Mods

turbot/snowflake_compliance

GitHub
Overview
1Dashboards
18Controls
11Queries
3Variables
GitHub
Loading controls...
On This Page
Description
Usage
SQL
Get Involved
Edit on GitHub
Discuss on Slack

Control: At least two users must be assigned ACCOUNTADMIN role

Description

By default, each account has one user who has been designated as an account administrator (i.e. user granted the system-defined ACCOUNTADMIN role). Snowflake recommend designating at least one other user as an account administrator. This helps ensure that your account always has at least one user who can perform account-level tasks, particularly if one of your account administrators is unable to log in.

Usage

Run the control in your terminal:

steampipe check snowflake_compliance.control.security_overview_iam_two_users_accountadmin_role

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share snowflake_compliance.control.security_overview_iam_two_users_accountadmin_role

SQL

This control uses a named query:

iam_user_at_least_two_users_with_accountadmin_role