Onboarding Steps


Background

Bluesky connects to Snowflake via the Snowflake Database which contains metadata like historical queries, usage metrics, organizations and accounts. Bluesky uses such metadata to analyze underlying workloads, provide granular reporting, and provide efficiency optimization suggestions to improve performance and ROI of Snowflake.

Bluesky requires read-only access to the Snowflake Database and thus, will not be able to mutate any data in it. Bluesky requires no access to the actual business data (e.g. tables, materialized view, schema) in your Snowflake instance.

Preliminary Steps:

💡 Please make sure you are running commands in the role ACCOUNTADMIN (refer to How to Switch To ACCOUNTADMIN Role). 

💡 To run the commands, you could simply copy & paste the following commands and directly run in the Snowflake console using ACCOUNTADMIN role (refer to How to Run Commands in Snowflake UI Console).

In the following script, we will use the Snowflake admin role to create a user and a role for Bluesky with minimal privileges. The reason why we’re using the accountadmin role is because it’s the only role that can provide the Snowflake metadata which Bluesky reads to provide its analysis. The only thing that the Bluesky user will be able to do is read usage data. You will be able to track all the activity of the Bluesky user in the Snowflake UI and in the query history.  

Script to Copy:

Copy and paste the following into the Snowflake Console:

Dark Mode Code Snippet Dark Mode Code Snippet
-- Step 1. Create a new role for Bluesky Data
CREATE ROLE BLUESKY_READONLY
   comment = 'This role has read only permissions for Bluesky Data';

-- Step 2. Give our role privileges on the internal SNOWFLAKE db to allow us to analyze historical queries and metadata
GRANT IMPORTED PRIVILEGES
  ON DATABASE SNOWFLAKE
  TO ROLE BLUESKY_READONLY;

-- Step 3. Create a small sized Warehouse
CREATE WAREHOUSE bluesky_wh WITH WAREHOUSE_SIZE = 'X-SMALL' WAREHOUSE_TYPE = 'STANDARD' AUTO_SUSPEND = 30 AUTO_RESUME = TRUE MIN_CLUSTER_COUNT = 1 MAX_CLUSTER_COUNT = 2 SCALING_POLICY = 'STANDARD';

-- Step 4. Give our role USAGE on the Warehouse
GRANT USAGE ON WAREHOUSE bluesky_wh TO ROLE BLUESKY_READONLY;

-- Step 5. Create a user (user_name is bluesky_user, password is 123)
CREATE USER bluesky_user PASSWORD = '123' DEFAULT_ROLE =  BLUESKY_READONLY
MUST_CHANGE_PASSWORD = TRUE;

-- Step 6. Grant the role to user
GRANT ROLE BLUESKY_READONLY TO USER bluesky_user;

-- Step 7. Set the default role as read_only for safety reasons
ALTER USER bluesky_user SET default_role = BLUESKY_READONLY;

-- Step 8. Create a DB for us and grant us write access to the DB. This step allows us to define our own views (e.g., sampling, or filters) for analysis purposes.
CREATE DATABASE bluesky_db;

-- Step 9. Grant all privileges for the newly created DB ("bluesky_db") to role BLUESKY_READONLY
GRANT all PRIVILEGES ON DATABASE bluesky_db TO ROLE BLUESKY_READONLY;

-- Step 10. Grant monitoring permission to role BLUESKY_READONLY
GRANT monitor USAGE ON account TO ROLE BLUESKY_READONLY;

-- Step 11. Allows access to query operator stats
GRANT monitor ON account TO ROLE BLUESKY_READONLY;
        
Onboarding Steps >Bluesky Estimate >Alert Systems >