Snowflake Key-Pair Authentication

You can setup database authentication for Snowflake database using a user based key-pair authentication for reverse engineering and forward engineering models. You need a private key, public key, and password to successfully connect to a database using the key pair authentication method.

You can use either of the following methods to authenticate the database connection:

• Authenticate using unencrypted key
• Authenticate using an encrypted key

Authentication using Unencrypted Key

To set up a database connection using an unencrypted key, you first need to generate a private key and a public key. For more information on generating keys, refer to the Key Pair Authentication & Key Pair Rotation topic in the Snowflake Documentation. Then, run the script on the Snowflake console to establish a successful connection.

To authenticate database connection using an unencrypted key, follow these steps:

1. Once the key is generated, save the key in a folder.
2. In erwin DM, specify the file path in the Private Key File (For Key-Pair) field while you establish connection during reverse engineering or forward engineering. For more information about database connection parameters, refer to the Database Connection Parameters topic.
   Specify the file path and the file name as shown in the example below.
   C:\Users\<User>\Documents\Keys\rsa_key.p8
   

Authentication using an Encrypted Key

To set up a database connection using an encrypted key, you need to generate private key, public key and, set an authentication password. This process also involves creating two private keys that are used to setup authentication using an encrypted key. For more information on generating keys, refer to the Key Pair Authentication & Key Pair Rotation topic in the Snowflake Documentation. Then, run the script in the Snowflake console to establish a successful connection.

To authenticate database connection using an encrypted key, follow these steps:

1. Once the key is generated, save the key in a folder.
2. In erwin DM, specify the file path in the Private Key File (For Key-Pair Auth) field while you establish connection during reverse engineering or forward engineering. For more information about database connection parameters, refer to the Database Connection Parameters topic.
   Specify the file path and the file name as shown in the example below.
   C:\Users\<User>\Documents\Keys\rsa_key.p8
3. Enter the password for the Private Key in the Private Key File Password (For Key-Pair Auth).