Example: restrict sync destination

What if you want to restrict the ability to sync to Snowflake to certain roles?

This is where defining a custom policy is handy.

  1. Remove all roles from the sync_to action of the built-in Connections policy.

  2. Click Create policy.

  1. Give your policy a name.

  2. Assign the role that will be syncing to Snowflake to the sync_to action.

  1. If you want this role to be able to create, edit, or delete Snowflake connections, add it to those actions too.

  2. Attach this policy to your Snowflake connection:

  1. Remove the default Connections policy since we are replacing it.
  2. Click Save on your connection configuration.

Per the steps above, only the Data engineer role will be allowed to sync data to Snowflake.

What’s Next