Deployment Guide & Permissions Management

Overview

Prerequisites

Customer Setup Requirements

Security & Permissions Model

Configuration Files

Testing & Validation

Troubleshooting

Appendix

1. Overview

The Snowflake MCP (Model Context Protocol) Server enables AI agents to
interact with Snowflake databases through a standardized interface. This
document provides step-by-step instructions for deploying the MCP server
for customers and configuring permissions.

What is MCP?

MCP (Model Context Protocol) is a standard protocol that allows AI
applications to access external data sources and tools. The Snowflake
MCP Server provides:

Secure access to Snowflake databases

SQL query execution with permission controls

Object management (tables, views, schemas)

Integration with Snowflake Cortex AI functions

Semantic model support for business-friendly queries

2. Prerequisites

Azure Requirements

Active Azure subscription

Azure Container Registry (ACR)

Azure Web App (Linux, Docker container support)

Azure CLI installed locally

Snowflake Requirements

Snowflake account with appropriate permissions

Virtual warehouse created and running

Database and schema created

User account with necessary roles

Development Tools

Docker Desktop installed

Git installed

Text editor (VS Code recommended)

PowerShell or Bash terminal

3. Customer Setup Requirements

Before deploying the MCP server for a customer, gather the following
information:

Required Snowflake Credentials

Parameter	Description	Example
SNOWFLAKE_ACCOUNT	Organization-Account identifier	MYORG-MYACCOUNT
SNOWFLAKE_USER	Username for authentication	MCP_SERVICE_USER
SNOWFLAKE_PASSWORD	User password	••••••••
SNOWFLAKE_ROLE	Role to assume	MCP_ROLE
SNOWFLAKE_WAREHOUSE	Virtual warehouse name	MCP_WAREHOUSE

How to Obtain Snowflake Account Information

Customers can find their account information by:

Log into Snowflake web interface (https://app.snowflake.com)

Click on your profile/account name (bottom left)

Navigate to Account → Account Details

Copy the "Account Identifier" (format: ORGNAME-ACCOUNTNAME)

Note the "Account Locator" and "Region" if needed

4. Security & Permissions Model

The Snowflake MCP Server uses a multi-layered security approach to
control access:

Four Layers of Security

Layer	Purpose	Controlled By
1. Snowflake Role	Restrict database/schema/table access	Snowflake RBAC
2. Semantic Models	Define how data can be queried	configuration.yaml
3. SQL Permissions	Restrict SQL operations	configuration.yaml
4. Tool Configuration	Control which tools are available	configuration.yaml

Layer 1: Snowflake Role-Based Access Control

Create a restricted Snowflake role with only necessary permissions:

-- Create dedicated role for MCP server
CREATE ROLE MCP_ROLE;

-- Grant warehouse usage
GRANT USAGE ON WAREHOUSE MCP_WAREHOUSE TO ROLE MCP_ROLE;

-- Grant database access (read-only example)
GRANT USAGE ON DATABASE ANALYTICS_DB TO ROLE MCP_ROLE;
GRANT USAGE ON SCHEMA ANALYTICS_DB.PUBLIC TO ROLE MCP_ROLE;
GRANT SELECT ON ALL TABLES IN SCHEMA ANALYTICS_DB.PUBLIC TO ROLE
MCP_ROLE;
GRANT SELECT ON FUTURE TABLES IN SCHEMA ANALYTICS_DB.PUBLIC TO ROLE
MCP_ROLE;

-- Grant role to service user
GRANT ROLE MCP_ROLE TO USER MCP_SERVICE_USER;

✅ Best Practice: Create a separate service account and role for each
customer deployment.

Layer 2: Semantic Models & Cortex Services

Semantic models provide business-friendly abstractions and restrict how
data can be queried. Configure in configuration.yaml:

analyst_services:\
service_name: "Sales Analytics"
semantic_model: "ANALYTICS_DB.PUBLIC.SALES_SEMANTIC_VIEW"
description: "Query sales data with pre-defined business metrics"
\
service_name: "Customer Insights"
semantic_model: "ANALYTICS_DB.PUBLIC.CUSTOMER_SEMANTIC_MODEL.yaml"
description: "Customer analytics with approved dimensions and
measures"

search_services:\
service_name: "Product Search"
description: "Semantic search across product catalog"
database_name: "PRODUCTS_DB"
schema_name: "PUBLIC"

Benefits of semantic models:

Hide complex SQL logic from users

Enforce business rules and calculations

Restrict access to specific metrics and dimensions

Prevent direct table access

Layer 3: SQL Statement Permissions

Control which SQL operations are allowed through the MCP server:

sql_statement_permissions:
# For read-only access:\
Select: True\
Describe: True\
Show: True\
Use: True

# Prohibit modifications:\
Create: False\
Drop: False\
Alter: False\
Delete: False\
Insert: False\
Update: False\
Merge: False\
TruncateTable: False\
Commit: False\
Rollback: False

