SnowDDL
  • 👋Introduction
  • ðŸšĐGetting started
  • 📋Main features
  • ðŸŠĪSnowDDL vs. Declarative DCM
  • In-depth guides
    • 👓Object identifiers
    • 📐Data types
    • ðŸ“ĶObject types
    • 🎭Role hierarchy
    • 🚧Permission model
    • ðŸ”ĶOther guides
      • Administration user
      • Integrations
      • Inbound shares
      • Object OWNERSHIP
      • Safe & unsafe DDL
      • Dependency management
      • Short hash explained
      • Env Prefix explained
      • Team workflow
      • Limitations & workarounds
      • Fivetran
      • Airbyte
      • Encrypt user passwords
      • Iceberg Tables
  • Basic usage (CLI + YAML)
    • ðŸ’ŧCLI interface
    • ðŸ“ĶYAML configs
      • ACCOUNT PARAMETER
      • ACCOUNT POLICY
      • AGGREGATION POLICY
      • ALERT
      • AUTHENTICATION POLICY
      • BUSINESS ROLE
      • DATABASE
      • DATABASE ROLE
      • DYNAMIC TABLE
      • EVENT TABLE
      • EXTERNAL ACCESS INTEGRATION
      • EXTERNAL FUNCTION
      • EXTERNAL TABLE
      • FILE FORMAT
      • FUNCTION
      • HYBRID TABLE
      • ICEBERG TABLE
      • MASKING POLICY
      • MATERIALIZED VIEW
      • NETWORK POLICY
      • NETWORK RULE
      • PERMISSION MODEL
      • PIPE
      • PLACEHOLDER
      • PROCEDURE
      • PROJECTION POLICY
      • RESOURCE MONITOR
      • ROW ACCESS POLICY
      • SCHEMA
      • SECRET
      • SEQUENCE
      • SHARE (outbound)
      • STAGE
      • STAGE FILE
      • STREAM
      • TABLE
      • TASK
      • TECHNICAL ROLE
      • USER
      • VIEW
      • WAREHOUSE
    • 🏷ïļYAML placeholders
    • 📎YAML tag !include
    • 🔐YAML tag !decrypt
  • Single DB
    • ðŸĶ€Overview
  • Advanced usage (Python)
    • ⚙ïļProgrammatic config
    • 🐍Architecture overview
      • ðŸ”ĩBlueprints
      • ðŸŸĢConfig
      • 🟠Parsers
      • ðŸŸĒResolvers
      • ðŸ”īEngine
    • 🏗ïļQuery builder & formatter
  • Breaking changes log
    • 0.45.0 - March 2025
    • 0.41.0 - January 2025
    • 0.37.0 - December 2024
    • 0.36.0 - November 2024
    • 0.33.0 - October 2024
    • 0.27.0 - May 2024
  • Links
    • GitHub repository
    • PyPI package
    • YouTube tutorials
    • Changelog
    • LinkedIn profile
Powered by GitBook
On this page
  • How to configure Fivetran with SnowDDL?
  • How to grant access to objects created by Fivetran?
  1. In-depth guides
  2. Other guides

Fivetran

PreviousLimitations & workaroundsNextAirbyte

Last updated 1 year ago

Since SnowDDL v0.27, it is possible to natively configure database, user and permissions for Fivetran.

How to configure Fivetran with SnowDDL?

1) Create custom permission model

Configuration guide for 

fivetran:
  ruleset: DATABASE_OWNER

  owner_create_grants:
    - STAGE
    - TABLE
    - VIEW

  owner_future_grants:
    STAGE: [OWNERSHIP]
    TABLE: [OWNERSHIP]
    VIEW: [OWNERSHIP]

  read_future_grants:
    STAGE: [READ]
    TABLE: [SELECT, REFERENCES]
    VIEW: [SELECT, REFERENCES]

2) Create database

is_sandbox: true
permission_model: fivetran

3) Create business role

fivetran_owner:
  database_owner:
    - fivetran_db

4) Create user

ext_fivetran:
  rsa_public_key: ...
  business_roles:
    - fivetran_owner

How to grant access to objects created by Fivetran?

For example:

fivetran_reader:
  database_read:
    - fivetran_db

If you want to provide granular on per-schema basis, it requires a bit more work.

  1. Explicitly configure schema(s) in Fivetran database by creating corresponding sub-directories with params.yaml files inside.

For example:

fivetran_specific_reader:
  schema_read:
    - fivetran_db.braintree
    - fivetran_db.paypal

SnowDDL can only create "schema roles" for schemas which are explicitly defined in config.

Configuration guide for

Configuration guide for

You may grant read access on all objects inside Fivetran database by using database_read parameter for .

Use parameter schema_read for .

ðŸ”Ķ
PERMISSION MODEL
DATABASE
BUSINESS ROLE
BUSINESS ROLE
BUSINESS ROLE