SnowDDL
  • 👋Introduction
  • ðŸšĐGetting started
  • 📋Main features
  • ðŸŠĪSnowDDL vs. Declarative DCM
  • In-depth guides
    • 👓Object identifiers
    • 📐Data types
    • ðŸ“ĶObject types
    • 🎭Role hierarchy
    • 🚧Permission model
    • ðŸ”ĶOther guides
      • Administration user
      • Integrations
      • Inbound shares
      • Object OWNERSHIP
      • Safe & unsafe DDL
      • Dependency management
      • Short hash explained
      • Env Prefix explained
      • Team workflow
      • Limitations & workarounds
      • Fivetran
      • Airbyte
      • Encrypt user passwords
      • Iceberg Tables
  • Basic usage (CLI + YAML)
    • ðŸ’ŧCLI interface
    • ðŸ“ĶYAML configs
      • ACCOUNT PARAMETER
      • ACCOUNT POLICY
      • AGGREGATION POLICY
      • ALERT
      • AUTHENTICATION POLICY
      • BUSINESS ROLE
      • DATABASE
      • DATABASE ROLE
      • DYNAMIC TABLE
      • EVENT TABLE
      • EXTERNAL ACCESS INTEGRATION
      • EXTERNAL FUNCTION
      • EXTERNAL TABLE
      • FILE FORMAT
      • FUNCTION
      • HYBRID TABLE
      • ICEBERG TABLE
      • MASKING POLICY
      • MATERIALIZED VIEW
      • NETWORK POLICY
      • NETWORK RULE
      • PERMISSION MODEL
      • PIPE
      • PLACEHOLDER
      • PROCEDURE
      • PROJECTION POLICY
      • RESOURCE MONITOR
      • ROW ACCESS POLICY
      • SCHEMA
      • SECRET
      • SEQUENCE
      • SHARE (outbound)
      • STAGE
      • STAGE FILE
      • STREAM
      • TABLE
      • TASK
      • TECHNICAL ROLE
      • USER
      • VIEW
      • WAREHOUSE
    • 🏷ïļYAML placeholders
    • 📎YAML tag !include
    • 🔐YAML tag !decrypt
  • Single DB
    • ðŸĶ€Overview
  • Advanced usage (Python)
    • ⚙ïļProgrammatic config
    • 🐍Architecture overview
      • ðŸ”ĩBlueprints
      • ðŸŸĢConfig
      • 🟠Parsers
      • ðŸŸĒResolvers
      • ðŸ”īEngine
    • 🏗ïļQuery builder & formatter
  • Breaking changes log
    • 0.45.0 - March 2025
    • 0.41.0 - January 2025
    • 0.37.0 - December 2024
    • 0.36.0 - November 2024
    • 0.33.0 - October 2024
    • 0.27.0 - May 2024
  • Links
    • GitHub repository
    • PyPI package
    • YouTube tutorials
    • Changelog
    • LinkedIn profile
Powered by GitBook
On this page
  • How to create unmanaged Iceberg table with SnowDDL
  • Step 1: Create permission model which includes permissions for Iceberg tables
  • Step 2: Create external volume
  • Step 3: Create catalog
  • Step 4: Create schema with references to EXTERNAL VOLUME and CATALOG
  • Step 5: Create Iceberg tables
  • Rationale: Why is it not possible to specify EXTERNAL VOLUME and CATALOG individually for each table?
  1. In-depth guides
  2. Other guides

Iceberg Tables

PreviousEncrypt user passwordsNextCLI interface

Last updated 4 months ago

At this moment SnowDDL supports UNMANAGED Iceberg tables using external catalog only.

