Snowflake 관리형 MCP 서버¶
개요¶
참고
Snowflake는 Model Context Protocol 개정판 :code:`2025-06-18`을 지원합니다.
MCP(Model Context Protocol)는 AI 에이전트가 비즈니스 애플리케이션 및 외부 데이터 시스템(예: 데이터베이스 및 콘텐츠 리포지토리)과 안전하게 상호 작용할 수 있도록 하는 `오픈 소스 표준<https://modelcontextprotocol.io/docs/getting-started/intro>`_입니다. MCP를 사용하면 엔터프라이즈 비즈니스가 통합 문제를 줄이고 모델에서 신속하게 결과를 제공할 수 있습니다. 출시 이후, MCP는 도구를 호출하고 데이터를 검색하기 위한 일관되고 안전한 메커니즘을 제공하여 에이전트 애플리케이션의 기초가 되었습니다.
The Snowflake-managed MCP server lets AI agents securely retrieve data from Snowflake accounts without needing to deploy separate infrastructure. You can configure the MCP server to serve Cortex Analyst, Cortex Search, and Cortex Agents as tools, along with custom tools and SQL executions on the standards-based interface. MCP clients discover and invoke these tools, and retrieve data required for the application. With managed MCP servers on Snowflake, you can build scalable enterprise-grade applications while maintaining access and privacy controls. The MCP server on Snowflake provides:
표준화된 통합: 빠르게 진화하는 표준에 따라 도구 검색 및 호출을 위한 통합 인터페이스
포괄적인 인증: MCP 통합에 대한 OAuth 기반 인증을 활성화하기 위한 Snowflake의 기본 제공 OAuth 서비스
강력한 거버넌스: 도구 검색 및 호출을 관리하기 위한 MCP 서버 및 도구에 대한 역할 기반 액세스 제어(RBAC)
MCP 수명 주기에 대한 자세한 내용은 `수명 주기<https://modelcontextprotocol.io/specification/2025-06-18/basic/lifecycle>`_ 섹션을 참조하세요. MCP 구현의 예는 `관리형 Snowflake MCP 서버 시작하기<https://quickstarts.snowflake.com/guide/getting-started-with-snowflake-mcp-server/index.html>`__ 빠른 시작을 참조하세요.
MCP server security recommendations¶
중요
When you configure hostnames for MCP server connections, use hyphens (-) instead of underscores (_). MCP servers have connection issues with hostnames containing underscores.
Using multiple MCP servers without verifying tools and descriptions could lead to vulnerabilities such as tool poisoning or tool shadowing. Snowflake recommends verifying third-party MCP servers before using them. This includes any MCP server from another Snowflake user or account. Verify all tools offered by third-party MCP servers.
We recommend using OAuth as the authentication method. Using hardcoded tokens can lead to token leakage.
When using a Programmatic Access Token (PAT), set it to use the least-privileged role allowed to work with MCP. This will help prevent leaking a secret with access to a highly-privileged role.
Configure proper permissions for the MCP server and tools following the least-privilege principle. Access to the MCP Server does not give access to the tools. Permission needs to be granted for each tool.
MCP 서버 오브젝트 만들기¶
도구 및 기타 메타데이터를 지정하여 오브젝트를 만듭니다. 필수 인증 후 서버에 연결하는 MCP 클라이언트는 이러한 도구를 검색하고 호출할 수 있습니다.
MCP 서버를 생성하려는 원하는 데이터베이스와 스키마로 이동합니다.
MCP 서버를 만듭니다.
CREATE [ OR REPLACE ] MCP SERVER [ IF NOT EXISTS ] <server_name> FROM SPECIFICATION $$ tools: - name: "product-search" type: "CORTEX_SEARCH_SERVICE_QUERY" identifier: "database1.schema1.Cortex_Search_Service1" description: "cortex search service for all products" title: "Product Search" - name: "revenue-semantic-view" type: "CORTEX_ANALYST_MESSAGE" identifier: "database1.schema1.Semantic_View_1" description: "Semantic view for all revenue tables" title: "Semantic view for revenue" $$
Snowflake는 현재 다음 도구 유형을 지원합니다.
