Account Schema Attributes

The following lists the available out-of-the-box account schema attributes and customer configurable attributes. The attributes must be defined as string if not specified.

SailPoint requires certain attributes remain in your configuration. These attributes are referred to as Identity Attributes, and they must not be updated. If you update these attributes from their default values, the connector may fail. To resolve any issues caused by changing Identity Attributes, re-configure them to their default values. The following table lists the Identity Attributes for this connector:

Name of the user.

This is an Identity Attribute and must not be changed.

Name that the user enters to log into the system. Login names for users must be unique across your entire account.

Name displayed for the user in the Snowflake web interface.

First name of the user.

First, middle, and last name of the user.

Email address of the user.

Specifies the number of days after which the user status is set to Expired and the user is no longer allowed to log in.

Specifies a comment for the user.

Specifies whether the user is disabled, which prevents the following actions:

  • For new users, the user is locked out of Snowflake and cannot log in.
  • For existing users, setting the property aborts all their currently running queries and does not allow the user to issue any new queries. The user is also immediately locked out of Snowflake and cannot log back in.

Specifies whether the user is forced to change their password on next login (including their first/initial login) into the system.

The user’s lock/unlocked status in Snowflake.

Specifies the virtual warehouse that is active by default for the user’s session upon login.

Specifies the namespace (database only or database and schema) that is active by default for the user’s session upon login.

Specifies the primary role that is active by default for the user’s session upon login.

Specifies the set of secondary roles that are active for the user’s session upon login.

Owner role of the user’s account.

All roles directly assigned to the user.

Configurable Account Attributes

The following is a list of attributes that are not provided out-of-the-box. You can add them to your schema to view various Snowflake user information.

Timestamp indicating the user locked end time. The user remains locked until this time.

Timestamp indicating time when user expires.

Timestamp indicating time of user’s last successful login on Snowflake.

Specifies the number of minutes until the temporary lock on the user login is cleared.

Timestamp indicating time when user was created.