cotera

What Cotera Needs

In short, Cotera needs three things:

  1. The host name for your Snowflake instance.
    1. <account_identifier>.snowflakecomputing.com
    2. https://docs.snowflake.com/en/user-guide/admin-account-identifier
  2. Read access to the data you’d like us to work with. This could be a handful of tables, or an entire schema or two. Speak with your CSM to narrow down what’s needed for your particular use case!
  3. Write access to a schema that we own called cotera_data. This should be in the same database as the data you want us to read from. The reason we ask for this write schema is so that we can persist our model outputs back into your warehouse. This way you own them forever and we don’t persist any data on our infrastructure!

Once you're done head over to the settings page and go to the integrations section.

For the Display Name field, you can put in any name you like. The read_schema and write_schema fields should both be set to cotera_data the dataset you made earlier on.

Snowflake Key-Pair Auth

We use key-pair auth to authenticate with Snowflake.

We will provide you with a public key, and when you create our user attach the public key to the user as described below.

The private key lives on our side, is never sent anywhere, and is encrypted at rest using AES-256.

How should I create a Snowflake user for Cotera?

Sign into your snowflake dashboard and assume the ACCOUNTADMIN role. The following script is a reasonable starting configuration for a Cotera user:

-- Assume ACCOUNTADMIN
use role ACCOUNTADMIN;

-- Create a role for cotera.
create role if not exists cotera;

-- Grant the role to SYSADMIN (useful for troubleshooting)
grant role cotera to role SYSADMIN;

-- create a warehouse for cotera
create warehouse if not exists cotera
warehouse_size = xsmall
warehouse_type = standard
auto_suspend = 60
auto_resume = true
initially_suspended = true;

-- Create a user for cotera - make sure to set a strong password here!
create user if not exists cotera
default_role = "cotera"
default_warehouse = "cotera"
rsa_public_key = "<insert the provided public key>";

-- Grant the cotera role to the cotera user.
grant role cotera to user cotera;

-- Allow cotera to use the warehouse you want it to.
grant usage on warehouse cotera to role cotera;

-- Create the cotera_data schema
create schema cotera_data;
grant usage on schema cotera_data to role cotera;
grant all on schema cotera_data to role cotera;

-- Grant read access to other schemas
-- This depends on what data you want us to access!
-- For example:
grant usage on schema foo to role cotera;
grant select on all tables in schema foo to role cotera;
grant select on all views in schema foo to role cotera;