CORTEX_SEARCH_SERVICE_QUERY: Cortex Search Service 도구
CORTEX_ANALYST_MESSAGE: Cortex Analyst 도구
SYSTEM_EXECUTE_SQL: SQL execution
CORTEX_AGENT_RUN: Cortex Agent tool
GENERIC: tool for UDFs and stored procedures
The following examples show how to configure different tool types:
Using the Analyst tool, your client can generate text from SQL. Use the following code to specify the tool configuration.
참고
The Snowflake-managed MCP server only supports using semantic views with Cortex Analyst. It does not support semantic models.
tools: - name: "revenue-semantic-view" type: "CORTEX_ANALYST_MESSAGE" identifier: "database1.schema1.Semantic_View_1" description: "Semantic view for all revenue tables" title: "Semantic view for revenue"Using the Search tool requests, your client can perform unstructured search on their data.
tools: - name: "product-search" type: "CORTEX_SEARCH_SERVICE_QUERY" identifier: "database1.schema1.Cortex_Search_Service1" description: "cortex search service for all products" title: "Product Search"For the SQL execution tool, your client can execute SQL queries on Snowflake. Use the following code to specify the tool configuration.
tools: - title: "SQL Execution Tool" name: "sql_exec_tool" type: "SYSTEM_EXECUTE_SQL" description: "A tool to execute SQL queries against the connected Snowflake database."For the Agent tool, your client passes a message to the agent. The agent processes the request and returns a response. Use the following code to specify the tool configuration.
tools: - title: "Agent V2" name: "agent_1" type: "CORTEX_AGENT_RUN" identifier: "db.schema.agent" description: "agent that gives the ability to..."For your custom tools, you must provide the user-defined function (UDF) or stored procedure signature in the tool configuration. The custom tool enables you to invoke UDFs and stored procedures as tools through the MCP server.
You need to specify the following in the tool configuration:
type:functionfor UDF,procedurefor stored procedure
Warehouse
Input schema: corresponds to the function signature
Use the following examples to create and configure custom tools using UDFs and stored procedures:
The following examples demonstrate creating UDFs that can be used as custom tools:
-- create a simple udf
CREATE OR REPLACE FUNCTION MULTIPLY_BY_TEN(x FLOAT)
RETURNS FLOAT
LANGUAGE PYTHON
RUNTIME_VERSION = '3.8'
HANDLER = 'multiply_by_ten'
AS
$$
def multiply_by_ten(x: float) -> float:
return x * 10
$$;
SHOW FUNCTIONS LIKE 'MULTIPLY_BY_TEN';
-- test return json/variant
CREATE OR REPLACE FUNCTION CALCULATE_PRODUCT_AND_SUM(x FLOAT, y FLOAT)
RETURNS VARIANT
LANGUAGE PYTHON
RUNTIME_VERSION = '3.8'
HANDLER = 'calculate_values'
AS
$$
import json
def calculate_values(x: float, y: float) -> dict:
"""
Calculates the product and sum of two numbers and returns them in a dictionary.
The dictionary is converted to a VARIANT (JSON) in the SQL return.
"""
product = x * y
sum_val = x + y
return {
"product": product,
"sum": sum_val
}
$$;
-- test return list/array
CREATE OR REPLACE FUNCTION GET_NUMBERS_IN_RANGE(x FLOAT, y FLOAT)
RETURNS ARRAY -- Use ARRAY to explicitly state a list is being returned
LANGUAGE PYTHON
RUNTIME_VERSION = '3.8'
HANDLER = 'get_numbers'
AS
$$
def get_numbers(x: float, y: float) -> list:
"""
Returns a list of integers between x (exclusive) and y (inclusive).
Assumes x < y.
"""
# Ensure x and y are treated as integers for range generation
start = int(x) + 1
end = int(y) + 1 # range() is exclusive on the stop value
# Use a list comprehension to generate the numbers
# The Python list will be converted to a Snowflake ARRAY.
return list(range(start, end))
$$;
The following examples demonstrate creating stored procedures that can be used as custom tools:
-- create a simple stored procedure
CREATE OR REPLACE PROCEDURE MULTIPLY_BY_TEN_SP(x FLOAT)
RETURNS FLOAT
LANGUAGE PYTHON
RUNTIME_VERSION = '3.8'
PACKAGES = ('snowflake-snowpark-python')
HANDLER = 'multiply_by_ten'
AS
$$
# The handler logic is identical to the UDF for a scalar return
def multiply_by_ten(x: float) -> float:
return x * 10
$$;
-- test return json/variant
CREATE OR REPLACE PROCEDURE CALCULATE_VALUES_SP(x FLOAT, y FLOAT)
RETURNS VARIANT
LANGUAGE PYTHON
RUNTIME_VERSION = '3.8'
PACKAGES = ('snowflake-snowpark-python')
HANDLER = 'calculate_values'
AS
$$
# The handler logic is identical to the UDF for a VARIANT return
def calculate_values(x: float, y: float) -> dict:
"""
Calculates the product and sum of two numbers and returns them in a dictionary.
