Issue: In SDC 5.5.0 and below, when configuring Snowflake stage, user is still forced to configure username and password even if key pair (private_key_file and private_key_file_password) are used in the Snowflake Connection Properties. This is due to the current implementation of the stage always requires username and password.
Solution: In SDC 5.6.0 and above, in Snowflake Connection Info tab, user can now choose to use Key Pair to connect to Snowflake without being prompted for User Credentials. Selecting Key Pair will allow the user to authenticate using Public Key and Private Key to make the connection to Snowflake.
User can follow this Snowflake documentation https://docs.snowflake.com/en/user-guide/key-pair-auth to create a key pair and add Private Key path to pipeline configuration.
- To generate the keys, please use these following commands:
- For encrypted private key:
openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -v1 PBE-SHA1-RC4-128 -out rsa_key.p8 - For non-encrypted private key:
openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt - For public key:
openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub
- For encrypted private key:
- After generating the keys, you must set the new public key to match with your user account on Snowflake to activate the key pair.
- This query can be used to validate if the key pair is valid:
snowsql -a <AccountName> -u <username> --private-key-path <path/to/rsa_key.p8>