Secure a Snowflake Native App with Snowpark Container Services¶

Initiate the provider approval process¶

When a provider sets the DISTRIBUTION=EXTERNAL property for an application package of an app with containers, Snowflake returns the following error if the provider has not been approved to publish an app with containers:

Error Code: 093197 Account is not allowed to create application package versions or patches with
Snowpark Container Services for EXTERNAL distribution

If you receive this error, you must submit a security questionnaire to begin the approval process.

The security questionnaire assesses the following:

• The provider’s security practices.

• The provider’s compliance readiness.

Submitting the security questionnaire begins the provider approval process.

Evaluation of the security questionnaire¶

After a provider submits the security questionnaire, Snowflake’s Security and Compliance team evaluates each response and the documentation included by the provider. Responses are evaluated to ensure alignment with industry best practices and standards.

In some cases, providers may be asked to provide additional information or undergo a more in-depth review to clarify any potential concerns or risks.

After reviewing the questionnaire, Snowflake makes a decision to allow the provider to publish an app with containers. If a provider is not approved, they must wait until Snowflake Native App with Snowpark Container Services is generally available.

The provider receives an email from Snowflake indicating if they are approved or wait listed until general availability.

Scanning an app with containers¶

After a provider is approved, the app with containers undergoes the automated security scan. This scan includes a normal app security scan and a scan of the container images included in the app.

The guidelines for how long the security scan takes to complete are: