Section Contents
Immuta manages access to Snowflake tables by administering Snowflake row access policies and column masking policies on those tables, allowing users to query tables directly in Snowflake while dynamic policies are enforced.
Getting started
This getting started guide outlines how to integrate your Snowflake account with Immuta to gain value from all three Immuta modules: Discover, Detect, and Secure.
How-to guides
- Configure a Snowflake integration: Configure the Snowflake integration.
- Edit or remove an existing integration: Manage integration settings or delete your existing Snowflake integration.
- Integration settings:
- Enable Snowflake table grants: Enable Snowflake table grants and configure the Snowflake role prefix.
- Use Snowflake data sharing with Immuta: Use Snowflake data sharing with table grants or project workspaces.
- Snowflake low row access policy mode: Enable Snowflake low row access policy mode.
- Snowflake lineage tag propagation: Configure your Snowflake integration to automatically apply tags added to a Snowflake table to its descendant data source columns in Immuta.
Reference guides
- Phased Snowflake onboarding approach: A phased onboarding approach to configuring the Snowflake integration ensures that your users will not be immediately affected by changes as you add data sources and policies. This guide describes the settings and requirements for implementing this phased approach.
- Snowflake integration reference guide: This reference guide describes the design and features of the Snowflake integration.
- Snowflake table grants: Snowflake table grants simplifies the management of privileges in Snowflake when using Immuta. Instead of manually granting users access to tables registered in Immuta, you allow Immuta to manage privileges on your Snowflake tables and views according to subscription policies. This guide describes the components of Snowflake table grants and how they are used in Immuta's Snowflake integration.
- Snowflake data sharing with Immuta: Organizations can share the policy-protected data of their Snowflake database with other Snowflake accounts with Immuta policies enforced in real time. This guide describes the components of using Immuta with Snowflake data shares.
- Snowflake low row access policy mode: The Snowflake low row access policy mode improves query performance in Immuta's Snowflake integration. To do so, this mode decreases the number of Snowflake row access policies Immuta creates and uses table grants to manage user access. This guide describes the design and requirements of this mode.
- Snowflake lineage tag propagation: Snowflake column lineage specifies how data flows from source tables or columns to the target tables in write operations. When Snowflake lineage tag propagation is enabled in Immuta, Immuta automatically applies tags added to a Snowflake table to its descendant data source columns in Immuta so you can build policies using those tags to restrict access to sensitive data.