Skip to content

Snowflake JDBC

Service Name: Snowflake

Service Description: Snowflake is a cloud-based data warehousing platform that provides a complete solution for data storage, processing, and analytics. It separates compute from storage to offer scalable and flexible data solutions.

Service Address: https://www.snowflake.com/

Validation Type: API Auth

IP Allow list: Does not exist

Secret Access Scope: Grants JDBC connection access to Snowflake data warehouses, allowing database operations through Java applications.

Secret Revokement URL: Does not exist

Secret Example: jdbc:snowflake://account.snowflakecomputing.com/?user=username&password=password&warehouse=COMPUTE_WH&role=ACCOUNTADMIN

Suspicious Activity Investigation Instructions:

  • Review Snowflake account access history for unauthorized login attempts
  • Check query history for unusual data access patterns or large data exports
  • Monitor warehouse usage for unexpected compute consumption
  • Examine network access logs for connections from unfamiliar locations
  • Review role and privilege changes in the account

Mitigation Instructions:

  • Immediately change the password associated with the compromised credentials
  • Revoke and rotate any OAuth tokens or keys associated with the account
  • Review and restrict IP access to the Snowflake account if possible
  • Enable multi-factor authentication for all users
  • Audit user permissions and remove unnecessary privileges
  • Update application configuration files to use secure credential storage