Manage Snowflake reader account
Manage Snowflake reader account
The Snowflake reader account is created for an individual Coveo organization, and therefore only contains UA data related to that organization. Access to the Snowflake reader account for user or service accounts is managed through the Coveo Administration Console. By default, this access is IP-restricted, therefore an administrator with the required privileges can manage access by creating user accounts and adding allowed IP addresses.
Note
The reader account feature is intended for clients who don’t have a Snowflake account. By creating a reader account through the Coveo Administration Console, you can access your data through the Snowflake portal. |
Manage your reader account
To manage the reader account, go to the Raw Data page, under Snowflake Access > Reader Account (platform-ca | platform-eu | platform-au).
If you don’t yet have a reader account, click Create Snowflake Reader Account. The account is created automatically by using the data from your organization
Add or edit users
To add or edit users who can access the reader account:
-
In the Snowflake Users section, click Add User.
-
In the Add User panel that appears:
-
Enter a user name and email.
-
(Optional) If you’re granting temporary access to the user, select the Provide temporary access checkbox.
-
In the list that appears, select the applicable duration.
-
If you select Ends on specific date, select the date from the dropdown calendar that appears.
-
-
Click Add.
The user is added to the Snowflake Users list.
-
-
Snowflake account password setup: Once a user has been added, an email containing a temporary link to set the account password will be sent to the user. Once the password setup is complete, the user will need to use an allowed IP address to access the reader account.
-
To edit an existing user, click the user name you want to edit, and then click the desired option in the Action bar.
-
Reset password: Resets the password of the selected user account. An email containing a temporary link to reset the account password will be sent to the user.
-
Delete: Deletes the selected user account.
-
Reactivate user account: Reactivates an inactive user account. This option will only be displayed if the Status of the selected user account is
Expired
. During reactivation, the option to provide permanent or temporary access will also be provided.
-
Note
Snowflake users aren’t the same as members of your Coveo organization. They can either be user accounts or service accounts. |
Important
|
Add or block IP addresses
All IP addresses are blocked by default. Therefore, to ensure that the newly added user can access the reader account, you must add their IP address as well.
-
In the Snowflake Network Policy section, click Edit policy.
-
Under Allowed IP Addresses, enter the IP addresses that you want to allow.
-
Under Blocked IP Addresses, enter the IP addresses you want to block.
-
Click Save.
Notes
|
Snowflake credits
In Reader Account (platform-ca | platform-eu | platform-au) subpage, the Snowflake Credits resource monitor displays the monthly credit consumption for the reader account. As an authenticated administrator, you can view the amount of credits remaining based on your account’s consumption for the current month. The credit consumption is determined by the usage of the reader account’s warehouse.
The default size for a warehouse assigned to a reader account is x-small
.
It contains a total of 10 credits, which equates to approximately 10 hours of data processing.
For more information regarding warehouse sizes and how their respective credits are computed, see Understanding compute cost.
A reader account that’s linked to a Coveo organization is automatically assigned a customer_wh
warehouse.
The warehouse is required to execute SQL queries.
The credits consumed by the warehouse count toward your monthly limit.
Actions | Credit consumption |
---|---|
Viewing dashboards and reports, and generating CSV exports in the Administration Console. |
|
Performing API calls to the UA Read API. |
|
Connecting an external BI tool to the reader account. |
|
Performing queries in the Snowflake console. |
|
Performing queries against Snowflake with a user created on the Raw Data page. |
Access the reader account
On the Raw Data page, under Snowflake Access > Reader Account (platform-ca | platform-eu | platform-au), click Access Snowflake.
The Sign in to Snowflake page will open on a separate tab on your browser. You’ll then be able to log in with the credentials specific to the Snowflake interface.
Delete the reader account
At a certain point, you may want to delete the reader account. For example, if you’re no longer using the reader account or if you’re switching to your own Snowflake account.
Deleting a reader account is irreversible, therefore if you have worksheets that you want to keep, make sure to copy and save the them to your local drive beforehand. |
To delete the reader account:
-
Go to the Snowflake Reader Account Management section located at the bottom of the Reader Account (platform-ca | platform-eu | platform-au) subpage, and then click Delete Snowflake Reader Account.
-
In the Delete Reader Account panel that appears, click Delete.
Security recommendations
To ensure the reader account remains secure, we recommend the following practices:
-
Monitor and remove inactive users to prevent unauthorized access to the reader account.
For increased security, we recommend setting a network policy.
-
For advanced features, security, and long-lived solutions, consider using your own Snowflake account for added flexibility and control.
-
Reader account passwords don’t expire. Therefore it’s important to encourage users to create strong and unique passwords. Since a password reset isn’t enforced, it’s equally important to manually reset them periodically.
Required privileges
The following privileges are required to view or manage the Snowflake reader account.
Action | Service - Domain | Required access level |
---|---|---|
View and export data |
Analytics - Snowflake Management |
View |
Add or edit users |
Organization - Organization |
View |
Analytics - Snowflake Management |
Edit |
|
Analytics - Administrate |
Allowed |
|
Add or block IP addresses |
Organization - Organization |
View |
Analytics - Snowflake Management |
Edit |
|
Analytics - Administrate |
Allowed |