Have you ever been asked to share information with a client or customer, while having to support various cloud platforms? Can this be done efficiently, and most importantly, effectively? In our previous publication around how to effectively share data, Strive walked through a step by step guide in how to utilize the Snowflake Secure Data Share. But what if you’re not a Snowflake customer? Don’t worry… we’ve got you covered.
Did you know that within Snowflake, you can setup a data share with other Snowflake customers, as well as with non-Snowflake customers? If you are looking to create a share with other Snowflake customers, then you’re in luck! We’ll outline the simple steps it takes to not only share with Snowflake Customers, but also dive into solutions needed to span across non-Snowflake customers, and additionally across various cloud platforms.
Let’s discuss some ground rules and limitations while creating a share within Snowflake for non-Snowflake customers.
Let’s say you were asked to share sales information to various internal and external data consumers with the following requirements:
Here is an excellent opportunity to leverage a Reader Account within Snowflake. What is a Reader Account? A Reader Account allows you, as a Data Provider, to share data with non-Snowflake consumers. It’s not entirely free lunch as, unlike a direct share where the consumers pay for the compute on the data share, Reader Accounts are owned by the Data Producer, and the Producer’s account pays for the compute used.
A common question asked is, “Do consumers who use the Reader Account have access to other objects that are not shared?” The answer is no. Think of a Reader Account as a sub account that only has permissions to objects that have been shared AND, as the name insinuates, Readers Accounts cannot make changes to any shared objects.
Step 1: Create Reader Account
Step 2: Login and Setup
Login using the credentials that were setup for the Reader Account in the earlier step. If additional security is needed to set up within a share, Data Provider would be selected. You can also select Data Consumer in order to view personal shares.
In this example, this will consist of all our sales users.
Step 3: Setup Users
As an Account Admin, within your Reader Account, you can setup users that will have access to the shares and should then grant assigned roles as well. Keep in mind, the Reader Account has SYSADMIN, PUBLIC, and SECURITYADMIN, and any other roles can be created.
Step 4: Create Warehouse
In the command below, a new warehouse is being created called sales_reader_wh as an XSmall.
Step 5: Create a Database based on the Share
Now that we have users created, and our warehouse set up, we must create a database based on the share from the provider account. Let’s say the provider account that granted the share and Reader Account is j44789 and the share is called ‘sales_share’.
Step 6: Setup all Access Privilege
Once our database is created from the share, we should grant access needed for the different roles. You must make sure to do a couple of things to allow the data to be queried:
Outside of this, privileges can be added or removed as needed.
Snowflake allows us to simply create managed Reader Accounts. From there, login to the Reader Account, create users, warehouses, databases from shares, grant privileges, etc. With just a few command statements, a Reader Account can be accessed by the users and the Account Admin of the Reader Account can grant access as needed to certain roles. Additionally, it’s highly recommended to setup resource monitors in order to limit credits used on your account. The Account Admin can create monitors which can limit the number of credits used by Reader Accounts, or even suspend a warehouse once a percentage of credits is used.
Using Snowflake, this can all be done in a matter of minutes and allows ease of access to sales data for both internal and external vendors. Leveraging such a powerful tool, we can now setup data shares to both consumers and Reader Accounts, as well. Strive is proud to partner with Snowflake to help organizations unlock true business value and help businesses get, and share, the data they need.
Strive Consulting is a business and technology consulting firm, and proud partner of Snowflake, having direct experience with Snowflake Data Share. Our team of experts can work hand-in-hand with you to determine if leveraging the Secure Data Share is right for your organization. Check out Strive’s additional Snowflake thought leadership here.
Snowflake delivers the Data Cloud – a global network where thousands of organizations mobilize data with near-unlimited scale, concurrency, and performance. Inside the Data Cloud, organizations unite their siloed data, easily discover and securely share governed data, and execute diverse analytic workloads. Join the Data Cloud. Snowflake.com.