How Snowflake empowers analysts to keep up with a changing world

As the pace of business change continues to accelerate, the need for timely analytics-based decisions intensifies. Chances are your IT organization already has its hands full with the engineering, validation, and governance of important enterprise standard datasets. The business analyst community within your organization wants to find a secure, efficient, and repeatable way to access and experiment with this enterprise data along with crucial custom datasets that can change as rapidly as the business does. IT might not have the bandwidth or the resources to satisfy this constant demand for new data sources.

Here’s where Snowflake can help. With its ability to separate compute, its scalability, and the ability to share data without replicating it, Snowflake fulfills crucial needs for business data platforms. This article focuses primarily on design considerations within a single Snowflake account, although we recognize that your Snowflake environment could cross multiple accounts. For simplicity, let’s assume the required data — both enterprise data and custom data — is already in Snowflake.

Three design approaches can make Snowflake a sandbox for super-analysts:

Set up access control with an RBAC model

In Snowflake’s role-based access control (RBAC) model, access privileges are first assigned to roles, which are then assigned to users. The model follows role inheritance and defines who can access and manipulate specific objects within an account. In the diagram below, the EDW_READ role has read-only access to EDW, which is assigned to the SANDBOX_DEVELOPER role. Therefore, the Sandbox_Developer role inherits the read access to EDW from the EDW_READ role — enabling analysts to query data from both EDW and Sandbox at the same time. Implementing a good access control strategy is key to ensuring there are no risks to EDW data and processes. And with the introduction of Snowflake’s new secondary role capability, configuration options are very flexible.

Manage virtual warehouses

Snowflake’s ability to create virtual warehouses allows you to isolate the sandbox workloads from production processes while still sharing access to a common data store. Different groups of users or workloads can be allocated to a dedicated virtual warehouse. Each warehouse is an independent cluster that can be scaled up or down on demand and can be paused when not in use to reduce spend on compute. For example, we can assign Sandbox users to run queries and perform data loads on their individual warehouse while the production processes run on a separate warehouse. This avoids any bottlenecks with compute resources as they run independently of each other.

Leverage views

Views offer a cost-effective way to enable access to EDW data without compromising its integrity. Custom datasets can be brought into the logical database or schema for the analyst user to blend with the EDW data set. With sandbox users’ read access to the EDW database, they can join enterprise data with their own custom datasets by creating business-friendly views that contain data that is required only for analysis.

A recipe for secure and scalable custom analysis

Therefore, we can empower the analyst community to discover additional insights by first laying a solid access control foundation using an RBAC model, isolating workloads using a purposeful warehouse for compute, and then building the necessary views to combine the EDW and the custom datasets.

Snowflake democratizes valuable data and empowers the analyst community within your organization to perform self-service analytics.

A note about Snowflake organizations and data sharing

This article covers a few considerations for databases set up within a single Snowflake account. In addition, Snowflake leverages zero-copy data sharing and gives data scientists and analytics teams instant access to a wide range of datasets from third-party data providers. Snowflake recently introduced the concept of organizations, which gives clients flexibility to manage their environments by combining the management of multiple Snowflake accounts. In the scenario described in this article, a sandbox environment can be managed in a separate account tied to a separate warehouse. Data sharing would then be used to provide secured and governed access to enterprise datasets without involving data movement or storage costs on the consumer’s end.

About Cervello, a Kearney company

Cervello, is a data and analytics consulting firm and part of Kearney, a leading global management consulting firm. We help our leading clients win by offering unique expertise in data and analytics, and in the challenges associated with connecting data. We focus on performance management, customer and supplier relationships, and data monetization and products, serving functions from sales to finance. We are a Solution Partner of Snowflake due to its unique architecture. Find out more at Cervello.com.

About Snowflake

Snowflake delivers the Data Cloud — a global network where thousands of organizations mobilize data with near-unlimited scale, concurrency, and performance. Inside the Data Cloud, organizations unite their siloed data, easily discover and securely share governed data, and execute diverse analytic workloads. Wherever data or users live, Snowflake delivers a single and seamless experience across multiple public clouds. Join Snowflake customers, partners, and data providers already taking their businesses to new frontiers in the Data Cloud. snowflake.com.