About Collectors
Pre-requisites
Collector Server Minimum Requirements
Snowflake Requirements
-
Access to Snowflake (see section below). The instructions for access assume you have already added the Snowflake source in K.
Step 1: Snowflake Access
Option 1: Extending the K user with access to Snowflake DMF
Assuming you followed the Snowflake integration instructions and created a role called CATALOG_READ_ONLY you can follow the steps to add grants to extend the user to be able to read Snowflake DMF details
--Log in with a user that has the permissions to assign/update roles
--Add the following DQ related roles to the KADA role created previously
GRANT APPLICATION ROLE SNOWFLAKE.DATA_QUALITY_MONITORING_VIEWER TO ROLE CATALOG_READ_ONLY;
GRANT DATABASE ROLE SNOWFLAKE.DATA_METRIC_USER TO ROLE CATALOG_READ_ONLY
GRANT DATABASE ROLE SNOWFLAKE.OBJECT_VIEWER TO ROLE CATALOG_READ_ONLY
Option 2: Creating a user with access to Snowflake DMF
To create a user with general access to metadata available in Snowflake Account Usage schema
--Log in with a user that has the permissions to create a role/user
--Create a new role for the Catalog user
Create role CATALOG_READ_ONLY;
--Grant the role access to the Account usage schema
grant imported privileges on database Snowflake to CATALOG_READ_ONLY;
grant select on all tables in schema SNOWFLAKE.ACCOUNT_USAGE to CATALOG_READ_ONLY;
grant monitor on account to role CATALOG_READ_ONLY;
GRANT APPLICATION ROLE SNOWFLAKE.DATA_QUALITY_MONITORING_VIEWER TO ROLE CATALOG_READ_ONLY;
GRANT DATABASE ROLE SNOWFLAKE.DATA_METRIC_USER TO ROLE CATALOG_READ_ONLY
GRANT DATABASE ROLE SNOWFLAKE.OBJECT_VIEWER TO ROLE CATALOG_READ_ONLY
--Create a new user for K and grant it the role (remove the [])
create user [kada_user] password=['abc123!@#'] default_role = CATALOG_READ_ONLY default_warehouse = [warehouse];
From the above record down the following to be used for the setup
-
User name / Password
-
Role
-
Warehouse
-
(If creating a new database for metadata) Database name
-
Snowflake account (found in the URL of your Snowflake instance - between https:// and .snowflakecomputing.com/…)
If you want the connect to Snowflake via Key Pair Authentication, follow these steps https://docs.snowflake.com/en/user-guide/key-pair-auth#step-1-generate-the-private-key and attach the key to the user you created.
Step 2: Create the Source in K
-
Go to Settings, Select Sources and click Add Source
-
Select Snowflake DMF and click next
-
Select “Load from File” option
-
Give the source a Name - e.g. Snowflake Production
-
Add the Host name for the Snowflake Server
-
Click Finish Setup
Step 3: Getting Access to the Source Landing Directory
Step 4: Install the Collector
It is recommended to use a python environment such as pyenv or pipenv if you are not intending to install this package at the system level.
You can download the latest Core Library and Snowflake whl via Platform Settings → Sources → Download Collectors
Run the following command to install the collector.
pip install kada_collectors_extractors_<version>-none-any.whl
You will also need to install the latest common library kada_collectors_lib for this collector to function properly.
pip install kada_collectors_lib-<version>-none-any.whl
Some python packages also have dependencies on the OS level packages, so you may be required to install additional OS packages if the below fails to install.