The dictionary is converted to a VARIANT (JSON) in the SQL return.
"""
product = x * y
sum_val = x + y
return {
"product": product,
"sum": sum_val
}
$$;
-- test return list/array
CREATE OR REPLACE PROCEDURE GET_NUMBERS_SP(x FLOAT, y FLOAT)
RETURNS ARRAY
LANGUAGE PYTHON
RUNTIME_VERSION = '3.8'
PACKAGES = ('snowflake-snowpark-python')
HANDLER = 'get_numbers'
AS
$$
def get_numbers(x: float, y: float) -> list:
"""
Returns a list of integers between x (exclusive) and y (inclusive).
The Python list will be converted to a Snowflake ARRAY.
"""
# Ensure x and y are treated as integers for range generation
start = int(x) + 1
end = int(y) + 1 # range() is exclusive on the stop value
# Use a list comprehension to generate the numbers
return list(range(start, end))
$$;
The following examples demonstrate configuring custom tools for UDFs and stored procedures:
CREATE MCP SERVER my_mcp_server
FROM SPECIFICATION $$
tools:
- title: "Custom Tool 1"
identifier: "EXAMPLE_DATABASE.AGENTS.MULTIPLY_BY_TEN"
name: "multiply_by_ten"
type: "GENERIC"
description: "Multiplied input value by ten and returns the result."
config:
type: "function"
warehouse: "COMPUTE_SERVICE_WAREHOUSE"
input_schema:
type: "object"
properties:
x:
description: "A number to be multiplied by ten"
type: "number"
- title: "Custom Tool 2"
identifier: "EXAMPLE_DATABASE.AGENTS.CALCULATE_PRODUCT_AND_SUM"
name: "calculate_product_and_sum"
type: "GENERIC"
description: "Calculates the product and sum of two numbers and returns them in a JSON object."
config:
type: "function"
warehouse: "COMPUTE_SERVICE_WAREHOUSE"
input_schema:
type: "object"
properties:
x:
description: "First number"
type: "number"
y:
description: "Second number"
type: "number"
- title: "Custom Tool 3"
identifier: "EXAMPLE_DATABASE.AGENTS.GET_NUMBERS_IN_RANGE"
name: "get_numbers_in_range"
type: "GENERIC"
description: "Returns a list of integers between two numbers."
config:
type: "function"
warehouse: "COMPUTE_SERVICE_WAREHOUSE"
input_schema:
type: "object"
properties:
x:
description: "Start number (exclusive)"
type: "number"
y:
description: "End number (inclusive)"
type: "number"
- title: "Custom Tool 4"
identifier: "EXAMPLE_DATABASE.AGENTS.MULTIPLY_BY_TEN_SP"
name: "multiply_by_ten_sp"
type: "GENERIC"
description: "Multiplied input value by ten and returns the result."
config:
type: "procedure"
warehouse: "COMPUTE_SERVICE_WAREHOUSE"
input_schema:
type: "object"
properties:
x:
description: "A number to be multiplied by ten"
type: "number"
- title: "Custom Tool 5"
identifier: "EXAMPLE_DATABASE.AGENTS.CALCULATE_PRODUCT_AND_SUM_SP"
name: "calculate_product_and_sum_sp"
type: "GENERIC"
description: "Calculates the product and sum of two numbers and returns them in a JSON object."
config:
type: "procedure"
warehouse: "COMPUTE_SERVICE_WAREHOUSE"
input_schema:
type: "object"
properties:
x:
description: "First number"
type: "number"
y:
description: "Second number"
type: "number"
- title: "Custom Tool 6"
identifier: "EXAMPLE_DATABASE.AGENTS.GET_NUMBERS_IN_RANGE_SP"
name: "get_numbers_in_range_sp"
type: "GENERIC"
description: "Returns a list of integers between two numbers."
config:
type: "procedure"
warehouse: "COMPUTE_SERVICE_WAREHOUSE"
input_schema:
type: "object"
properties:
x:
description: "Start number (exclusive)"
type: "number"
y:
description: "End number (inclusive)"
type: "number"
$$;
MCP 서버를 표시하려면 다음 명령을 사용합니다.
