Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This guide helps you establish data security in your mirrored Snowflake in Microsoft Fabric.
Security considerations
To enable Fabric mirroring, you will need user permissions for your Snowflake database that contains the following permissions:
CREATE STREAMSELECT tableSHOW tablesDESCRIBE tables
For more information, see Snowflake documentation on Access Control Privileges for Streaming tables and Required Permissions for Streams.
Important
Any granular security established in the source Snowflake database must be re-configured in the mirrored database in Microsoft Fabric. For more information, see SQL granular permissions in Microsoft Fabric.
Supported authentication methods
The following table lists which authentication methods are supported for mirroring for Snowflake:
| Authentication method | Supported | Notes |
|---|---|---|
| Username and password | Yes | Snowflake native authentication |
| Microsoft Entra ID (SSO) | Yes | Single sign-on via Entra ID |
| Key pair authentication | Yes | RSA key pair for service account scenarios |
| Workspace identity | No | Not currently supported for Snowflake |
Data protection features
You can secure column filters and predicate-based row filters on tables to roles and users in Microsoft Fabric:
You can also mask sensitive data from non-admins using dynamic data masking: