• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

.circleci/H19-Aug-2021-

snowflake-database-plugin/H19-Aug-2021-

.gitignoreH A D19-Aug-2021846

LICENSEH A D19-Aug-202116.3 KiB

README.mdH A D19-Aug-20212.4 KiB

go.modH A D19-Aug-2021409

go.sumH A D19-Aug-202143.2 KiB

snowflake.goH A D19-Aug-20218.8 KiB

snowflake_test.goH A D19-Aug-202110.7 KiB

README.md

1# vault-plugin-database-snowflake
2A Vault plugin for Snowflake. It is one of the supported plugins for the HashiCorp Vault Database Secrets Engine and allows for the programmatic generation of unique, ephemeral Snowflake [Database User](https://docs.snowflake.com/en/user-guide/admin-user-management.html) credentials in a Snowflake account.
3
4This project uses the database plugin interface introduced in Vault version 1.6.0.
5
6**This plugin will be included in version 1.7 of Vault.**
7
8## Bugs and Feature Requests
9Bugs should be filed under the Issues section of this repo.
10
11Feature requests can be submitted in the Issues section as well.
12
13## Quick Links
14 * [Database Secrets Engine for Snowflake - Docs](https://www.vaultproject.io/docs/secrets/databases/snowflake)
15 * [Database Secrets Engine for Snowflake - API Docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake)
16 * [Snowflake Website](https://www.snowflake.com/)
17 * [Vault Website](https://www.vaultproject.io)
18
19**Please note**: HashiCorp takes Vault's security and their users' trust very seriously.
20
21If you believe you have found a security issue in Vault or with this plugin, _please responsibly disclose_ by contacting HashiCorp at [security@hashicorp.com](mailto:security@hashicorp.com).
22
23## Acceptance Testing
24In order to perform acceptance testing, you need to set the environment variable `VAULT_ACC=1` as well as provide all of the necessary information to connect to a Snowflake Project. All `SNOWFLAKE_*` environment variables must be provided in order for the acceptance tests to run properly. A cluster must be available during the test. A [30-day trial account](https://signup.snowflake.com/) can be provisioned manually to test.
25
26| Environment Variable | Description |
27|----------------------|-------------|
28| SNOWFLAKE_ACCOUNT    | The account string for your snowflake instance. If you are using a non-AWS provider, or a region that isn't us-west-1 for AWS, region and provider should be included here. (example: `ec#####.east-us-2.azure`) |
29| SNOWFLAKE_USER       | The accountadmin level user that you are using with Vault |
30| SNOWFLAKE_PASSWORD   | The password associated with the provided user |
31| SNOWFLAKE_DB         | optional: The DB you are restricting the connection to |
32| SNOWFLAKE_SCHEMA     | optional: The schema you are restricting the connection to |
33| SNOWFLAKE_WAREHOUSE  | optional: The warehouse you are restricting the connection to |
34