CREATE CLASSIFICATION_PROFILE

Fully qualified name: SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE

Creates a new instance of the CLASSIFICATION_PROFILE class or replaces an existing instance of the CLASSIFICATION_PROFILE class in the current or specified schema.

Syntax

CREATE [ OR REPLACE ] SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE
  [ IF NOT EXISTS ] <classification_profile_name> (  <config_object> )
Copy

Parameters

classification_profile_name

Specifies the identifier (name) for the instance of the CLASSIFICATION_PROFILE class; must be unique for the schema in which the object is created.

In addition, the identifier must start with an alphabetic character and cannot contain spaces or special characters unless the entire identifier string is enclosed in double quotes (for example, "My object"). Identifiers enclosed in double quotes are also case-sensitive.

For more information, see Identifier requirements.

Constructor arguments

config_object

An OBJECT containing key-value pairs used to configure automatic sensitive data classification.

Key

Type

Default

Description

minimum_object_age_for_ classification_days

INTEGER

Required: Specifies the minimum number of days an object must exist in order to be classified.

The value must be greater than or equal to zero.

maximum_classification_ validity_days

INTEGER

Optional: Specifies the number of days since the last classification event before a table can be classified again using automatic classification.

Specify this value to ensure that tables are reclassified.

The value must be greater than or equal to 1.

auto_tag

BOOLEAN

FALSE

Optional: When TRUE, sets the recommended classification system tags on the columns in the specified object when the classification process is complete.

When FALSE, automatic tagging does not occur.

tag_map

OBJECT

Optional: Maps one or more user-defined tags to the SEMANTIC_CATEGORY system tag.

See Tag map.

custom_classifiers

OBJECT

Optional: Specifies custom classifiers that are used when automatically classifying data.

Each key in the object specifies the name of an instance of the CUSTOM_CLASSIFIER class.

The value of each key specifies the custom_classifier!LIST method of the custom classifier instance.

Tag map

An OBJECT that maps one or more user-defined tags to the SEMANTIC_CATEGORY system tag.

'column_tag_map': [ ... ]

An array of objects that have the following key-value pairs:

'tag_name': 'string'

The fully qualified name of the tag.

For more information, see Identifier requirements.

'tag_value':'string'

The string value of the tag.

Optional: If not specified, the tag value is mapped to the recommended value in the output of SYSTEM$CLASSIFY.

'semantic_categories': [ 'category' [ , 'category' ... ] ]

A comma-separated list of categories for the SEMANTIC_CATEGORY system tag.

These values enable you to specify the tag and string value to set on a column.

Optional: If not specified, the tag is mapped to the recommended tag in the output of SYSTEM$CLASSIFY.

Access control requirements

A role used to execute this SQL command must have the following privileges at a minimum:

Privilege/role

Object

CLASSIFICATION_ADMIN database role

n/a

CREATE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE privilege

Schema

The USAGE privilege on the parent database and schema are required to perform operations on any object in a schema.

For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.

For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.

Methods

You can call the following methods on the instance of the CLASSIFICATION_PROFILE class that you create:

Usage notes

To refer to this class by its unqualified name, include the database and schema of the class in your search path.

  • If the same tag and semantic category is mapped to two different values, then the order of the objects in the column_tag_map determines the tag and string value to set on a column. Order the column_tag_map arrays from highest preference to lowest preference.

Examples

Create an instance and specify basic criteria to automatically classify tables in a schema:

CREATE OR REPLACE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE
  my_classification_profile(
    {
      'minimum_object_age_for_classification_days': 1,
      'maximum_classification_validity_days': 30,
      'auto_tag': true
    });
Copy

Create an instance and specify the tag mapping to a single tag:

CREATE OR REPLACE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE my_classification_profile(
  {
    'minimum_object_age_for_classification_days':1,
    'auto_tag':true,
    'tag_map':{
      'column_tag_map':[
        {
          'tag_name':'tag_db.sch.pii'
        }
      ]
    }
  }
);
Copy

Create an instance and specify the tag mapping to different tag values:

CREATE OR REPLACE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE
  my_classification_profile(
    {
      'minimum_object_age_for_classification_days':1,
      'auto_tag':true,
      'tag_map': {
        'column_tag_map':[
          {
            'tag_name':'test_ac_db.test_ac_schema.pii',
            'tag_value':'important',
            'semantic_categories':['NAME']
          },
          {
            'tag_name':'test_ac_db.test_ac_schema.pii',
            'tag_value':'pii',
            'semantic_categories':['EMAIL','NATIONAL_IDENTIFIER']
          }
        ]
      }
    }
  );
Copy

Create an instance and specify custom classifiers for the automatic classification process:

CREATE OR REPLACE SNOWFLAKE.DATA_PRIVACY.CLASSIFICATION_PROFILE my_classification_profile(
  {
    'minimum_object_age_for_classification_days':1,
    'auto_tag':true,
    'custom_classifiers': {
      'medical_codes': medical_codes!list(),
      'finance_codes': finance_codes!list()
    }
  }
);
Copy
Language: English