Required permissions
This topic describes the permissions required for working with this endpoint.
Setting a custom role
When Replicate establishes an ODBC connection to Snowflake, it uses the default user role on Snowflake, which is SYSADMIN.
However, if your corporate security policy dictates that third-part applications should not have SYSADMIN privileges, it is possible to create a custom role with fewer privileges and use that instead.
This can be done by changing the default user role on Snowflake from SYSADMIN to the desired custom role.
This can be done using either of the following methods:
- In the Advanced tab's Additional ODBC connection properties field, specify role=MYROLE where MYROLE is a custom role defined on Snowflake.
- Change the default user role on Snowflake from SYSADMIN to the desired custom role.
Required permissions
The required permissions differ according to whether or not the schema and/or the target tables already existed before the Replicate task started.
Tables created by Replicate
Permissions required if the schema does not exist
- USAGE ON DATABASE
- CREATE SCHEMA ON DATABASE
Permissions required if the schema already exists
- USAGE ON DATABASE
- USAGE ON SCHEMA
- CREATE FILE FORMAT ON SCHEMA
- CREATE STAGE ON SCHEMA
- CREATE TABLE ON SCHEMA
Tables that existed before the Replicate task started
Although not recommended, if you wish data to be replicated to existing tables that were created by a user with a different role, the Snowflake user specified in the endpoint settings must have the following table privileges:
- SELECT
- INSERT
- UPDATE
- TRUNCATE
- DELETE
- REFERENCES