Secure Data Sharing
You can access your Identity Security Cloud data from Snowflake. Prerequisites to using this functionality are purchasing the Secure Data Sharing add-on and providing your Snowflake account ID / locator so that SailPoint can share the right data with the right customer.
Your Identity Security Cloud data is stored in a Snowflake database, and the Secure Data Sharing add-on shares access to that.
This is a read-only view that is only available to AWS customers who are using Identity Security Cloud and Snowflake. Azure, GCP, or other cloud providers are currently not supported.
Installing and Configuring Secure Data Sharing
After you provide your Snowflake account identifiers, SailPoint can map Identity Security Cloud data to your account so you can use SailPoint’s private listing.
- Log in to your Snowflake SnowSight account as an AccountAdmin.
- Navigate to Data > Private Sharing.
- Find SailPoint Identity Data and select the Get icon to the right of the title.
- Select the database name.
- Assign additional roles (besides AccountAdmin) that need to access the database.
- Select the Get button. The Ready to Use message displays.
- Select the Query Data button to seamlessly access your live Identity data. Refer to Snowflake documentation for information about using that tool.
Secure Data Sharing Data Model
SailPoint’s dataset is composed of structured Identity and audit data. It includes relationship tables that connect Identity with other domain entities like entitlements, roles, access profiles, accounts, and apps. This dataset has an additional Audit events table that is a flattened representation of all the events happening for your organization in IdentityNow.
Refer to the Secure Data Share Entity Relationship Diagram.