Skip to content

HGInsights/gimme-snowflake-creds

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

62 Commits
.github/workflows
.github/workflows
 
 
cmd
cmd
 
 
internal/config
internal/config
 
 
pkg
pkg
 
 
.goreleaser.yml
.goreleaser.yml
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

gimme-snowflake-creds

build

CLI utility for retrieving ephemeral OAuth tokens for Snowflake via Okta.

Configuration and resulting OAuth tokens are used to generate profiled configurations for:

Inspired by gimme-aws-creds.

Prerequisites

Installation

Docker

Add the following to your ~/.bashrc or equivalent:

alias gimme-snowflake-creds="docker run -it --rm \
      -v ~/.okta_snowflake_login_config:/root/.okta_snowflake_login_config \
      -v ~/.dbt/profiles.yml:/root/.dbt/profiles.yml \
      -v ~/Library/ODBC:/root/Library/ODBC \
      -v ~/.gsc:/root/.gsc \
      hgdata1/gimme-snowflake-creds"

Manual

Download a release and extract the contents:

tar -xvf gimme-snowflake-creds_<version>_linux_amd64.tar.gz

Print a colon-separated list of locations in your PATH:

echo $PATH

Move the gimme-snowflake-creds binary to one of the locations listed in the previous step:

# Assumes you downloaded and extracted the binary in your `~/Downloads` directory
mv ~/Downloads/gimme-snowflake-creds /usr/local/bin/

Configuration

~/.okta_snowflake_login_config

default: prod # Applies if no profile argument is passed

driver-name: <driver_alias_name>
driver-path: <path_to_odbc_driver>

dev: 
  account: <snowflake_account_id>
  database: <snowflake_database_name>
  warehouse: <snowflake_warehouse_name>
  schema: <snowflake_schema_name>
  username: <okta_username>
  role: <snowflake_role>
  odbc-path: <path_to_odbc_ini_dir>  # Must be absolute path
  oauth: false
  
prod:
  account: <snowflake_account_id>
  database: <snowflake_database_name>
  warehouse: <snowflake_warehouse_name>
  schema: <snowflake_schema_name>
  username: <okta_username>
  role: <snowflake_role>
  odbc-path: <path_to_odbc_ini_dir>  # Must be absolute path
  okta-org: <okta_org_url>
  client-id: <okta_app_client_id>
  issuer-url: <okta_app_issuer_url>
  redirect-uri: <okta_app_redirect-uri>
  generic: true # Additionally places generic `.env`-style credentials in `~/.gsc/`

Usage

OAuth-enabled profile:

$ gimme-snowflake-creds -p prod
Okta password for gimme-user@example.com: ************************
✔ token:software:totp (GOOGLE)
MFA code: ******
 MFA verified!
 ODBC: Configuration written to: /Users/gimme.user/Library/ODBC/odbc.ini
 DBT: Configuration written to: /Users/gimme.user/.dbt/profiles.yml

OAuth-disabled profile:

$ gimme-snowflake-creds -p dev
 ODBC: Configuration written to: /Users/gimme.user/Library/ODBC/odbc.ini
 DBT: No existing configuration found, creating file...
 DBT: Configuration written to: /Users/gimme.user/.dbt/profiles.yml

About

Okta > OAuth > Snowflake > Creds

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

1 star

Watchers

5 watching

Forks

1 fork
Report repository

Releases 29

0.7.4 Latest
Jun 1, 2023
+ 28 releases

Contributors 4

  •  
  •  
  •  
  •  

Languages