This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

External Functions

Call out to a process external to Snowflake through a REST API.

    External Functions

    Snowflake provides an External Function capability used to call out to a process external to Snowflake through a REST request over TLS encryption. In the Protegrity Serverless for Snowflake solution, this external service is the Protegrity Endpoint for data re-identification operations.

    Security Operation Parameters

    The following table describes optional and required security operation parameters.

    Parameter

    Type

    Example

    Description

    op_type

    String

    “op_type”:“UNPROTECT” “op_type”:“PROTECT”

    Required operation name, can be either UNPROTECT or PROTECT

    data_element

    String

    “data_element”:“TOK_ALPHA”

    Required data element name defined in Protegrity Security Policy

    external_iv

    String

    “external_iv”:“abc-123”

    Optional external intialization vector, which allows for different tokenized results for the same input data and data element of the same security policy. Refer to the External Initialization Vector (IV) in the Protection Methods Reference for more details.

    External Function Sample Definition with External IV:

    CREATE SECURE EXTERNAL FUNCTION PTY_PROTECT_ALPHA ( val varchar )
  RETURNS varchar
  NULL
  IMMUTABLE
  COMMENT = 'Protects using an ALPHA data element using External IV'
  API_INTEGRATION = REPLACE_WITH_YOUR_API_INTEGRATION_ID
  HEADERS = (
    'X-Protegrity-HCoP-Rules'=
    '{"jsonpaths":[{"op_type":"PROTECT","data_element":"TOK_ALPHA","external_iv":"abc-123"}]}'
  )
  CONTEXT_HEADERS = ( current_user, current_timestamp, current_account )
  AS '<AWS API GATEWAY URL>/SF_CUSTOMER';