Enable MFA for Snowflake admin accounts #83
Assignees
Comments
|
Enrolled, thanks for the details |
|
Enrolled! |
|
Great, thanks all! Closing as complete. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A few working notes on this:
MFA is quite easy to set up using Duo (instructions here) However, using password-based login with MFA for tooling like dbt or terraform is pretty fraught -- they frequently require dozens of MFA pushes at the same time, which can result in failures to authenticate, or even being locked out of your account (which happened to me yesterday!) In a few release cycles, it may be possible to use MFA with the above tooling, but right now there are a couple of blockers.
So our Snowflake reps have recommended that, when using programmatic tooling with Snowflake, we use key pair auth. This requires a bit of set-up locally, but it is not too bad. The workflow then looks like MFA for accessing the web UI, and key pair for doing things like terraform and local dbt development.
Given the above, @britt-allen and @jasonlally, as the other people with admin access, are you comfortable enabling MFA for your accounts? It involves downloading the Duo app, but is otherwise pretty painless.
The text was updated successfully, but these errors were encountered: