7.32 Release Notes - September 11-12, 2023

SQL Updates

New Function: IS_DATABASE_ROLE_IN_SESSION

The following function is available with this release:

Function Category

New Function

Description

Context

IS_DATABASE_ROLE_IN_SESSION

Verifies whether the database role is in the user’s active primary or secondary role hierarchy for the current session or if the specified column contains a database role that is in the user’s active primary or secondary role hierarchy for the current session.

For more information, see Share data protected by a role-based policy — Preview.

Data Loading / Unloading Updates

Replicating streams on Snowflake tables populated by Snowpipe Streaming

With this release, we are pleased to announce that Snowflake supports replicating streams on Snowflake tables populated by Snowpipe Streaming. For more information, see 복제 및 Snowpipe Streaming.

Snowpipe Streaming authentication updates

With the 2.0.3 release of the Snowpipe Streaming SDK, we are pleased to announce that Snowpipe Streaming supports OAuth authentication and the role property for Snowpipe Streaming is now optional. When configuring Snowpipe Streaming, you can set the authorization_type to OAuth and create an OAuth integration with the custom client.

For more information, see 사용자 지정 클라이언트용 Snowflake OAuth 구성 and Snowpipe Streaming 구성하기.

New options for INFER_SCHEMA

With this release, we are pleased to announce that the INFER_SCHEMA table function supports two new options, MAX_FILE_COUNT and MAX_RECORDS_PER_FILE. You can use MAX_FILE_COUNT to specify the maximum number of files scanned from stage. You can use MAX_RECORDS_PER_FILE to specify the maximum number of records scanned per file.

For more information, see INFER_SCHEMA.

Data Governance Updates

Row access policies: Reference a protected mapping table in a row access policy — Preview

With this release, Snowflake is pleased to announce that policy administrators can reference a mapping table that is protected by a row access policy in the policy conditions of a different row access policy. The result is more assurance to compliance officers when a user queries a table protected by a row access policy.

For more information, see 예: 행 액세스 정책으로 매핑 테이블 보호하기.

Share data protected by a role-based policy — Preview

With this release, Snowflake is pleased to announce the preview to enable a data sharing provider to use the IS_DATABASE_ROLE_IN_SESSION function in the conditions of a masking policy or a row access policy to allow a data sharing consumer to access shared data that is protected by either of these policies. The function argument takes either the name of a database role or a column that contains database roles. This provides more options to the provider to share data, allows the consumer to access sensitive data that the provider makes available, and removes restrictions on policy-protected data when the consumer queries a shared table protected by a policy.

For details, see 정책으로 보호되는 데이터 공유하기 and IS_DATABASE_ROLE_IN_SESSION.

Replication Updates

New FAILOVER Privilege for Client Redirect

With this release, we are pleased to announce the FAILOVER privilege for connection objects. The FAILOVER privilege enables you to grant the ability for an account role other than the account administrator (a user with the ACCOUNTADMIN role) to fail over a connection in a disaster recovery scenario.

For more information, see Grant the FAILOVER Privilege to a Role.

Web Interface Updates

Managing data governance in Snowsight — Generally Available

With this release, we are pleased to announce the general availability of the Data Governance interface in Snowsight. The Governance interface includes a Dashboard tab to monitor the most frequently used masking policies, row access policies, and tags with their usage on tables and columns. The Governance interface also includes a Tagged Objects tab to report on the Dashboard data, with the option to manually report on the usage of tags and policies on tables and columns.

When you select an element in the Dashboard, Snowsight automatically updates the Tagged Objects tab filters. Additionally, when you select a row in the Tagged Objects tab, Snowsight automatically redirects you to the object or column in the Data » Databases interface. You can then manage the policy and tag assignments as needed.

For more information, see: