- Kategorien:
Systemfunktionen (Systeminformationen)
SYSTEM$VERIFY_CMK_INFO¶
Verifiziert die Konfiguration Ihres kundenverwalteten Schlüssels (CMK) und gibt eine Meldung über den registrierten CMK zurück.
Syntax¶
SYSTEM$VERIFY_CMK_INFO( [ '<ssa_account_name>' ] )
Argumente¶
Benötigt:
Keine.
Optional:
ssa_account_nameEine Zeichenfolge, die den SSA-Kontonamen angibt, für das Sie die CMK-Konfiguration überprüfen möchten.
Rückgabewerte¶
Gibt eine erfolgreiche Statusmeldung oder, wie in den folgenden Beispielausgaben gezeigt, Informationen zur fehlgeschlagene Verifizierung zurück:
AWS:
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | SYSTEM$VERIFY_CMK_INFO() | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Verification failed due to an exception with message: Access is denied to the customer managed key (CMK) for this account. This could be because: 1) the CMK access permissions granted to Snowflake have been revoked OR 2) the CMK is disabled OR 3) the CMK is scheduled for deletion OR 4) the CMK specified is wrong. CMK ARN used: arn:aws:kms:us-west-2:736112632311:key/ceab36e4-f0e5-4b46-9a78-86e8f17a0f59 | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Azure::
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | SYSTEM$VERIFY_CMK_INFO() | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Verification failed due to an exception with message: Error received from the customer managed key (CMK) provider caused by user: 'Your request cannot be completed because of the failure of an external dependency. Please try again later.'. CMK KEY URI used: https://trisecretsite.vault.azure.net/keys/TriSecretAZKeyWrong | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Google Cloud:
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | SYSTEM$VERIFY_CMK_INFO() | +---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Verification failed due to an exception with message: Access is denied to the customer managed key (CMK) for this account. This could be because: 1) the CMK access permissions granted to Snowflake have been revoked OR 2) the CMK is disabled OR 3) the CMK is scheduled for deletion OR 4) the CMK specified is wrong. CMK resource ID used: projects/my-env/locations/us-west2/keyRings/TriSecretTest/cryptoKeys/TriSecretGCPKey | +---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Anforderungen an die Zugriffssteuerung¶
Nur Benutzende mit der Rolle ACCOUNTADMIN oder einer Rolle, die über die Berechtigung MONITOR SECURITY verfügt, können diese Funktion aufrufen.
Nur Benutzende mit der Rolle GLOBALORGADMIN oderORGADMINkönnen einen SSA-Kontonamen angeben.
Beispiele¶
Verifizieren des Status des CMK für Ihr Snowflake-Konto:
SELECT SYSTEM$VERIFY_CMK_INFO();
Verifizieren des Status des CMK für ein bestimmtes SSA-Konto:
SELECT SYSTEM$VERIFY_CMK_INFO('AUTO_FULFILLMENT_AREA$PUBLIC_AZURE_EASTUS2');