Prerequisites

Before you begin:

• You must have created an Azure storage container.
• You must have permission to generate shared access signatures (SAS) for the Azure storage account.
• You must decide on an appropriate token expiry window based on your organization's security policies.

Generate SAS token for Snowflake staging

To generate a SAS token for your Snowflake staging container, perform the following steps:

1. Sign in to the Microsoft Azure portal.
2. In the Azure services section, select your Storage account.
3. Under Security + networking, select Shared access signature.
4. In the Shared access signature window, configure the following:
   • Allowed services: Select Blob.
   • Allowed resource types: Select Container and Object.
   • Allowed permissions: Select Read, Write, List, Add, and Create.
   • Blob versioning permissions: Select Enables deletion of versions.
   • Allowed blob index permissions: Select Read/Write and Filter.
   • Start and expiry date/time: Choose a valid window that aligns with your pipeline schedule.
   • Allowed protocols: Select HTTPS only.
   
5. Select Generate SAS and connection string.
6. Copy the SAS token value and save it. You'll need this to configure the Snowflake storage integration and store secrets in the adapter.

Next steps

Use the generated SAS token when:

• Creating a Snowflake external stage that references Azure Blob Storage.
• Storing the token securely in Reltio's Secret Manager for use with the Snowflake adapter.

Reference

For detailed steps, see Create SAS tokens for storage containers in the Microsoft Azure documentation.