## Print the query you should run to generate a userdbt run-operation create_elementary_user
This command will generate a query to create a user with the necessary permissions. Run this query on your data warehouse with admin permissions to create the user.
Elementary cloud doesn't require read permissions to your tables and schemas, but only the following:
Read-only access to the elementary schema.
Access to read metadata in information schema and query history, related to the tables in your dbt project.
It is recommended to create a user using the instructions specified above to avoid granting excess privileges.
For more details, refer to security and privacy.
Account: Find your account by using the Snowflake account URL and removing snowflakecomputing.com. e.g. example.us-east-1. For more information, see Account Identifiers in the Snowflake docs.
Database name: The name of the database where your Elementary schema exist. e.g. analytics.
Warehouse: e.g. ELEMENTARY_WAREHOUSE.
Elementary schema: The name of your Elementary schema. Usually [schema name]_elementary.
Role (optional): e.g. ELEMENTARY_ROLE.
Elementary Cloud supports the user password and key pair authentication connection methods.
User password:
User: The user created for Elementary.
Password: The password you set when creating your Snowflake account.
Key pair:
User: The user created for Elementary.
Private key: The private key you generated for Elementary. For more information, see Generate Private Key in the Snowflake docs.
If you use network policies to restrict access, run this query on your data warehouse with admin permissions:
Copy
Ask AI
CREATE NETWORK POLICY ELEMENTARY_CLOUD ALLOWED_IP_LIST=('3.126.156.226') BLOCKED_IP_LIST=()COMMENT='IP used by Elementary Cloud to sync the Elementary schema';
After creating a network policy you would need to activate it. To activate a network policy for the elementary user simply run the following command -
Copy
Ask AI
ALTER USER <user_name> SET NETWORK_POLICY = ELEMENTARY_CLOUD;