SnowDDL
  • 👋Introduction
  • ðŸšĐGetting started
  • 📋Main features
  • ðŸŠĪSnowDDL vs. Declarative DCM
  • In-depth guides
    • 👓Object identifiers
    • 📐Data types
    • ðŸ“ĶObject types
    • 🎭Role hierarchy
    • 🚧Permission model
    • ðŸ”ĶOther guides
      • Administration user
      • Integrations
      • Inbound shares
      • Object OWNERSHIP
      • Safe & unsafe DDL
      • Dependency management
      • Short hash explained
      • Env Prefix explained
      • Team workflow
      • Limitations & workarounds
      • Fivetran
      • Airbyte
      • Encrypt user passwords
      • Iceberg Tables
  • Basic usage (CLI + YAML)
    • ðŸ’ŧCLI interface
    • ðŸ“ĶYAML configs
      • ACCOUNT PARAMETER
      • ACCOUNT POLICY
      • AGGREGATION POLICY
      • ALERT
      • AUTHENTICATION POLICY
      • BUSINESS ROLE
      • DATABASE
      • DATABASE ROLE
      • DYNAMIC TABLE
      • EVENT TABLE
      • EXTERNAL ACCESS INTEGRATION
      • EXTERNAL FUNCTION
      • EXTERNAL TABLE
      • FILE FORMAT
      • FUNCTION
      • HYBRID TABLE
      • ICEBERG TABLE
      • MASKING POLICY
      • MATERIALIZED VIEW
      • NETWORK POLICY
      • NETWORK RULE
      • PERMISSION MODEL
      • PIPE
      • PLACEHOLDER
      • PROCEDURE
      • PROJECTION POLICY
      • RESOURCE MONITOR
      • ROW ACCESS POLICY
      • SCHEMA
      • SECRET
      • SEQUENCE
      • SHARE (outbound)
      • STAGE
      • STAGE FILE
      • STREAM
      • TABLE
      • TASK
      • TECHNICAL ROLE
      • USER
      • VIEW
      • WAREHOUSE
    • 🏷ïļYAML placeholders
    • 📎YAML tag !include
    • 🔐YAML tag !decrypt
  • Single DB
    • ðŸĶ€Overview
  • Advanced usage (Python)
    • ⚙ïļProgrammatic config
    • 🐍Architecture overview
      • ðŸ”ĩBlueprints
      • ðŸŸĢConfig
      • 🟠Parsers
      • ðŸŸĒResolvers
      • ðŸ”īEngine
    • 🏗ïļQuery builder & formatter
  • Breaking changes log
    • 0.45.0 - March 2025
    • 0.41.0 - January 2025
    • 0.37.0 - December 2024
    • 0.36.0 - November 2024
    • 0.33.0 - October 2024
    • 0.27.0 - May 2024
  • Links
    • GitHub repository
    • PyPI package
    • YouTube tutorials
    • Changelog
    • LinkedIn profile
Powered by GitBook
On this page
  • System requirements
  • Hand-on example
  • Congratulations!

Getting started

PreviousIntroductionNextMain features

Last updated 3 months ago

System requirements

  • Python 3.7+

Hand-on example

It will take about 10 minutes.

1) Install SnowDDL.

pip install snowddl

2) Create a new or create a .

Do NOT use existing production account with real data to test object management tools.

3) for key-pair authentication of SnowDDL administrator user.

It is still possible to use single-factor PASSWORD authentication for testing purpose, but it is NOT recommended due to updated Snowflake security guidelines:

4) Create administration user for SnowDDL. Replace RSA_PUBLIC_KEY with contents of generated public key. It should look like a single line without header & footer and without line-breaks.

USE ROLE ACCOUNTADMIN;

CREATE ROLE SNOWDDL_ADMIN;

GRANT ROLE SYSADMIN TO ROLE SNOWDDL_ADMIN;
GRANT ROLE SECURITYADMIN TO ROLE SNOWDDL_ADMIN;

CREATE USER SNOWDDL
TYPE = SERVICE
RSA_PUBLIC_KEY = 'MIIBIjANBgkqh...'
DEFAULT_ROLE = SNOWDDL_ADMIN;

GRANT ROLE SNOWDDL_ADMIN TO USER SNOWDDL;
GRANT ROLE SNOWDDL_ADMIN TO ROLE ACCOUNTADMIN;

snowddl \
-c sample01_01 \
-a <account_identifier> \
-u snowddl \
-k <path_to_private_key> \
--apply-unsafe \
apply

Check database SNOWDDL_DB in Snowflake account. Check list of warehouses and roles.

snowddl \
-c sample01_02 \
-a <account_identifier> \
-u snowddl \
-k <path_to_private_key> \
--apply-unsafe \
apply

Check logs. Some objects will be altered, some objects will be dropped.

7) Reset Snowflake account to the original state. All objects created earlier by SnowDDL will be dropped.

snowddl \
-c sample01_02 \
-a <account_identifier> \
-u snowddl \
-k <path_to_private_key> \
--apply-unsafe \
--destroy-without-prefix \
destroy

Congratulations!

Now you are ready to create your own config and start experimenting.

5) Apply of sample config (provided with SnowDDL installation). Replace <account_identifier> placeholder with Snowflake . Replace <path_to_private_key> with path to private key file generated in step 3.

6) Apply of sample config (provided with SnowDDL installation).

ðŸšĐ
Snowflake Connector Python
PyYAML
JSONSchema
Snowflake Trial Account
new account within your organization
Generate private and public key
https://www.snowflake.com/en/blog/blocking-single-factor-password-authentification/
first version
account identifier
second version