SHOW MCP SERVERS IN DATABASE <database_name>; SHOW MCP SERVERS IN SCHEMA <schema_name>; SHOW MCP SERVERS IN ACCOUNT;
The following shows the output of the command:
| created_on | name | database_name | schema_name | owner | comment | ------------------------------------------+-------------------+---------------+-------------+--------------+------------------------------ | Fri, 23 Jun 1967 07:00:00.123000 +0000 | TEST_MCP_SERVER | TEST_DATABASE | TEST_SCHEMA | ACCOUNTADMIN | [NULL] | | Fri, 23 Jun 1967 07:00:00.123000 +0000 | TEST_MCP_SERVER_2 | TEST_DATABASE | TEST_SCHEMA | ACCOUNTADMIN | Test MCP server with comment |
MCP 서버에 대해 설명하려면 다음 명령을 사용합니다.
DESCRIBE MCP SERVER <server_name>;
The following shows the output of the command:
| name | database_name | schema_name | owner | comment | server_spec | created_on | ------------------------------------------------------------------------------------------------------+------------------------------------- | TEST_MCP_SERVER | TEST_DATABASE | TEST_SCHEMA | ACCOUNTADMIN | [NULL] | {"version":1,"tools":[{"name":"product-search","identifier":"db.schema.search_service","type":"CORTEX_SEARCH_SERVICE_QUERY"}]} | Fri, 23 Jun 1967 07:00:00.123000 +0000 |
MCP 서버를 삭제하려면 다음 명령을 사용합니다.
DROP MCP SERVER <server_name>;
액세스 제어¶
다음 권한을 사용하여 MCP 오브젝트 및 기본 도구에 대한 액세스를 관리할 수 있습니다.
권한 |
오브젝트 |
설명 |
|---|---|---|
OWNERSHIP |
MCP 오브젝트 |
오브젝트 구성을 업데이트하는 데 필요합니다. |
MODIFY |
MCP 오브젝트 |
오브젝트 구성에 대한 업데이트, 삭제, 설명, 표시 및 사용( |
USAGE |
MCP 오브젝트 |
MCP 서버 및 검색 도구와 연결하는 데 필요합니다. |
USAGE |
Cortex Search Service |
MCP 서버에서 Cortex Search 도구를 호출하는 데 필요합니다. |
SELECT |
의미 체계 뷰 |
MCP 서버에서 Cortex Analyst 도구를 호출하는 데 필요합니다. |
USAGE |
Cortex Agent |
Required to invoke the Cortex Agent as a tool in the MCP server |
USAGE |
User-defined function (UDF) or stored procedure |
Required to invoke the UDF or stored procedure as a tool in the MCP server |
OAuth 인증 설정¶
MCP 클라이언트에서 인증을 구성합니다. Snowflake 관리형 MCP 서버는 MCP 프로토콜의 `인증<https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization>`__ 권장 사항에 맞는 :doc:`OAuth 2.0</user-guide/oauth-snowflake-overview>`을 지원합니다. Snowflake 관리형 MCP 서버는 동적 클라이언트 등록을 지원하지 않습니다.
먼저 보안 통합을 생성합니다. 이 명령에 대한 내용은 CREATE SECURITY INTEGRATION(Snowflake OAuth) 섹션을 참조하세요.
CREATE [ OR REPLACE ] SECURITY INTEGRATION [IF NOT EXISTS] <integration_name> TYPE = OAUTH OAUTH_CLIENT = GENERIC ENABLED = TRUE OAUTH_CLIENT_TYPE = 'CONFIDENTIAL' OAUTH_REDIRECT_URI = '<redirect_URI>'
그런 다음, 시스템 함수를 호출하여 클라이언트 구성을 위한 클라이언트 ID와 키를 검색합니다. 통합 이름은 대문자와 소문자를 구분하며 대문자여야 합니다.
SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('<integration_name>');
사용자 지정 MCP 클라이언트를 사용하여 MCP 서버와 상호 작용합니다.¶
사용자 지정 MCP 클라이언트를 빌드하는 경우 다음 섹션에서는 클라이언트가 상호 작용하는 Snowflake 엔드포인트를 보여줍니다.