If you are looking for MANAGED Iceberg tables support, please leave a comment in this thread describing the use case:

How to create unmanaged Iceberg table with SnowDDL

Step 1: Create permission model which includes permissions for Iceberg tables

Example of custom :

iceberg:
  inherit_from: default
  owner_create_grants:
    - ICEBERG_TABLE
  owner_future_grants:
    ICEBERG_TABLE: [OWNERSHIP]
  write_future_grants:
    ICEBERG_TABLE: [INSERT, UPDATE, DELETE, TRUNCATE]
  read_future_grants:
    ICEBERG_TABLE: [SELECT, REFERENCES]

Iceberg tables are not included in default permission model, since adding it to all schemas seems to introduce noticeable additional overhead during schema role creation.

Step 2: Create external volume

Example:

SET STORAGE_BASE_URL = 's3://my-bucket/iceberg_glue/';
SET STORAGE_ROLE_ARN = 'arn:aws:iam::123:role/snowflake_role';
SET STORAGE_EXTERNAL_ID = '...';

CREATE OR REPLACE EXTERNAL VOLUME TEST_EXTERNAL_VOLUME_GLUE
STORAGE_LOCATIONS =
(
    (
        NAME = 'iceberg_glue'
        STORAGE_PROVIDER = 'S3'
        STORAGE_BASE_URL = $STORAGE_BASE_URL
        STORAGE_AWS_ROLE_ARN = $STORAGE_ROLE_ARN
        STORAGE_AWS_EXTERNAL_ID = $STORAGE_EXTERNAL_ID
    )
)
ALLOW_WRITES = FALSE;

Step 3: Create catalog

Example:

SET GLUE_CATALOG_NAMESPACE = 'iceberg_glue'
SET GLUE_ROLE_ARN = 'arn:aws:iam::123:role/snowflake_glue';
SET GLUE_CATALOG_ID = '123';
SET GLUE_REGION = 'us-east-1';

CREATE OR REPLACE CATALOG INTEGRATION TEST_CATALOG_GLUE
CATALOG_SOURCE = GLUE
CATALOG_NAMESPACE = $GLUE_CATALOG_NAMESPACE
TABLE_FORMAT = ICEBERG
GLUE_AWS_ROLE_ARN = $GLUE_ROLE_ARN
GLUE_CATALOG_ID = $GLUE_CATALOG_ID
GLUE_REGION = $GLUE_REGION
ENABLED = TRUE;

Step 4: Create schema with references to EXTERNAL VOLUME and CATALOG

permission_model: iceberg
external_volume: text_external_volume_iceberg
catalog: test_catalog_glue

At this moment one schema may contain tables from one EXTERNAL VOLUME and one CATALOG only. If you have more external volumes and catalogs, please create more schemas.

Step 5: Create Iceberg tables

Example 1:

catalog_table_name: test_iceberg_table_1

Example 2:

metadata_file_path: test_iceberg_table_1/metadata/00001-cc112050-1448-4c2a-9e03-504e7f5fc62a.metadata.json
replace_invalid_characters: true

Rationale: Why is it not possible to specify EXTERNAL VOLUME and CATALOG individually for each table?

By specifying EXTERNAL VOLUME and CATALOG on schema level, we achieve two goals:

  1. Usage on EXTERNAL VOLUME and CATALOG are granted to schema owner role automatically.

  2. Each schema contains objects from one EXTERNAL VOLUME and one CATALOG, which helps to keep things clear and prevents mixture of various Iceberg table sub-types within one schema.

Similar to objects, EXTERNAL VOLUME should be created by ACCOUNTADMIN.

Documentation:

Similar to objects, CATALOG should be created by ACCOUNTADMIN.

Documentation:

Add parameters to config of which is supposed to contain Iceberg tables:

Create .

SnowDDL has built-in . It includes special "owner" roles which are created automatically for each schema. Objects in schema are supposed to be "owned" by schema owner role.

ðŸ”Ķ
https://github.com/littleK0i/SnowDDL/discussions/81
permission model
integration
https://docs.snowflake.com/en/sql-reference/sql/create-external-volume
integration
https://docs.snowflake.com/en/sql-reference/sql/create-catalog-integration
schema
configs for individual Iceberg tables
role hierarchy