Running the Automated Security Scan¶
This topic describes how to use the automated security review provided by the Native Apps Framework. It also provides guidelines and best practices for creating secure application packages and applications.
Note
In some cases when an application fails an automated security review, additional manual review of the application code might be conducted to confirm the fail status or override it to approve the application.
This manual review may take up to five business days.
About the Native Apps Framework Security Requirements¶
All Native Apps Framework applications that meet the conditions described in About the Automated Security Scan must conform to the security requirements outlined in the following sections:
Security Requirements for Application Code¶
Application code included within an application package must conform to the following security requirements:
Your application must not load or execute any code from anywhere outside the application package except Snowflake-provided libraries. All the application code, including all library dependencies and setup code, must be included in the application version defined in the application package.
All application code must be un-obfuscated, meaning that the code must be human readable. This requirement includes minified JavaScript code.
Note
If an application needs to use minified JavaScript code, it must include a corresponding source map file that can be used to recover the un-minified code.
All dependencies or libraries with critical or high common vulnerabilities and exposures (CVE) must be updated to a secure version, if available.
Security Requirements for Application Functionality¶
The following security requirements apply to the functionality of your application:
All applications must provide the following information to customers as part of a listing:
All application functionality and features.
All Internet endpoints and URLs that the application connects to.
All external functions in the application.
Any consumer data logged, collected, or stored by the application.
Applications should function as advertised in the application listing.
All application installation and setup instructions must be included in the application listing.
Applications must not store or require any customer secrets to be in plain text.
Any communication between the application and the Internet should be over an HTTPS connection with a valid TLS certificate.
Applications must not have any functionality that could result in harm to Snowflake, its customers, or third parties. Harm includes but is not limited to:
Data leakage and/or loss;
Restricting consumer access to their data unless explicitly designed as part of the application functionality, for example, data masking for data access policies.
Excessive resource consumption.
Arbitrary code injection/execution.
Security Requirements for Application Permissions¶
The following security requirements apply to the privileges set by your application:
All applications must provide the following information in the manifest file:
All privileges required by the application on all objects.
All API integrations.
Applications should only ask for the minimum set of privileges needed for the application to function.
Recommended Security Best Practices¶
In addition to the security requirements imposed by the automated security scan, Snowflake recommends the following best practices when using the Native Apps Framework. Following these best practices helps reduce the likelihood of an application being blocked during security review.
Follow secure Software Development Life Cycle (SDLC) practices.
Review application code for vulnerabilities during the development lifecycle and fix them before creating an application version.
Review third-party libraries for vulnerabilities and update them to the latest secure version.
Review and update all third-party libraries in the application at least once a quarter.
Follow Snowflake security best practices as described in the following:
About the Automated Security Scan¶
The automated security scan is initiated when any of the following occur:
A provider adds a version to an application package with the DISTRIBUTION parameter set to EXTERNAL, The new version is scanned automatically.
A provider sets DISTRIBUTION=EXTERNAL on an application package that already has a version defined. All versions of the application package are scanned automatically.
Use the ALTER APPLICATION PACKAGE command to set the DISTRIBUTION property for an application package as shown in the following example:
ALTER APPLICATION PACKAGE HelloSnowflakePackage
SET DISTRIBUTION = EXTERNAL;
Viewing the Status of an Automated Security Review¶
Use the SHOW VERSIONS command to view the status of an automated security review as shown in the following example:
SHOW VERSIONS IN APPLICATION PACKAGE HelloSnowflakePackage;
The review_status
column displays one of the following statuses of the automated security review:
NOT_REVIEWED
IN_PROGRESS
APPROVED
REJECTED
Note
If an application passes the automated security scan, its status is updated to APPROVED. When an application fails the automated security scan, it is manually reviewed by Snowflake. After manual review, the application is status is updated to APPROVED or REJECTED.