the analytics vault
Resources: 136 (72 new this week)
a Hipster Data Club product Hipster Data Club

Making Snowflake permissions actually make sense

Original: Our Top 7 Snowflake RBAC Best Practices

May 29, 2025
18 min read
Guide
Intermediate
Technology Foundations
Visit Original Article
Our Top 7 Snowflake RBAC Best Practices

Summary

Best practices for implementing secure and governed data infrastructure, including role-based access controls, encryption, audit logging, and GDPR/CCPA compliance policies.

Who This Is For

Data Engineers
Analytics Engineers
Business Analysts

Key Takeaways

  • Apply the Principle of Least Privilege to give users exactly the permissions they need, nothing more
  • Structure your RBAC using three role types: Access roles for database permissions, Functional roles for humans, and Service roles for tools
  • Start simple with READ and READWRITE access roles for each database as your building blocks
  • Design Functional roles around actual job functions like DATA_ANALYST or DATA_ENGINEER
  • Use Service roles for third-party tools and BI platforms that need database access

Tools & Technologies

Snowflake Account Roles Database Roles RBAC (Role-Based Access Control)

Topics Covered

data-security data-governance access-control data-privacy

Ready to dive deeper?

Read Full Article on select.dev

Related Resources in Technology Foundations

Piwik Pro’s World of Privacy Modes

Diving deep into Piwik Pro's privacy settings (and why they're confusing)

An overview of the various privacy modes and consent management features in Piwik Pro, a popular web analytics platform. Covers techniques for enabling session-only tracking and ensuring compliance with GDPR and CCPA regulations.

Lukas Oldenburg June 2, 2025
Advanced
From Google Analytics to Piwik Pro? A Real Client Case, Part 1

Why we ditched Google Analytics 4 for Piwik Pro (and skipped Matomo)

Techniques and best practices for implementing client-side data tracking on web and mobile applications, including SDKs, virtual URLs, element selectors, event throttling, and handling browser quirks like ad-blockers and ITP/ETP.

Lukas Oldenburg June 2, 2025
Intermediate
Server-Side Tag Management: Satan or Saviour?

That whole server-side tracking debate (and why it's complicated)

This article provides an introduction to server-side tracking, highlighting the potential benefits and drawbacks of this approach compared to traditional client-side tracking. It covers the technical aspects of server-side data collection, including latency, schema, and cost trade-offs, as well as the implications for data privacy and compliance.

Lukas Oldenburg June 2, 2025
Intermediate

Topics

data-security data-governance access-control data-privacy