Fivetran

Since SnowDDL v0.27, it is possible to natively configure database, user and permissions for Fivetran.

How to configure Fivetran with SnowDDL?

1) Create custom permission model

Configuration guide for PERMISSION MODEL

fivetran:
  ruleset: DATABASE_OWNER

  owner_create_grants:
    - STAGE
    - TABLE
    - VIEW

  owner_future_grants:
    STAGE: [OWNERSHIP]
    TABLE: [OWNERSHIP]
    VIEW: [OWNERSHIP]

  read_future_grants:
    STAGE: [READ]
    TABLE: [SELECT, REFERENCES]
    VIEW: [SELECT, REFERENCES]

2) Create database

Configuration guide for DATABASE

is_sandbox: true
permission_model: fivetran

3) Create business role

Configuration guide for BUSINESS ROLE

fivetran_owner:
  database_owner:
    - fivetran_db

4) Create user

ext_fivetran:
  rsa_public_key: ...
  business_roles:
    - fivetran_owner

How to grant access to objects created by Fivetran?

You may grant read access on all objects inside Fivetran database by using database_read parameter for BUSINESS ROLE.

For example:

fivetran_reader:
  database_read:
    - fivetran_db

If you want to provide granular on per-schema basis, it requires a bit more work.

Explicitly configure schema(s) in Fivetran database by creating corresponding sub-directories with params.yaml files inside.
Use parameter schema_read for BUSINESS ROLE.

For example:

fivetran_specific_reader:
  schema_read:
    - fivetran_db.braintree
    - fivetran_db.paypal

SnowDDL can only create "schema roles" for schemas which are explicitly defined in config.

PreviousLimitations & workarounds NextAirbyte

Last updated 1 year ago