# Unknown operations (be cautious):\
Unknown: False

Common Permission Presets

Use Case	Allowed Statements
Read-Only Analytics	Select, Describe, Show, Use
Data Analysis	Select, Describe, Show, Use, Create (temp tables)
Data Management	Select, Insert, Update, Delete, Create, Drop, Alter
Full Access	All: True (use with caution)

Layer 4: Tool Configuration

Enable or disable entire categories of tools:

other_services:
# Object management: CREATE, DROP, ALTER objects
object_manager: False # Disable for read-only users

# Query manager: Execute SQL queries
query_manager: True # Enable for data access

# Semantic manager: Query semantic models
semantic_manager: True # Enable for business users

Tool Category	Description	Recommendation
object_manager	Manage Snowflake objects (tables, views, schemas)	Disable for read-only
query_manager	Execute SQL queries with permission controls	Enable for analysts
semantic_manager	Query semantic models and views	Enable for business users

5. Configuration Files

Complete configuration.yaml Template

# Cortex Agent Services
agent_services:\
service_name: "Customer Support Agent"
description: "AI agent for customer support queries"
database_name: "SUPPORT_DB"
schema_name: "PUBLIC"

# Cortex Search Services
search_services:\
service_name: "Product Catalog Search"
description: "Semantic search across product catalog"
database_name: "PRODUCTS_DB"
schema_name: "PUBLIC"

# Cortex Analyst Semantic Models
analyst_services:\
service_name: "Sales Analytics"
semantic_model: "ANALYTICS_DB.PUBLIC.SALES_SEMANTIC_VIEW"
description: "Pre-built sales metrics and dimensions"
\
service_name: "Customer Metrics"
semantic_model: "ANALYTICS_DB.PUBLIC.CUSTOMER_SEMANTIC_MODEL.yaml"
description: "Customer analytics with KPIs"

# Tool Group Controls
other_services:
object_manager: False # Disable object creation/modification
query_manager: True # Enable SQL query execution
semantic_manager: True # Enable semantic model queries

# SQL Statement Permissions
sql_statement_permissions:
# Read operations (typically allowed for analytics)\
Select: True\
Describe: True\
Show: True\
Use: True

# Write operations (typically restricted)\
Create: False\
Drop: False\
Alter: False\
Insert: False\
Update: False\
Delete: False\
Merge: False\
TruncateTable: False

# Transaction control\
Commit: False\
Rollback: False\
Transaction: False

# Other operations\
Command: False\
Comment: False\
Unknown: False # Always set to False for security

Configuration Examples by Use Case

Example 1: Read-Only Analytics User

other_services:
object_manager: False
query_manager: True
semantic_manager: True

sql_statement_permissions:\
Select: True\
Describe: True\
Show: True\
Use: True\
Create: False\
Drop: False\
Alter: False\
Insert: False\
Update: False\
Delete: False\
Unknown: False

Example 2: Data Analyst (with temp table creation)

other_services:
object_manager: True # Limited to temp tables
query_manager: True
semantic_manager: True

sql_statement_permissions:\
Select: True\
Describe: True\
Show: True\
Use: True\
Create: True # For temporary tables only (controlled by Snowflake
role)\
Drop: True # For own temp tables\
Insert: True # For temp tables\
Unknown: False

Example 3: Semantic Model Only (Business Users)

other_services:
object_manager: False
query_manager: False # No direct SQL access
semantic_manager: True # Only through semantic models

analyst_services:\
service_name: "Sales Dashboard"
semantic_model: "SALES_DB.PUBLIC.SALES_METRICS_VIEW"
description: "Pre-approved sales metrics only"

sql_statement_permissions:
# All direct SQL disabled - only semantic queries allowed\
Select: False\
Create: False\
Drop: False\
Unknown: False

6. Testing & Validation

Pre-Deployment Checklist

Snowflake credentials verified and tested

Virtual warehouse is running

Service role has appropriate permissions

configuration.yaml validated

Docker image builds successfully

Local testing completed

Azure resources created

Environment variables configured

Test Queries

Run these test queries to validate permissions:

# Test 1: Basic connectivity
"Show me all tables in the database"

# Test 2: Read permissions
"Select 10 rows from [TABLE_NAME]"

# Test 3: Write restriction (should fail if read-only)
"Create a table called test_table"

# Test 4: Semantic model (if configured)
"Show me sales by region using the Sales Analytics model"

# Test 5: Object inspection
"Describe the [TABLE_NAME] table"

Validation Steps

Check Deployment: Verify Web App is running in Azure Portal

Check Logs: Review application logs for connection success

Test Endpoint: Verify MCP endpoint responds at
https://[app-name].azurewebsites.net/sse

