Created
December 7, 2021 08:56
-
-
Save louisdorard/1fbbd6eea7da2a22b35a9721490cb192 to your computer and use it in GitHub Desktop.
Dataiku <> Snowflake setup script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
begin; | |
-- create variables for user / password / role / warehouse / database (needs to be uppercase for objects) | |
set role_name = 'DATAIKU_ROLE'; | |
set user_name = 'DATAIKU_USER'; | |
set user_password = 'REPLACEME'; | |
set warehouse_name = 'DATAIKU_WAREHOUSE'; | |
set database_name = 'DATAIKU_DATABASE'; | |
set schema_name = 'DATAIKU_SCHEMA'; set stage_name = 'DATAIKU_STAGE'; | |
-- change role to securityadmin for user / role steps | |
use role securityadmin; | |
-- create role for dataiku | |
create role if not exists identifier($role_name); | |
grant role identifier($role_name) to role SYSADMIN; | |
-- create a user for dataiku | |
create user if not exists identifier($user_name) | |
password = $user_password | |
default_role = $role_name | |
default_warehouse = $warehouse_name; | |
grant role identifier($role_name) to user identifier($user_name); | |
-- change role to sysadmin for warehouse / database steps | |
use role sysadmin; | |
-- create a warehouse for dataiku | |
create warehouse if not exists identifier($warehouse_name) | |
warehouse_size = xsmall | |
warehouse_type = standard | |
auto_suspend = 60 | |
auto_resume = true | |
initially_suspended = true; | |
-- create database for dataiku | |
create database if not exists identifier($database_name); | |
-- grant dataiku role access to warehouse | |
grant USAGE | |
on warehouse identifier($warehouse_name) | |
to role identifier($role_name); | |
-- grant dataiku access to database | |
grant CREATE SCHEMA, MONITOR, USAGE | |
on database identifier($database_name) | |
to role identifier($role_name); | |
-- create schema for dataiku | |
use database identifier($database_name); | |
create schema if not exists identifier($schema_name); | |
-- grant dataiku access to schema | |
Grant MONITOR, USAGE, CREATE TABLE, CREATE STAGE, CREATE FUNCTION, CREATE PROCEDURE | |
on schema identifier($schema_name) | |
to role identifier($role_name); | |
-- create stage for dataiku | |
use schema identifier($schema_name); | |
create stage if not exists identifier($stage_name); | |
-- grant dataiku access to stage (only if on AWS) | |
Grant WRITE, READ | |
on stage identifier($stage_name) | |
to role identifier($role_name); | |
commit; | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment