louisdorard/dataiku_snowflake.sql

## dataiku_snowflake.sql
 begin;

  -- create variables for user / password / role / warehouse / database (needs to be uppercase for objects)
  set role_name = 'DATAIKU_ROLE';
  set user_name = 'DATAIKU_USER';
  set user_password = 'REPLACEME';
  set warehouse_name = 'DATAIKU_WAREHOUSE';
  set database_name = 'DATAIKU_DATABASE';
  set schema_name = 'DATAIKU_SCHEMA';  set stage_name = 'DATAIKU_STAGE';

  -- change role to securityadmin for user / role steps
  use role securityadmin;

  -- create role for dataiku
  create role if not exists identifier($role_name);
  grant role identifier($role_name) to role SYSADMIN;

  -- create a user for dataiku
  create user if not exists identifier($user_name)
  password = $user_password
  default_role = $role_name
  default_warehouse = $warehouse_name;

  grant role identifier($role_name) to user identifier($user_name);

  -- change role to sysadmin for warehouse / database steps
  use role sysadmin;

  -- create a warehouse for dataiku
  create warehouse if not exists identifier($warehouse_name)
  warehouse_size = xsmall
  warehouse_type = standard
  auto_suspend = 60
  auto_resume = true
  initially_suspended = true;

  -- create database for dataiku
  create database if not exists identifier($database_name);

  -- grant dataiku role access to warehouse
  grant USAGE
  on warehouse identifier($warehouse_name)
  to role identifier($role_name);

  -- grant dataiku access to database
  grant CREATE SCHEMA, MONITOR, USAGE
  on database identifier($database_name)
  to role identifier($role_name);

  -- create schema for dataiku
  use database identifier($database_name);
  create schema if not exists identifier($schema_name);

  -- grant dataiku access to schema
  Grant MONITOR, USAGE, CREATE TABLE, CREATE STAGE, CREATE FUNCTION, CREATE PROCEDURE
  on schema identifier($schema_name)
  to role identifier($role_name);
    -- create stage for dataiku
  use schema identifier($schema_name);
  create stage if not exists identifier($stage_name);

  -- grant dataiku access to stage (only if on AWS)
  Grant WRITE, READ
  on stage identifier($stage_name)
  to role identifier($role_name);
  commit;
	begin;

	-- create variables for user / password / role / warehouse / database (needs to be uppercase for objects)
	set role_name = 'DATAIKU_ROLE';
	set user_name = 'DATAIKU_USER';
	set user_password = 'REPLACEME';
	set warehouse_name = 'DATAIKU_WAREHOUSE';
	set database_name = 'DATAIKU_DATABASE';
	set schema_name = 'DATAIKU_SCHEMA'; set stage_name = 'DATAIKU_STAGE';

	-- change role to securityadmin for user / role steps
	use role securityadmin;

	-- create role for dataiku
	create role if not exists identifier($role_name);
	grant role identifier($role_name) to role SYSADMIN;

	-- create a user for dataiku
	create user if not exists identifier($user_name)
	password = $user_password
	default_role = $role_name
	default_warehouse = $warehouse_name;

	grant role identifier($role_name) to user identifier($user_name);

	-- change role to sysadmin for warehouse / database steps
	use role sysadmin;

	-- create a warehouse for dataiku
	create warehouse if not exists identifier($warehouse_name)
	warehouse_size = xsmall
	warehouse_type = standard
	auto_suspend = 60
	auto_resume = true
	initially_suspended = true;

	-- create database for dataiku
	create database if not exists identifier($database_name);

	-- grant dataiku role access to warehouse
	grant USAGE
	on warehouse identifier($warehouse_name)
	to role identifier($role_name);

	-- grant dataiku access to database
	grant CREATE SCHEMA, MONITOR, USAGE
	on database identifier($database_name)
	to role identifier($role_name);

	-- create schema for dataiku
	use database identifier($database_name);
	create schema if not exists identifier($schema_name);

	-- grant dataiku access to schema
	Grant MONITOR, USAGE, CREATE TABLE, CREATE STAGE, CREATE FUNCTION, CREATE PROCEDURE
	on schema identifier($schema_name)
	to role identifier($role_name);
	-- create stage for dataiku
	use schema identifier($schema_name);
	create stage if not exists identifier($stage_name);

	-- grant dataiku access to stage (only if on AWS)
	Grant WRITE, READ
	on stage identifier($stage_name)
	to role identifier($role_name);
	commit;