Can you configure a Snowflake Security Integration with Tableau to only allow specific roles?
I am looking at these examples in the Snowflake documentation for creating OAuth integration with Tableau. I have noticed that there is a parameter called BLOCKED_ROLES_LIST which allows you to list specific roles which should not be able to use the integration.
Is there an equivalent parameter that I can use to list the allowed roles instead? Hypothetically, if we have 100 roles and only want to allow this integration for 1 of them, it seems overly cumbersome to have to list all 99 that we want to block, instead of the 1 to allow?
I have looked through the parameters in the documentation and cannot see a parameter to support this. There is a parameter called PRE_AUTHORIZED_ROLES_LIST however this is only supported for confidential clients only and appears to skip the authorisation entirely.
Can you configure a Snowflake Security Integration with Tableau to only allow specific roles?
I couldn't find an easy way to accomplish this.
The best I can recommend in the meantime is setting up an audit process that could constantly monitor the usage of the Tableau integration in Snowflake - and then trigger the automatic revoking of the privilege.
The basic element in this process is the ability to list the delegated authorizations:
SHOW DELEGATED AUTHORIZATIONS
TO SECURITY INTEGRATION td_oauth_int1;
Then to immediately revoke access (unless from the one role allowed):
ALTER USER fhoffa REMOVE DELEGATED AUTHORIZATION
OF ROLE sysadmin
FROM SECURITY INTEGRATION td_oauth_int1;
- SQL Query in Snowflake - Calculate Days of Supply
- Why is BigQuery a PAAS and Snowflake a SAAS
- Passing a table name as a variable to Snowflake stored procedure
- Snowflake SQL finding the rows diffs between 2 large tables
- Can a snowflake stream trigger a task without adding any schedule?
- Snowflake COPY INTO from external S3 stage fails with “Access Denied (Status Code: 403; Error Code: AccessDenied)
- Data Factory to Snowflake copy task Fails with Failed to open the database error
- SQL Query in Snowflake - Calculate Days of Supply each date inventory with forecast each day
- Can I Pivot in Snowflake without single quotes, without manually aliasing the column names?
- Using IF statement with Snowflake SQL
- Dynamicly processing multiple excel sheets in a Data Flow activity nested in a ForEach
- Snowflake Pivot Without Apostrophe
- How to replace NULL to specific string in snowflake (SQL)
- Snowflake - COUNT (DISTINCT ...) window function with ORDER BY
- Preserving the load history when re-creating pipes in Snowflake
- Azure Data Factory Data Flows - Forcing headers into upper case for mapping
- Array_Agg does not support Window Frame in Snowflake - how to achieve?
- How to convert a VARCHAR to DATE in Snowflake
- Alternative to st.file_uploader Snowflake Streamlit
- How to handle the exception in Snowflake SQL scripting stored procedure with return type as TABLE
- How to show which authentication policy is applied to a user in Snowflake
- Update null values in a column with values from same table but by referencing indirectly related matching value in another table
- How to deploy SQL views to snowflake using config object?
- Snowflake Snowpark Python - Stored Procedure
- Using multiple AND/OR statements breaks my date filter
- Flatten XML array to a single row in Snowflake
- Snowflake: getting value from inner tags of xml file
- How can I group by a case column that uses a JSON object?
- Conditional CASE WHEN select snowflake SQL
- Snowflake SQL group-by behaving differently depending whether columns are referenced by position or alias