Initial Snowflake Setup
Before we jump into making our snowflake agent, lets go through the initial setup.
Auth Setup
- To connect to snowflake you’ll need to generate a role on snowflake, attach a user to that role, and use private key-pair auth to add that role to snowflake.
- You can have multiple snowflake credentials in credal each tied to their own snowflake user/role to ensure secure access.
1. Create a role in snowflake which will control read access to tables/views (e.g CREDAL_READ)
2. Create a new User that is granted the CREDAL_READ role
3. Setup Snowflake key pair authentication
- Follow this guide to setup key-pair auth: Snowflake Key Pair Auth
4. Add your snowflake credential on the [action provider page]
- They will need the
Subdomain,Account Identifier,Username,Private KeyandSHA-256 Fingerprintto add the snowflake connection.
Implementation Steps
Step 1: Create Your Agent
- Navigate to the Agents page and click “Create New Agent”
- Name your agent “Snowflake Data Extractor”
- Add this description:
This assistant helps employees query data from snowflake getting metrics, analysis and human-readable responses on the data.
- Enable Code Interpreter (required for image generation)
Output from the runSnowflakeQuery Action is passed into Open AI Code Interpreter for image generation and analysis (depending on your parameter setup)
Tip: A detailed description helps users understand the purpose of your Agent.
Step 2: Create the runSnowflake Action
- Database: the default database to use when querying
- Warehouse: the compute warehouse to run your queries (will likely be hardcoded)
- Query: Depends on whether you take the Query Templates Approach or the Snowflake Views approach (explained more in next steps)
- Account Name: Your snowflake account name (will likely be hardcoded)
- Format: The format of your output
csvorjson(prefercsv) - Role: The role you would like to use with the credentials (optional)
- Limit (Optional): The limit on number of rows to return, anything over this limit will mention “data queried was too large”
- Code Interpreter Limit (Optional): The minimum number of rows required to pass to code interpreter for analysis (thinking models handle small sets of results (e.g < 100) better than code interpreter)
- Code Interpreter Image Gen Limit (Optional): The minimum number of rows required for image generation (in case you want thinking models for analysis and image generation for more than X results)
Step 3: Configure Access Control for Snowflake Credentials
Access to Snowflake data is controlled at two levels:
- Credential Access:
- Only the creator of a Snowflake credential can attach it to an Action.
- Action Access:
- You can specify exactly which users or groups can use this Action through the End User Access settings
- This ensures that only authorized personnel can execute queries using the attached Snowflake credentials
Important Security Note: Any user with end-user access to an Action will be able to use the attached Snowflake credentials through that Action. Ensure you carefully manage the End User Access list to maintain proper data security.
Step 4: Model Choice
The base model you select will affect queries generated and analysis of results. It’s recommended to use a thinking model with reasoning enabled such as o3 or Claude 3.7, however the model you select is also dependant on the query approach. You may want to use a smaller non-reasoning model for query templates which are more well defined compared to snowflake views.
Step 5: Choose your query approach
Right now there are 2 approaches to querying snowflake for data
-
1. Query Templates
-
2. Snowflake Views
Each one has their own pros and cons and will likely be usecase dependant. Read about each approach and implementation steps in the Query Approaches