참고
Snowflake MCP 서버는 현재 도구 기능만 지원합니다.
MCP 서버 초기화¶
인증 후 다음 API 엔드포인트에 대해 GET 및 POST 호출을 실행하여 서버를 초기화합니다.
POST /api/v2/databases/{database}/schemas/{schema}/mcp-servers/{name}
{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize",
"params": { "protocolVersion": "2025-06-18" }
}
다음 예는 응답을 보여줍니다.
{
"jsonrpc": "2.0", // passthrough from req
"id": 1, // passthrough from req
"result": {
"proto_version": "2025-06-18",
"capabilities": {
"tools": {
"listChanged": false
}
},
"server_info": {
"name": "<snowflake-mcp-name>",
"title": "Snowflake Server: <snowflake-mcp-name>",
"version": "1.0.0"
}
}
}
도구 검색 및 호출¶
MCP 클라이언트는 tools/list 및 tools/call 요청으로 도구를 검색하고 호출할 수 있습니다.
도구를 검색하려면 `tools/list 요청<https://modelcontextprotocol.io/specification/2025-06-18/server/tools#calling-tools>`__에 표시된 대로 POST 호출을 실행하세요.
POST /api/v2/databases/{database}/schemas/{schema}/mcp-servers/{name}
{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/list",
"params": {}
}
다음 예는 응답을 보여줍니다.
{
"jsonrpc": "2.0", // passthrough from req
"id": 1, // passthrough from req
"result": {
"tools": [ // search
{
"name":"product-search",
"description":"Test search tool",
"inputSchema": {
"type": "object",
"description": "A search query and additional parameters for search.",
"properties": {
"query": {
"description": "Unstructured text query. Exactly one of 'query' or 'multi_index_query' must be specified.",
"type": "string"
},
"columns": {
"description": "List of columns to return.",
"type": "array",
"items": {
"type": "string"
}
},
"filter": {
"description": "Filter query.",
"type": "object"
},
"limit": {
"description": "Max number of results to return.",
"type": "integer",
"default": 10
}
}
},
"outputSchema": {
"type": "object",
"description": "Search results.",
"properties": {
"results": {
"description": "List of result rows.",
"type": "array",
"items": {
"type": "object",
"additionalProperties": true,
"description": "Map of column names to values (as bytes)."
}
},
"request_id": {
"description": "ID of the request.",
"type": "string"
}
},
"required": ["results", "request_id"]
}
},
{ // analyst
"name":"revenue-semantic-view",
"description":"Test tool",
"inputSchema": {
"type": "object",
"description": "A message and additional parameters for Cortex Analyst.",
"properties": {
"message": {
"description": "The user’s question.",
"type": "string"
}
}
}
}
]
}
}
도구를 호출하려면 `tools/call 요청<https://modelcontextprotocol.io/specification/2025-06-18/server/tools#calling-tools>`__에 표시된 대로 POST 호출을 실행하세요.
For the Analyst tool, your client passes messages in the request. The SQL statement is listed in the output. You must pass the name of the tool that you’re invoking in the request in the name parameter.
POST /api/v2/databases/<database>/schemas/<schema>/mcp-servers/<name>
{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/call",
"params": {
"name": "test-analyst",
"arguments": {
"message ": "text"
}
}
}
다음 예는 응답을 보여줍니다.
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"content": [
{
"type": "text",
"text": "string"
}
]
}
}
검색 도구 요청의 경우 클라이언트는 쿼리와 다음 선택적 인자를 전달할 수 있습니다.
columns
filter
limit
The search results and request ID are returned in the output. You must pass the name of the tool that you’re invoking in the request as the name parameter.
POST /api/v2/databases/{database}/schemas/{schema}/mcp-servers/{name}
{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/call",
"params": {
"name": "product-search",
"arguments": {
"query": "Hotels in NYC",
"columns": array of strings,
"filter": json,
"limit": int
}
}
}
다음 예는 응답을 보여줍니다.
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"results": {}
}
}
제한 사항¶
Snowflake 관리형 MCP 서버는 MCP 프로토콜에서 리소스, 프롬프트, 루트, 알림, 버전 협상, 수명 주기 단계, 샘플링 같은 구성 요소를 지원하지 않습니다.
비스트리밍 응답만 지원됩니다.