Snowflake Credentials
#
Description#
General- Documentation: https://docs.snowflake.com/en/
- Summary: Snowflake is a cloud-based data warehousing company that offers various data storage and associated analytics services. The services can be accessed using various drivers, and authenticating with a username and password. This detector looks for snowflake uri connection patterns.
- IPs allowlist: Snowflake allows to restrict the access to a given IPs allowlist. See documentation for more details.
- Scopes: The access to given databases and resources can be customized and revoked using Snowflake SQL queries. See the documentation for more details on users and security management.
#
Revoke the secretUser accesses to given databases and resources can be customized and revoked using SQL queries.
#
Check for suspicious activityA user can display login history in a Snowflake query to audit recent connection attempts.
Snowflake uri
#
Details for Family: Database
Category: Data storage
Company: Snowflake
High recall: True
Validity check available: False
Minimum number of matches: 8
Occurrences found for one million commits: 0.16
Prefixed: True
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: false- type: ContentWhitelistPreValidator patterns: - snowflake[a-z0-9.+-]{0,8}://
#
Examples- text: | CONNECTION_URI="db:snowflake://root:c04pjhm2wc@aze4567.us-east-12.snowflakecomputing.com/thegift" host: aze4567.us-east-12.snowflakecomputing.com username: root password: c04pjhm2wc scheme: snowflake database: thegift connection_uri: snowflake://root:c04pjhm2wc@aze4567.us-east-12.snowflakecomputing.com/thegift
# Test special characters in password- text: | CONNECTION_URI="db:snowflake://root:v18w!o@2qc@aze4567.us-east-12.snowflakecomputing.com/thegift" host: aze4567.us-east-12.snowflakecomputing.com username: root password: v18w!o@2qc scheme: snowflake database: thegift connection_uri: snowflake://root:v18w!o@2qc@aze4567.us-east-12.snowflakecomputing.com/thegift
# Example SQLAlchemy driver- text: | engine = create_engine("snowflake://root:v18w!o@2qc@aze4567.us-east-12/thegift" host: aze4567.us-east-12 username: root password: v18w!o@2qc scheme: snowflake database: thegift connection_uri: snowflake://root:v18w!o@2qc@aze4567.us-east-12/thegift
# Test detection in md files- text: | engine = create_engine("snowflake://root:v18w!o@2qc@aze4567.us-east-12/thegift" host: aze4567.us-east-12 username: root password: v18w!o@2qc scheme: snowflake database: thegift connection_uri: snowflake://root:v18w!o@2qc@aze4567.us-east-12/thegift