Snowflake

Opal Security’s first-party Snowflake integration empowers Security, Infrastructure, and IT teams to easily manage access to Snowflake Roles and resources such as Databases, Schemas, and Tables.

The Opal ↔︎ Snowflake Integration

Opal built this integration to help customers answer key access questions and implement least privilege in their Snowflake environments. With this integration, teams can:

• Quickly set up and connect Opal ↔︎ Snowflake

• Import and sync Snowflake Roles and Securable Objects into Opal

• Manage which users have access to a Snowflake Role (direct & indirect)

• View which Securable Objects (e.g. Snowflake Databases, Schemas, Tables) a Role has access to

• Manage which users have access to Securable Objects

• View granular privileges granted to each user and Role

• Perform a User Access Review (UAR) on users with direct access to a Snowflake Role

• Empower end users throughout the company to request JIT access to a Snowflake Role

• Delegate access review and approval decisions to appropriate teams that have context around the data

Key Benefits

• Simplify access: At a glance, administrators can understand which users have access to Snowflake Roles and Securable Objects and assess their security posture.

• Reduce Risk: Quickly remediate on roles that are overprovisioned. For resources that contain PII or extra sensitive data, customers can easily remove users who do not require access or convert long standing to JIT access.‍

• Enable self-service: Employees across the organization can self-service and request time-bound access to Snowflake Roles that grant them the appropriate access to datasets they need for their job. Administrators can customize request configurations and approval workflows to ensure only the necessary access gets granted.

Want to learn more? Check out our blog post and our docs for more information.