Test Permissions: Confirm only allowed operations work

Test Restrictions: Verify prohibited operations are blocked

7. Troubleshooting

Issue	Possible Cause	Solution
Connection timeout	Incorrect account identifier	Verify SNOWFLAKE_ACCOUNT format: ORGNAME-ACCOUNTNAME
Authentication failed	Wrong credentials	Check username and password in environment variables
Permission denied	Role lacks access	Grant necessary permissions to Snowflake role
Warehouse not found	Warehouse doesn't exist	Create warehouse or check name spelling
Tools not loading	Wrong endpoint URL	Verify using /sse endpoint and sse transport
Container crashes	Missing env variables	Check all required variables are set in Azure

Viewing Azure Logs

# View real-time logs
az webapp log tail --name customer-snowflake-mcp --resource-group
mcp-servers

# Download logs
az webapp log download --name customer-snowflake-mcp --resource-group
mcp-servers

# Check container status
az webapp show --name customer-snowflake-mcp --resource-group
mcp-servers --query state

8. Appendix

A. Environment Variables Reference

Variable	Required	Description	Example
SNOWFLAKE_ACCOUNT	Yes	Account identifier	MYORG-MYACCT
SNOWFLAKE_USER	Yes	Username	MCP_USER
SNOWFLAKE_PASSWORD	Yes	Password	••••••
SNOWFLAKE_ROLE	Yes	Role name	MCP_ROLE
SNOWFLAKE_WAREHOUSE	Yes	Warehouse name	MCP_WH
PORT	No	Server port (auto)	8080
WEBSITES_ENABLE_APP_SERVICE_STORAGE	No	Azure setting	false

B. Snowflake Role Setup Script

-- Complete script to set up Snowflake role for MCP server

-- 1. Create service user
CREATE USER MCP_SERVICE_USER
PASSWORD='SecurePassword123!'
DEFAULT_ROLE=MCP_ROLE
MUST_CHANGE_PASSWORD=FALSE;

-- 2. Create role
CREATE ROLE MCP_ROLE;

-- 3. Create warehouse (if needed)
CREATE WAREHOUSE MCP_WAREHOUSE
WITH WAREHOUSE_SIZE='XSMALL'
AUTO_SUSPEND=300
AUTO_RESUME=TRUE;

-- 4. Grant warehouse usage
GRANT USAGE ON WAREHOUSE MCP_WAREHOUSE TO ROLE MCP_ROLE;

-- 5. Grant database access (read-only)
GRANT USAGE ON DATABASE ANALYTICS_DB TO ROLE MCP_ROLE;
GRANT USAGE ON ALL SCHEMAS IN DATABASE ANALYTICS_DB TO ROLE MCP_ROLE;
GRANT SELECT ON ALL TABLES IN DATABASE ANALYTICS_DB TO ROLE MCP_ROLE;
GRANT SELECT ON ALL VIEWS IN DATABASE ANALYTICS_DB TO ROLE MCP_ROLE;
GRANT SELECT ON FUTURE TABLES IN DATABASE ANALYTICS_DB TO ROLE
MCP_ROLE;
GRANT SELECT ON FUTURE VIEWS IN DATABASE ANALYTICS_DB TO ROLE
MCP_ROLE;

-- 6. Grant role to user
GRANT ROLE MCP_ROLE TO USER MCP_SERVICE_USER;

-- 7. Verify setup
SHOW GRANTS TO ROLE MCP_ROLE;
SHOW GRANTS TO USER MCP_SERVICE_USER;

C. Support & Resources

Snowflake MCP GitHub: https://github.com/Snowflake-Labs/mcp

Snowflake Documentation:
https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-mcp

Azure Web Apps Documentation:
https://docs.microsoft.com/azure/app-service/

MCP Protocol Specification: https://modelcontextprotocol.io

End of Documentation

Snowflake

Table of Contents#

1. Overview#

What is MCP?#

2. Prerequisites#

Azure Requirements#

Snowflake Requirements#

Development Tools#

3. Customer Setup Requirements#

Required Snowflake Credentials#

How to Obtain Snowflake Account Information#

4. Security & Permissions Model#

Four Layers of Security#

Layer 1: Snowflake Role-Based Access Control#

Layer 2: Semantic Models & Cortex Services#

Benefits of semantic models:#

Layer 3: SQL Statement Permissions#

Common Permission Presets#

Layer 4: Tool Configuration#

5. Configuration Files#

Complete configuration.yaml Template#

Configuration Examples by Use Case#

Example 1: Read-Only Analytics User#

Example 2: Data Analyst (with temp table creation)#

Example 3: Semantic Model Only (Business Users)#

6. Testing & Validation#

Pre-Deployment Checklist#

Test Queries#

Validation Steps#

7. Troubleshooting#

Viewing Azure Logs#

8. Appendix#

A. Environment Variables Reference#

B. Snowflake Role Setup Script#

C. Support & Resources#

Table of Contents