will be used for the Delete action. Delete action is running on the ticket processing page in ticket of type Deletion when clicking on Delete from X sources
Example Query:
DELETE FROM db.schema.table WHERE NAME = {{endUserEmail}}
* The variable is mandatory
Paste the details and queries in the Request handling tab in the correct inputs and click Save.
What's next?
Read more about the deletion process using integrations here.
Read more about the get a copy process using integrations here.
Talk to us if you need any help with Integrations via our chat or at portal@saymine.com, and we'll be happy to assist!🙂