turbot/snowflake_compliance
GitHub
Loading controls...

Control: At least two users must be assigned ACCOUNTADMIN role

Description

By default, each account has one user who has been designated as an account administrator (i.e. user granted the system-defined ACCOUNTADMIN role). Snowflake recommend designating at least one other user as an account administrator. This helps ensure that your account always has at least one user who can perform account-level tasks, particularly if one of your account administrators is unable to log in.

Usage

Run the control in your terminal:

steampipe check snowflake_compliance.control.security_overview_iam_two_users_accountadmin_role

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share snowflake_compliance.control.security_overview_iam_two_users_accountadmin_role

SQL

This control uses a named query:

iam_user_at_least_two_users_with_accountadmin_role