Sending email notifications about Trust Center violations

Using the Trust Center Snowsight interface, you can configure the Trust Center to send email notifications when it finds violations. You can specify that the Trust Center sends notifications for all of the enabled scanners in a scanner package or for individual scanners. You can also specify the severity of the violations for which email notifications are sent.

Note

Email notifications are processed through Snowflake’s Amazon Web Services (AWS) deployments, using AWS Simple Email Service (SES). The content of an email message sent using AWS may be retained by Snowflake for up to thirty days to manage the delivery of the message. After this period, the message content is deleted.

Note

Snowflake trial accounts can’t use this feature to send email notifications.

Email notification recipients

For a scanner package or individual scanner, the Trust Center can send email notifications to users with verified email addresses. When you configure notifications, you can specify the users who will receive the email notifications:

  • Admin users with verified email addresses

    The Trust Center sends notifications to administrative users who are configured to receive security notifications.

    When this option is selected, the Trust Center sends notifications to users in the following order:

    1. The security notification contact at the account level.

    2. If no security notification contact at the account level is found, the security notification contact at the organization level.

    3. If no security notification contact at the organization level is found, the ACCOUNTADMIN users with verified email addresses.

  • Custom

    The Trust Center sends notifications to a custom list of users. Add each user who should receive notifications to the list. You can remove a user from the list by selecting the trash can icon associated with the user.

The Trust Center can send email notifications to at most 50 users.

By default, the Security Essentials scanner package is configured to send email notifications to Admin users with verified email addresses for violations at the critical severity level. You can modify the email notifications settings for this scanner package.

By default, email notifications aren’t configured for other scanner packages or scanners.

Verifying the email addresses of the email notification recipients

The Trust Center can send email notifications only to users who verify their email addresses through one of the following interfaces:

Managing email notifications for a scanner package

Complete the following tasks to manage email notifications for a scanner package:

Configuring email notifications for a scanner package

A scanner package must be enabled before you can configure email notifications for it. For information about enabling a scanner package, see Enable scanner packages.

When you configure email notifications for a scanner package, the Trust Center sends notifications for all of the enabled scanners in the package.

To configure email notifications for a scanner package, complete the following steps:

  1. Sign in to Snowsight.

  2. Switch to a role with the SNOWFLAKE.TRUST_CENTER_ADMIN application role granted to it.

    For more information about granting these roles, see Required privileges.

  3. In the left navigation bar, select Monitoring » Trust Center.

  4. Select the Scanner Packages tab.

  5. Select a scanner package from the list.

  6. Select the Settings tab.

  7. Under Notifications, select Set up notification.

  8. Set the Severity level.

    The Trust Center sends email notifications for violations at the specified level or higher. For example, if the Severity level is set to Medium, then the Trust Center sends violations with a severity of medium, high, or critical, but not low.

  9. For Recipients, select Admin users with verified email addresses or Custom. For more information, see Email notification recipients.

  10. To save your changes, select Done, or select Cancel to cancel them.

Turning off email notifications for a scanner package

When you turn off email notifications for a scanner package, you can’t enable email notifications for individual scanners in the package.

To turn off email notifications for a scanner package, complete the following steps:

  1. Sign in to Snowsight.

  2. Switch to a role with the SNOWFLAKE.TRUST_CENTER_ADMIN application role granted to it.

    For more information about granting these roles, see Required privileges.

  3. In the left navigation bar, select Monitoring » Trust Center.

  4. Select the Scanner Packages tab.

  5. Select a scanner package from the list.

  6. Select the Settings tab.

  7. Under Notifications, select Set up notification.

  8. Select Turn off notification, and then select Turn off in the confirmation window.

    If email notifications aren’t turned on for the scanner package, the Turn off notification button doesn’t appear.

Managing email notifications for a scanner

Complete the following tasks to manage email notifications for a scanner:

Configuring email notifications for a scanner

The following conditions must be met before you can configure email notifications for a scanner:

To configure email notifications for a scanner, complete the following steps:

  1. Sign in to Snowsight.

  2. Switch to a role with the SNOWFLAKE.TRUST_CENTER_ADMIN application role granted to it.

    For more information about granting this role, see Required privileges.

  3. In the left navigation bar, select Monitoring » Trust Center.

  4. Select the Scanner Packages tab.

  5. Select a scanner package from the list.

  6. Select trust-center-vertical-more-image More for the scanner, and then select Notification.

  7. Specify whether to inherit the email notification from the scanner package:

    • To inherit the email notification configuration from the scanner package, select Same as package notification.

    • To specify a notification configuration that’s different from the scanner package, make sure Same as package notification isn’t selected, and then set the Severity level and Recipients for the scanner:

      1. Set the Severity level.

        The Trust Center sends email notifications for violations at the specified level or higher. For example, if the Severity level is set to Medium, then the Trust Center sends violations with a severity of medium, high, or critical, but not low.

      2. For Recipients, select Admin users with verified email addresses or Custom. For more information, see Email notification recipients.

  8. To save your changes, select Done, or select Cancel to cancel them.

Turning off email notifications for a scanner

To turn off email notifications for a scanner, complete the following steps:

  1. Sign in to Snowsight.

  2. Switch to a role with the SNOWFLAKE.TRUST_CENTER_ADMIN application role granted to it.

    For more information about granting this role, see Required privileges.

  3. In the left navigation bar, select Monitoring » Trust Center.

  4. Select the Scanner Packages tab.

  5. Select a scanner package from the list.

  6. Select trust-center-vertical-more-image More for the scanner, and then select Notification.

  7. Select Turn off notification, and then select Turn off in the confirmation window.

    If email notifications aren’t turned on for the scanner, the Turn off notification button doesn’t appear.

Language: English