Skip to main content Skip to complementary content

Required permissions

This topic describes the permissions required for working with this endpoint.

Setting a custom role

When Replicate establishes an ODBC connection to Snowflake, it uses the default user role on Snowflake, which is SYSADMIN.

However, if your corporate security policy dictates that third-part applications should not have SYSADMIN privileges, it is possible to create a custom role with fewer privileges and use that instead.

This can be done by changing the default user role on Snowflake from SYSADMIN to the desired custom role.

This can be done using either of the following methods:

Required permissions

The required permissions differ according to whether or not the schema and/or the target tables already existed before the Replicate task started.

Tables created by Replicate

  • USAGE ON DATABASE
  • CREATE SCHEMA ON DATABASE
  • USAGE ON DATABASE
  • USAGE ON SCHEMA
  • CREATE FILE FORMAT ON SCHEMA
  • CREATE STAGE ON SCHEMA
  • CREATE TABLE ON SCHEMA

Tables that existed before the Replicate task started

Although not recommended, if you wish data to be replicated to existing tables that were created by a user with a different role, the Snowflake user specified in the endpoint settings must have the following table privileges:

  • SELECT
  • INSERT
  • UPDATE
  • TRUNCATE
  • DELETE
  • REFERENCES

Google cloud storage

The JSON credentials that you need to specify in the Snowflake on Google target endpoint settings must be for an account that has read and write access to the specified bucket and folder.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!