Learn how to migrate Snowflake service accounts from passwords to RSA key-pair authentication and Network Security Policies (NSP) to prevent credential stuffing.

Snowflake Community is a platform for users of the Snowflake cloud data platform to share knowledge, ask questions, and collaborate. Readers can learn about cloud data warehousing, data analytics, and data engineering best practices. With forums, user groups, and community events, Snowflake Community provides resources for Snowflake users to connect and learn from each other.

Snowflake Community

A real-world security incident where a Snowflake service account was targeted by repeated authentication attempts, but the attack was prevented by migrating from password-based authentication to RSA key-pair authentication combined with Network Security Policies (NSP). The post details the incident response, including SQL commands to lock and disable compromised accounts, step-by-step instructions for setting up key-pair authentication with encrypted private keys, and best practices for secure credential sharing with vendors. It also compares five different approaches to securing service accounts, from basic key-pair auth to advanced solutions like OAuth integration and Private Link.

Snowflake Builders Blog: Data Engineers, App Developers, AI, & Data Science