Snowflake Credentials
Description
General
- Documentation: https://docs.snowflake.com/en/
- Summary: Snowflake is a cloud-based data warehousing company that offers various data storage and associated analytics services. The services can be accessed using various drivers, and authenticating with a username and password. This detector looks for snowflake uri connection patterns. Snowpark is a set of libraries that allows developers to write code in their preferred programming languages and execute it directly within Snowflake.
- IPs allowlist: Snowflake allows to restrict the access to a given IPs allowlist. See documentation for more details.
- Scopes: The access to given databases and resources can be customized and revoked using Snowflake SQL queries. See the documentation for more details on users and security management.
Revoke the secret
User accesses to given databases and resources can be customized and revoked using SQL queries.
Check for suspicious activity
A user can display login history in a Snowflake query to audit recent connection attempts.
Details for Snowflake URI
-
Family: credentials
-
Category: data_storage
-
Company: Snowflake
-
High recall: True
-
Validity check available: False
-
Analyzer available: False
-
Minimum number of matches: 5
-
Occurrences found for one million commits: 0.16
-
Prefixed: True
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- snowflake[a-z0-9.+-]{0,8}://
Examples
- text: |
CONNECTION_URI="db:snowflake://root:c04pjhm2wc@aze4567.us-east-12.snowflakecomputing.com/thegift"
host: aze4567.us-east-12.snowflakecomputing.com
username: root
password: c04pjhm2wc
scheme: snowflake
database: thegift
connection_uri: snowflake://root:c04pjhm2wc@aze4567.us-east-12.snowflakecomputing.com/thegift
# Test special characters in password
- text: |
CONNECTION_URI="db:snowflake://root:v18w!o@2qc@aze4567.us-east-12.snowflakecomputing.com/thegift"
host: aze4567.us-east-12.snowflakecomputing.com
username: root
password: v18w!o@2qc
scheme: snowflake
database: thegift
connection_uri: snowflake://root:v18w!o@2qc@aze4567.us-east-12.snowflakecomputing.com/thegift
# Example SQLAlchemy driver
- text: |
engine = create_engine("snowflake://root:v18w!o@2qc@aze4567.us-east-12/thegift"
host: aze4567.us-east-12
username: root
password: v18w!o@2qc
scheme: snowflake
database: thegift
connection_uri: snowflake://root:v18w!o@2qc@aze4567.us-east-12/thegift
# Test detection in md files
- text: |
engine = create_engine("snowflake://root:v18w!o@2qc@aze4567.us-east-12/thegift"
host: aze4567.us-east-12
username: root
password: v18w!o@2qc
scheme: snowflake
database: thegift
connection_uri: snowflake://root:v18w!o@2qc@aze4567.us-east-12/thegift
Details for Snowflake Connector Credentials
-
Family: credentials
-
Category: data_storage
-
Company: Snowflake
-
High recall: False
-
Validity check available: False
-
Analyzer available: False
-
Minimum number of matches: 3
-
Occurrences found for one million commits: 5.46
-
Prefixed: False
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- snowflake
Examples
- text: |
connection_parameters = (
"snowflake_account" : "jdtcusj-je76351" ,
"snowflake_user" : "JTAAvluMi1" ,
"snowflake_password" : "nwZj1oIwv5RBZnt0BeEU" ,
"snowflake_role" : "account_admin",)
account: jdtcusj-je76351
user: JTAAvluMi1
password: nwZj1oIwv5RBZnt0BeEU
- text: |
connection_parameters = (
"snowflake_account" : "jdtcusj-je76351.snowflakecomputing.com" ,
"snowflake_user" : "JTAAvluMi1" ,
"snowflake_password" : "nwZj1oIwv5RBZnt0BeEU" ,
"snowflake_role" : "account_admin",)
account: jdtcusj-je76351.snowflakecomputing.com
user: JTAAvluMi1
password: nwZj1oIwv5RBZnt0BeEU
