Manage your Snowflake access controls as code.
🚣♂️ Before Spyglass: Permissions are managed manually across scripts, snowsight worksheets, and one-off requests.
🚤 After Spyglass: Permissions are managed centrally in git and automatically synced to Snowflake.
For a detailed explanation, see our Introducing Snowflake Access-as-Code post.
Basic usage of this tool looks like:
1. Import your current Snowflake objects/roles to YAML.
┌───────────┐ spyglass import / sync ┌──────────┐
│ Snowflake │ ──────────────────────────────► │ YAML │
└───────────┘ └──────────┘
2. Manage them as code.
┌───────────┐ make changes ┌──────────┐
│ │ ──────────────────────────────► │ │
│ Data User │ spyglass verify │ YAML │
│ │ ──────────────────────────────► │ │
└───────────┘ └──────────┘
3. Automatically sync objects/roles between your Git repo and Snowflake.
┌───────────┐ spyglass apply ┌──────────┐
│ Snowflake │ ◄────────────────────────────── │ YAML │
└───────────┘ └──────────┘
Install the CLI using npm
:
sudo npm install -g spyglass-cli@latest
See How do I set up the CLI? #43.
See the Reference Documentation for details on the configuration.
See How do I set up github actions / workflows? #42.
For getting insight into "who can access what?", see Announcing Queries (alpha) #45.
We love working with the community, here's a few ways to get involved:
For submitting security issues, see SECURITY.md
For our security guidance to users, see Security Best Practices #96
We constantly improve this software, but we need your help! By default, we log anonymous analytics such as: commands invoked, errors, and software versions. We never log any personally-identifiable user information.
To opt out, you can run spyglass config:set disableAnalytics true
. See https://github.com/spyglasshq/spyglass-cli/issues/9 and logging.ts for more information.
As of Q1 '23, Spyglass has full support for Snowflake. Support for other analytics databases (BigQuery, Databricks, Redshift, Oracle, etc.) is planned to follow.
Check out the Milestones page to track further progress.