Skip to main content

Tag Management

Connecting a Snowflake object tag to ALTR automatically enforces ALTR access governance to all columns assigned to that tag. Refer to Column and Tag Connections for more information.

To connect a Snowflake object tag to ALTR:

Tip

  1. Ensure a data source is connected.

  2. Click Data ConfigurationData Management in the Navigation menu.

  3. Click the Tags tab.

  4. Click the Connect Tag button.

  5. Enter an ALTR Data Source Connection. This can be any data source associated with your Snowflake account where the Service user has privileges to access the tag’s database.

    Notice

    The remaining fields are case sensitive. Enter them exactly as they appear in your Snowflake account.

  6. Enter the Tag Database. This is the database where the tag is located and can be different from the data source connection.

  7. Enter the Tag Schema. This is the schema within the Tag Database where the tag is located.

  8. (Optional) Select the Tokenized check box to use ALTR policy to detokenize sensitive data. Ensure all values for this tag are tokenized. Refer to Tokenization Access Policies for more information.

  9. Enter the Tag Name. This is the name of the tag in Snowflake.

  10. Click the Connect Tag button.

Tag connection status and other connection details, such as schema information and database, can be viewed directly in ALTR. Viewing the tag connection status helps to identify details for a particular tag, including

  • Snowflake Hostname and Service User Username being used for that tag’s data source connection

  • Tracking ID associated with the job for the most recent operation of the tag. The Tracking ID is useful for communicating with ALTR support if there are issues with the tag connection.

  • Details on any errors associated with failed connections to tags

Note

Tag status can also be viewed using the API. Refer to our API documentation for more information.

To view tag connection status:

  1. Ensure a data source is connected.

  2. Ensure the data source has a connected tag.

  3. Click Data ConfigurationData Management in the Navigation menu.

  4. Click the Tags tab.

  5. Click a tag to view additional details.

Disconnect a tag if you no longer want ALTR to enforce access governance to columns with that tag.

To disconnect a Snowflake object tag:

  1. Select Data ConfigurationData Management in the Navigation menu.

  2. Click the Tags tab.

  3. Select the tag you wish to disconnect.

  4. Click the Disconnect Tag button. The disconnect tag process can take up to several minutes to complete.

Warning

Before force removing a data source, consult ALTR Support.

Force removing data sources clears the integration memory from your data source connection. Be aware that if you choose to do this, artifacts, such as the masking policy and schema objects, might still be left in Snowflake.

Force remove a data source if you are unable to remove a data source as expected. This action ignores any errors encountered during the removal process. Use great caution with this feature because it cannot be undone.

To force remove a data source:

  1. Ensure all columns have been disconnected from ALTR. Refer to Disconnecting Columns for more information.

  2. Ensure there are no active row policies on the data source. Refer to Row Access Policies for more information.

  3. Select Data ConfigurationData Management in the Navigation menu.

  4. Select the data source you wish to remove.

  5. Click the Remove Data Source button.

  6. Click the Trouble removing? link; the Remove Data Source modal displays.

  7. Click the Trouble Removing Data Source button; the Force Remove Data Source modal displays.

  8. Click the Yes, Force Remove Data Source button.

  9. Review your source system and clear out any remnants, which could limit storage or pose security risks from ongoing API call requests.