Documentation
Toggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage
  1. Docs
  2. /
  3. Reference
  4. /
  5. Sundeck DDL
  6. /
  7. SUNDECK$SET_SERVICE_ACCOUNT

SUNDECK$SET_SERVICE_ACCOUNT

To allow Sundeck access to Snowflake outside of a user session and enable some additional functionality from the Sundeck Native App (lables, query monitors and more), user needs to configure a service account with the Snowflake credentials.

This function sets the service account that Sundeck will also use to access Snowflake metadata about user’s account, such as table sizes or lists of warehouses,database ,schemas and tables.

Two forms of authentication are supported for service account users: basic user/password or key/pair authentication as described in Key-pair authentication and key-pair rotation

Sundeck ADMIN privilege is required to run this function. See GRANT SUNDECK ROLE

See also:
GET_SERVICE_ACCOUNT

Syntax 

  select SUNDECK$SET_SERVICE_ACCOUNT( <service-account-config>);

Parameters

<service-account-config>
A Snowflake object literal that describes the service account configuration. Supported keys are username, password, rsa_private_key, rsa_private_key_passphrase, role and warehouse.
<username>
string that represents Snowflake user name. Mandatory parameter.

Depending on the kind of authentication, next mandatory parameter will be either password or rsa_private_key.

<password>
user password.
<rsa_private_key>
private key string that was generated for the user when it was created.

When passing rsa_private_key as a parameter:

  • Exclude the private key delimiters
  • Remove all the new lines in the private key
`<rsa_private_key_passphrase>
passphrase if private key is encrypted. If omitted, it is assumed that private key is not encrypted.
role
role to connect to Snowflake with. If omitted, user will run with default_role as appears in DESCRIBE USER
warehouse
warehouse for this user. If omitted, default_warehouse will be used as appears in DESCRIBE USER

Examples:

Simple user/password authentication:

select SUNDECK$SET_SERVICE_ACCOUNT({'username': 'ube', 'password': '***', 'role': 'ACCOUNTADMIN', 'warehouse': 'SMALL_WH'});

User test is authenticated with encrypted key:

SELECT SUNDECK$SET_SERVICE_ACCOUNT({'username': 'test', 
			            'rsa_private_key': 'MIIFDjBABgkqhki...'
                                    'rsa_private_key_passphrase': 'SundeckIsAGreatCompany', 
				    'role' : 'ACCOUNTADMIN', 
				    'warehouse': 'COMPUTE_WH'});