Categories:

System functions (System Control)

SYSTEM$REGISTER_CMK_INFO¶

Registers your customer-managed key (CMK) for use with Tri-Secret Secure.

See also:

Understanding CMK self-registration with support activation of Tri-Secret Secure

Syntax¶

AWS:

SYSTEM$REGISTER_CMK_INFO( '<cmk_arn>' [ , '<privatelink_enabled>' ] )
Copy

Azure:

SYSTEM$REGISTER_CMK_INFO( '<vault_uri>' , '<key_name>' [ , '<privatelink_enabled>' ] )
Copy

Google Cloud

SYSTEM$REGISTER_CMK_INFO( '<project_id>' , '<location>', '<key_ring>' , '<key_name>' )
Copy

Note

Private connectivity is not currently supported on Google Cloud.

Arguments¶

Required

AWS

cmk_arn

Specifies the Amazon Web Services resource number (ARN) that specifies the customer-managed key (CMK) for use with Tri-Secret Secure.

Azure

vault_uri

Specifies the Microsoft Azure unique endpoint identifier for your Azure Key Vault.

key_name

Specifies the name for your CMK in Microsoft Azure.

Google Cloud

project_id

Specifies the unique identifier for your project in Google Cloud Platform.

location

Specifies the Google Cloud Platform region that hosts your Snowflake account.

key_ring

Specifies the key ring for your CMK in Google Cloud.

key_name

Specifies the name for your CMK in Google Cloud.

Optional

option

You can specify the following value for the option to use your private connectivity endpoint for Tri-Secret Secure:

'TRUE'

Specifies that Snowflake uses the provisioned connectivity endpoint for Tri-Secret Secure.

Important

If you don’t pass a value for this option, Snowflake doesn’t use the provisioned connectivity endpoint for Tri-Secret Secure.

Note

The option to enable private connectivity for Tri-Secret Secure is supported on AWS and Azure only.

Returns¶

Returns a status message stating that the registration is complete.

Access control requirements¶

Only account administrators (users with the ACCOUNTADMIN role) can call this function.

Examples¶

Register your CMK for your Snowflake account on Amazon Web Services:

SELECT SYSTEM$REGISTER_CMK_INFO('arn:aws:kms:us-west-2:736112632310:key/ceab36e4-f0e5-4b46-9a78-86e8f17a0f59');
Copy

Register your CMK for your Snowflake account on Microsoft Azure:

SELECT SYSTEM$REGISTER_CMK_INFO('https://trisecretsite.vault.azure.net/', 'trisecretazkey');
Copy

Register your CMK for your Snowflake account on Google Cloud Platform:

SELECT SYSTEM$REGISTER_CMK_INFO('my-env', 'us-west1', 'trisecrettest', 'trisecretgcpkey');
Copy

Register your CMK with a privatelink endpoint for your Snowflake account on Amazon Web Services:

SELECT SYSTEM$REGISTER_CMK_INFO('arn:aws:kms:us-west-2:736112632310:key/ceab36e4-f0e5-4b46-9a78-86e8f17a0f59', 'true');
Copy

Register your CMK with a privatelink endpoint for your Snowflake account on Microsoft Azure:

SELECT SYSTEM$REGISTER_CMK_INFO('https://trisecretsite.vault.azure.net/', 'trisecretazkey', 'true');
Copy
Language: English