Secure variable in snowflake

Question

Variable can contain some sensitive data The set operation for the variable is visible in the query history for anybody with proper access right. Is it possible to somehow mask the real value?

P.S. I've tried to use decrypt/encrypt - it's work for select as promised but not for a set.

most operations that are considered "secure" have the security part obscured in in the query history. In general setting a variable is not secure, as anybody that can use the variable and select the variable, thus I would suggest what you think is "secure" is not secure and the thing you are actually trying to make secure would be better off talking to snowflake support about, to do properly. — Simeon Pilgrim

Data Engineering Simplified Data Engineering Simplified · Accepted Answer · 2020-07-03T03:07:51

If you need to secure queries, you need to upgrade the version and move to a business-critical edition.

Alternatively (though not a scalable solution), write a secure UDF with hardcoded value and call that UDF from your set operation. Nobody can see the secure UDF content and in the query, you will have only UDF call.

Hope this helps.

Secure variable in snowflake

1 Answers