|
OS |
Packages |
|---|---|
|
CentOS |
libffi-devel
|
|
Ubuntu |
libssl-dev
|
Please also see https://docs.snowflake.com/en/user-guide/python-connector-install.html
Step 5: Configure the Collector
The collector requires a set of parameters to connect to and extract metadata from Snowflake
|
FIELD |
FIELD TYPE |
DESCRIPTION |
EXAMPLE |
|---|---|---|---|
|
account |
string |
Snowflake account |
“abc123.australia-east.azure” |
|
username |
string |
Username to log into the snowflake account. If use_private_key is true, this must be the user associated to the private key |
|
|
password |
string |
Password to log into the snowflake account. If use_private_key is true then this is the password/passphrase to that private key. |
|
|
information_database |
string |
Database where all the required tables are located, generally snowflake |
“snowflake” |
|
role |
string |
The role to access the required account_usage tables, generally accountadmin |
“accountadmin” |
|
warehouse |
string |
The warehouse to execute the queries against |
“xs_analytics” |
|
login_timeout |
integer |
Max time in seconds for the extractor to establish a connection. Generally 5 is sufficient. |
5 |
|
output_path |
string |
Absolute path to the output location where files are to be written |
“/tmp/output” |
|
mask |
boolean |
To enable masking or not |
true |
|
compress |
boolean |
To gzip the output or not |
true |
|
use_private_key |
boolean |
To use private key or not |
true |
|
private_key |
string |
The private key value as text (formatted with \n line endings, including header and footer). |
|
|
snowflake_host |
string |
The host value for the snowflake source onboarded in K. Used to link extracted items back to Snowflake database items. |
“abc123.australia-east.azure.snowflakecomputing.com” |
kada_snowflake_extractor_config.json
{
"account": "",
"username": "",
"password": "",
"information_database": "",
"role": "",
"warehouse": "",
"login_timeout": 5,
"output_path": "/tmp/output",
"mask": true,
"compress": true,
"use_private_key": false,
"private_key": "",
"snowflake_host": ""
}
Step 6: Run the Collector
The following code is an example of how to run the extractor. This is the wrapper script: kada_snowflake_dmf_extractor.py
import os
import argparse
from kada_collectors.extractors.utils import load_config, get_hwm, publish_hwm, get_generic_logger
from kada_collectors.extractors.snowflake_dmf import Extractor
get_generic_logger('root')
_type = 'snowflake_dmf'
dirname = os.path.dirname(__file__)
filename = os.path.join(dirname, 'kada_{}_extractor_config.json'.format(_type))
parser = argparse.ArgumentParser(description='KADA Snowflake DMF Extractor.')
parser.add_argument('--config', '-c', dest='config', default=filename)
parser.add_argument('--name', '-n', dest='name', default=_type)
args = parser.parse_args()
start_hwm, end_hwm = get_hwm(args.name)
ext = Extractor(**load_config(args.config))
ext.test_connection()
ext.run(**{"start_hwm": start_hwm, "end_hwm": end_hwm})
publish_hwm(args.name, end_hwm)
If your organisation has a proxy operating on where this script runs and you are using a private link for snowflake you may encounter a 403 error when fetching result batches. Set the following environment variables:
export HTTP_PROXY="http://username:password@proxyserver.company.com:80"
export HTTPS_PROXY="http://username:password@proxyserver.company.com:80"
Then explicitly call out snowflake itself to not use a proxy:
export NO_PROXY=".snowflakecomputing.com"
Advance options:
Refer to Collector Integration General Notes | Storing HWM in another location for storing HWM in another location.
from kada_collectors.extractors.snowflake import Extractor
kwargs = {my args}
hwm_kwrgs = {"start_hwm": "end_hwm": }
ext = Extractor(**kwargs)
ext.run(**hwm_kwrgs)
class Extractor(account: str = None,
username: str = None,
password: str = None,
information_database: str = 'snowflake',
role: str = 'accountadmin',
output_path: str = './output',
warehouse: str = None,
login_timeout: int = 5,
mask: bool = False,
compress: bool = False,
snowflake_host: str = None,
use_private_key: bool = False,
private_key: str = None
) -> None)
account: snowflake account
username: username to sign into snowflake
password: password to sign into snowflake
information_database: database with snowflake level information
role: role with access to the database with snowflake level information
output_path: full or relative path to where the outputs should go
warehouse: specify a different warehouse if required
login_timeout: The timeout for snowflake Auth
mask: To mask the META/DATABASE_LOG files or not
compress: To gzip output files or not
use_private_key: Using private/public RSA keys
private_key: the private key value in plain text
snowflake_host: The snowflake source host value onboarded in K
Step 7: Check the Collector Outputs
K Extracts
A set of files (eg metadata, databaselog, linkages, events etc) will be generated in the output_path directory.
High Water Mark File
A high water mark file snowflake_dmf_hwm.txt is created if you call the publish_hwm method.
Step 8: Push the Extracts to K
Once the files have been validated, push the files to the K landing directory.
You can use Azure Storage Explorer if you want to initially do this manually. You can push the files using python as well (see Airflow example below).