This document describes how to integrate the Rezonate product with Snowflake, which provides IAM observability to users, groups, roles, and resources as well as detection of different security risks and threats.

Integration Steps (In Snowflake Side)

To integrate, please log-in with a privileged user and perform the following actions

1. Create a new role for Rezonate integration

CREATE ROLE rezonate_integration
   COMMENT = 'Rezonate Integration Role';

2. Create a new role for Rezonate to log in through to utilize the role. Please replace the PLEASE-PLEASE-PUT-YOUR-PASSWORD-HERE With a random string that will be used as the password.

CREATE OR REPLACE USER rezonate_integration_user
   DISABLED = false
   MUST_CHANGE_PASSWORD = false
   DEFAULT_ROLE = rezonate_integration
   COMMENT ='rezonate_integration_user'
   LOGIN_NAME = 'rezonate_integration_user'
   PASSWORD = 'PLEASE-PUT-YOUR-PASSWORD-HERE'

3. Grant Rezonate the privileges to query against the information metadata db

GRANT imported privileges on database snowflake to role rezonate_integration;   

4. Grant Rezonate the privileges to "USAGE" a warehouse in the database. please replace $WAREHOUSE_NAME_HERE$ with one of the warehouses in the database.

GRANT USAGE ON WAREHOUSE $WAREHOUSE_NAME_HERE$ TO ROLE rezonate_integration;

5. Grant Rezonate with the ability to use the Rezonate role

GRANT ROLE rezonate_integration TO USER rezonate_integration_user

6. You will also need to provide the URL for your tenant ID. To extract its value please go to settings, tenant information and then click on the "Copy link" to show your URL

Integration of the Creation user to Rezonate

After creating the required privileges, go to the Rezonate integration screen. select Snowflake and fill in the following information: