Rezonate
  • 🏠Home
  • 🚩Platform Tour
    • đŸ‡ģđŸ‡ŗPlatform Dashboard
    • 🆔Identity Analytics
      • đŸĒĒIdentity Centric
      • 🔡Identity By Platform
    • ⚠ī¸Risks & Threats
      • Highlighted ITDR Capabilities
  • ℹī¸How-to Guides
    • ➕Adding Integrations
    • đŸ¤ĻManage Users
    • 🧑‍đŸ’ŧCustomize Exposures
    • 👁ī¸â€đŸ—¨ī¸Querying & Filtering Data
  • 📐Core Integrations
    • Azure Integration
      • Required Privilegees
      • Update Certificate for Existing Installation
    • Okta Integration
      • Okta Integration -Remediation Supported
    • Google Workspace
      • 1-Click Integration
      • Legacy Integration
    • Google Cloud Integration
    • Zoom Integration
    • DocuSign Integration
    • GitHub Integration
      • GitHub Enterprise Expansion
    • AWS Integration
      • AWS - Required Privileges
      • Log Streaming Integration
    • Salesforce Integration
      • Salesforce - Collected Data & Query Volume
    • JAMF Pro Integration
    • CircleCI Integration
    • Auth0 Integration
    • Cloudflare Integration
    • CrowdStrike Integration
      • Integrating Permissions
    • Slack Integration
    • Workday Integration
    • BambooHR Integration
    • Snowflake Integration
    • LastPass Integration
    • SentinelOne integration
    • SAP Cloud Platform Integration
    • GitLab Integration
    • Oracle NetSuite Integration
    • Atlassian Cloud Integration
    • Zendesk Integration
    • HiBob Integration
    • Microsoft Defender Integration
    • Docusign Integration
    • Mongo Atlas Integration
    • Ping Identity One Integration
    • Generic HRIS Integration
  • 📍Notifications & Alerts
    • Slack Integration
    • HTTP Webhook Integration
      • Webhook Alert Example - Saved Search
      • Webhook Alert Example- ITDR
    • Microsoft Teams Integration
    • Torq Integration
    • Email Integration
    • Splunk Integration
    • Datadog Integration
    • PagerDuty Integration
    • Jira Integration
  • 🆘Troubleshooting & Support
    • Collectors IP Ranges
    • Data Processing
      • AWS
      • Azure Active Directory
      • Azure Cloud
      • Google Workspace
    • SSO Integrations
      • SSO Login - Okta
      • SSO Login - AzureAd
  • 📓Legal & Terms
Powered by GitBook
On this page
  • Integration Steps (In Snowflake Side)
  • Integration of the Creation user to Rezonate
  1. Core Integrations

Snowflake Integration

Snowflake Integraiton Guide

This document describes how to integrate the Rezonate product with Snowflake, which provides IAM observability to users, groups, roles, and resources as well as detection of different security risks and threats.

If your Snowflake tenant has an IP Restrictions policy, you will have to whitelist Rezonate's collector IP Address. More information available Collectors IP Ranges

Integration Steps (In Snowflake Side)

To integrate, please log-in with a privileged user and perform the following actions

  1. Create a new role for Rezonate integration

CREATE ROLE rezonate_integration
   COMMENT = 'Rezonate Integration Role';

  1. Create a new role for Rezonate to log in through to utilize the role. Please replace the PLEASE-PLEASE-PUT-YOUR-PASSWORD-HERE With a random string that will be used as the password. 

CREATE OR REPLACE USER rezonate_integration_user
   DISABLED = false
   MUST_CHANGE_PASSWORD = false
   DEFAULT_ROLE = rezonate_integration
   COMMENT ='rezonate_integration_user'
   LOGIN_NAME = 'rezonate_integration_user'
   PASSWORD = 'PLEASE-PUT-YOUR-PASSWORD-HERE'

In case of Certificate based authentication, Execute the following instead

CREATE OR REPLACE USER rezonate_integration_user
   DISABLED = false
   MUST_CHANGE_PASSWORD = false
   DEFAULT_ROLE = rezonate_integration
   COMMENT ='rezonate_integration_user'
   LOGIN_NAME = 'rezonate_integration_user'
   RSA_PUBLIC_KEY='MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5+IBytPTbsKs3ajcn7H
   Mhy5JpmQmiqMWKfiJCa1iFYBnEnOHS/ZzUpkZRXflWoOYGnKyPlqSFOW14EJvec2
   iBODm36nD6z7dFz3q9tBjzjjLRPDWwLSScBkIv5Zx5QzopcNoZDa0FyEe72Jk99+
   e5Xxr+Hy+zmX3+/Fv0HPbWmG6IQXCN6V1uLY5B4V2xo0PFDFUw7pnGzYTQhmn3VT
   +SJEJ9i3FY6ZPcjUjfz1UP+v1KJO7ZbQANqHLwDMv5j0ETvRNdj6MtAjRo9kwZl1
   PIXFbRYYtFAo2nf+qqmOtQc7NSqgT+uKcfnFjzyt9Salzf3ISSu2r6XXOh8+cBUg
   KwIDAQAB'

  1. Grant Rezonate the privileges to query against the information metadata db

GRANT imported privileges on database snowflake to role rezonate_integration;

  1. Grant Rezonate the privileges to "USAGE" a warehouse in the database. please replace $WAREHOUSE_NAME_HERE$ with one of the warehouses in the database.

GRANT USAGE ON WAREHOUSE $WAREHOUSE_NAME_HERE$ TO ROLE rezonate_integration;

  1. Grant Monitor Access (To support querying federation information and security settings)

USE DATABASE SNOWFLAKE;
GRANT MONITOR ON ACCOUNT TO  ROLE rezonate_integration;
GRANT APPLICATION ROLE TRUST_CENTER_VIEWER TO ROLE rezonate_integration;

  1. Grant Rezonate with the ability to use the Rezonate role

GRANT ROLE rezonate_integration TO USER rezonate_integration_user

  1. You will also need to provide the URL for your tenant ID. To extract its value please go to settings, tenant information and then click on the "Copy link" to show your URL

Integration of the Creation user to Rezonate

After creating the required privileges, go to the Rezonate integration screen. select Snowflake and fill in the following information:

Required Property
Value

username

created username (rezonate is default)

password

your selected password (If selected Certificate, you will need to fill the public key instead)

account

your snowflake id, in the following format: account.region

warehouse

the warehouse that was enabled for the user.

role

the created role name (default is rezonate_integration)

PreviousBambooHR IntegrationNextLastPass Integration

Last updated 11 days ago

📐