自定义模板的安全扫描¶
Snowflake runs a security scan on custom templates every 30 minutes to identify Jinja code that is susceptible to a SQL injection attack.
Prerequisites¶
To enable the custom template security scan, you must log into the clean rooms UI for that account at least once.
The PRIVACY_AND_SECURITY_SCANNER task must be running.
To see if the task is running in the Tasks page in Snowsight:
In the navigation menu, select Transformation » Tasks.
查看安全扫描结果¶
Snowflake saves security scan results to the SAMOOHA_BY_SNOWFLAKE_LOCAL_DB.PUBLIC.TEMPLATE_SCANNER_RESULTS table in the provider's Snowflake account. This table is present only if the previously listed prerequisites are satisfied.
要查看安全扫描的结果,请执行以下操作:
Sign in to Snowsight.
使用 Snowsight 或 SQL 查询中的数据库对象资源管理器查看安全扫描结果:
In the navigation menu, select Catalog » Database Explorer.
Navigate to
SAMOOHA_BY_SNOWFLAKE_LOCAL_DB»PUBLIC»Tables»TEMPLATE_SCANNER_RESULTS.选择 Data Preview。
In the navigation menu, select Projects » Worksheets.
Select + SQL Worksheet.
要列出安全扫描的结果,请粘贴并运行以下语句:
SELECT * FROM samooha_by_snowflake_local_db.public.template_scanner_results;