Security scans for custom templates¶

You can use the developer APIs to create a custom template that can be used to run analyses in a Snowflake Data Clean Room. Snowflake runs a security scan on custom templates every 30 minutes to identify Jinja code that is susceptible to a SQL injection attack. These scans identify parameters in a template that might be susceptible to SQL injection.

View security scan results¶

The results of security scans are saved to the samooha_by_snowflake_local_db.public.template_scanner_results table in the provider’s Snowflake account.

To view results of security scans:

Sign in to Snowsight.
Use the database object explorer in Snowsight or a SQL query to view the security scan results:
1. In the left navigation, select Data » Databases.
2. Navigate to SAMOOHA_BY_SNOWFLAKE_LOCAL_DB » PUBLIC » Tables » TEMPLATE_SCANNER_RESULTS.
3. Select Data Preview.
1. Open Projects » Worksheets.
2. Select + » SQL Worksheet.
3. To list the results of the security scans, paste and run the following statement:
  SELECT * FROM samooha_by_snowflake_local_db.public.template_scanner_results;
  
  Copy