CREATE CLASSIFICATION_PROFILE¶
Fully qualified name: SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE
Preview Feature — Open
Available to all accounts that are Enterprise Edition (or higher).
To inquire about upgrading, please contact Snowflake Support.
Creates a new instance of the CLASSIFICATION_PROFILE class or replaces an existing instance of the CLASSIFICATION_PROFILE class in the current or specified schema.
Syntax¶
CREATE [ OR REPLACE ] SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE
[ IF NOT EXISTS ] <classification_profile_name> ( <config_object> )
Parameters¶
classification_profile_nameSpecifies the identifier (name) for the instance of the CLASSIFICATION_PROFILE class; must be unique for the schema in which the object is created.
In addition, the identifier must start with an alphabetic character and cannot contain spaces or special characters unless the entire identifier string is enclosed in double quotes (for example,
"My object"). Identifiers enclosed in double quotes are also case-sensitive.For more information, see Identifier requirements.
Constructor arguments¶
config_objectAn OBJECT containing key-value pairs used to configure automatic sensitive data classification.
Key
Type
Default
Description
minimum_object_age_for_classification_daysINTEGER
Required: Specifies the minimum number of days an object must exist in order to be classified.
The value must be greater than or equal to zero.
maximum_classification_validity_daysINTEGER
Optional: Specifies the number of days since the last classification event before a table can be classified again using automatic classification.
Specify this value to ensure that tables are reclassified.
The value must be greater than or equal to
1.auto_tagBOOLEAN
FALSE
Optional: When
TRUE, sets the recommended classification system tags on the columns in the specified object when the classification process is complete.When
FALSE, automatic tagging does not occur.tag_mapOBJECT
Optional: Maps one or more user-defined tags to the SEMANTIC_CATEGORY system tag.
See Tag map.
custom_classifiersOBJECT
Optional: Specifies custom classifiers that are used when automatically classifying data.
Each key in the object specifies the name of an instance of the CUSTOM_CLASSIFIER class.
The value of each key specifies the custom_classifier!LIST method of the custom classifier instance.
Tag map¶
An OBJECT that maps one or more user-defined tags to the SEMANTIC_CATEGORY system tag.
'column_tag_map': [ ... ]An array of objects that have the following key-value pairs:
'tag_name': 'string'The fully qualified name of the tag.
For more information, see Identifier requirements.
'tag_value':'string'The string value of the tag.
Optional: If not specified, the tag value is mapped to the recommended value in the output of SYSTEM$CLASSIFY.
'semantic_categories': [ 'category' [ , 'category' ... ] ]A comma-separated list of categories for the SEMANTIC_CATEGORY system tag.
These values enable you to specify the tag and string value to set on a column.
Optional: If not specified, the tag is mapped to the recommended tag in the output of SYSTEM$CLASSIFY.
Access control requirements¶
A role used to execute this SQL command must have the following privileges at a minimum:
Database role |
Object |
Notes |
|---|---|---|
CLASSIFICATION_ADMIN |
Database role |
The account role that creates the object must be granted this database role. This database role exists in the shared SNOWFLAKE database. |
Note that operating on any object in a schema also requires the USAGE privilege on the parent database and schema.
For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.
For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.
Methods¶
You can call the following methods on the instance of the CLASSIFICATION_PROFILE class that you create:
Usage notes¶
To refer to this class by its unqualified name, include the database and schema of the class in your search path.
If the same tag and semantic category is mapped to two different values, then the order of the objects in the
column_tag_mapdetermines the tag and string value to set on a column. Order thecolumn_tag_maparrays from highest preference to lowest preference.
Examples¶
Create an instance and specify basic criteria to automatically classify tables in a schema:
CREATE OR REPLACE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE
my_classification_profile(
{
'minimum_object_age_for_classification_days': 1,
'maximum_classification_validity_days': 30,
'auto_tag': true
});
Create an instance and specify the tag mapping to a single tag:
CREATE OR REPLACE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE my_classification_profile_(
{
'minimum_object_age_for_classification_days':1,
'auto_tag':true,
'column_tag_map':{
'column_tag_map':[
{
'tag_name':'tag_db.sch.pii'
}
]
}
}
);
Create an instance and specify the tag mapping to different tag values:
CREATE OR REPLACE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE
my_classification_profile(
{
'minimum_object_age_for_classification_days':1,
'auto_tag':true,
'tag_map': {
'column_tag_map':[
{
'tag_name':'test_ac_db.test_ac_schema.pii',
'tag_value':'important',
'semantic_categories':['NAME']
},
{
'tag_name':'test_ac_db.test_ac_schema.pii',
'tag_value':'pii',
'semantic_categories':['EMAIL','NATIONAL_IDENTIFIER']
}
]
}
}
);
Create an instance and specify custom classifiers for the automatic classification process:
CREATE OR REPLACE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE my_classification_profile_(
{
'minimum_object_age_for_classification_days':1,
'auto_tag':true,
'custom_classifiers': {
'medical_codes': medical_codes!list(),
'finance_codes': finance_codes!list()
}
}
);