Snowflake Capabilities
Last updated: October 8, 2024
After this article...
You'll understand the capabilities our Snowflake integration provides, and how Lumos interacts with the Snowflake API.
View users
The mapping between Snowflake user statuses and Lumos user account statuses is below.
Snowflake User Status | Lumos Account Status |
not disabled | Active |
disabled | Suspended |
deleted (Snowflake no longer returns a user) | Deprovisioned |
Snowflake API endpoint: https://docs.snowflake.com/en/sql-reference/sql/show-users (we look at the DISABLED field for the user's status)
We execute the following call.
SHOW USERS;View a user's entitlements
Lumos can retrieve the following user entitlements from Snowflake.
Role - The user's default role in Snowflake.
Snowflake API endpoints:
Role: https://docs.snowflake.com/en/sql-reference/sql/show-users (we look at the default_role field for the user's role)
We execute the following call to get users and retrieve the entitlements from the user detail.
SHOW USERS;Suspend a user
AppStore | Offboarding | Access Reviews | License Management |
N/A | ✅ | ✅ | ✅ |
In Lumos, suspending a Snowflake user marks their Account Status as "Suspended".
In Snowflake, this action disables the user. This prevents them from logging into Snowflake.
This action does not reclaim a license in Snowflake.
Snowflake API endpoint: https://docs.snowflake.com/en/sql-reference/sql/alter-user
We run the following command.
ALTER USER {SNOWFLAKE_USER_ID} SET DISABLED=TRUE;Deprovision a user
AppStore | Offboarding | Access Reviews | License Management |
N/A | ✅ | ✅ | ✅ |
In Lumos, deprovisioning a Snowflake user marks their Account Status as "Deprovisioned".
In Snowflake, this action permanently deletes the user from Snowflake. When you drop a user, the worksheets and dashboards owned by that user are also removed.
This action reclaims a license in Snowflake.
Snowflake API endpoint: https://docs.snowflake.com/en/sql-reference/sql/drop-user
We run the following command.
DROP USER IF EXISTS {SNOWFLAKE_USER_ID};