{"id":97107,"date":"2025-02-12T06:19:31","date_gmt":"2025-02-12T02:49:31","guid":{"rendered":"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/"},"modified":"2025-02-12T06:19:31","modified_gmt":"2025-02-12T02:49:31","slug":"managers-guide-aws-tri-secret-secure-in-snowflake-59l","status":"publish","type":"post","link":"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/","title":{"rendered":"\u0631\u0627\u0647\u0646\u0645\u0627\u06cc \u0645\u062f\u06cc\u0631: AWS Tri-Secret \u062f\u0631 Snowflake Snowflake"},"content":{"rendered":"<div data-article-id=\"2272280\" id=\"article-body\">\n<p>\u0628\u0647 \u0639\u0646\u0648\u0627\u0646 <strong>\u0645\u062f\u06cc\u0631 \u0628\u0633\u062a\u0631 \u062f\u0627\u062f\u0647 \u0647\u0627<\/strong>\u060c \u062d\u0635\u0648\u0644 <strong>\u0627\u0645\u0646\u06cc\u062a \u062f\u0627\u062f\u0647 \u0647\u0627 \u060c \u0627\u0646\u0637\u0628\u0627\u0642 \u0648 \u0639\u0645\u0644\u06a9\u0631\u062f<\/strong> \u062f\u0631 \u0645\u062d\u06cc\u0637 \u0647\u0627\u06cc \u0627\u0628\u0631\u06cc \u0627\u0648\u0644\u0648\u06cc\u062a \u0627\u0635\u0644\u06cc \u0627\u0633\u062a. <strong>\u0645\u062e\u0641\u06cc AWS Snowflake&#39;s Trie-Secret \u0627\u0645\u0646<\/strong> \u0645\u062f\u0644 \u0628\u0627 \u0627\u062f\u063a\u0627\u0645 \u0627\u0645\u0646\u06cc\u062a \u0631\u0627 \u062a\u0642\u0648\u06cc\u062a \u0645\u06cc \u06a9\u0646\u062f <strong>\u0633\u0631\u0648\u06cc\u0633 \u0645\u062f\u06cc\u0631\u06cc\u062a \u06a9\u0644\u06cc\u062f AWS (KMS)<\/strong>\u0628\u0627 <strong>\u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u062f\u0627\u062e\u0644\u06cc Snowflake<\/strong>\u0648\u062a <strong>\u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0645\u0634\u062a\u0631\u06cc<\/strong>\u060c \u0627\u0631\u0627\u0626\u0647 <strong>\u0645\u062d\u0627\u0641\u0638\u062a \u0686\u0646\u062f \u0644\u0627\u06cc\u0647<\/strong> \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u062f\u0633\u062a\u0631\u0633\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632.<\/p>\n<p>\u0627\u06cc\u0646 \u0631\u0627\u0647\u0646\u0645\u0627 \u06cc\u06a9 <strong>\u0628\u0631\u0631\u0633\u06cc \u0627\u062c\u0645\u0627\u0644\u06cc \u0641\u0646\u06cc<\/strong> \u0627\u0632 AWS Tri-Secret \u062f\u0631 Snowflake \u0627\u0645\u0646 \u060c \u0628\u0627 \u062a\u0645\u0631\u06a9\u0632 \u0628\u0631 \u0631\u0648\u06cc <strong>\u0645\u0631\u0627\u062d\u0644 \u0627\u062c\u0631\u0627\u06cc \u060c \u0645\u0624\u0644\u0641\u0647 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u06a9\u0644\u06cc\u062f\u06cc \u0648 \u0628\u0647\u062a\u0631\u06cc\u0646 \u0634\u06cc\u0648\u0647 \u0647\u0627<\/strong> \u0628\u0631\u0627\u06cc \u06a9\u0645\u06a9 \u0628\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 DBA \u062f\u0631 \u0636\u0645\u0646 \u062d\u0641\u0638 \u06a9\u0627\u0631\u0622\u06cc\u06cc \u0639\u0645\u0644\u06cc\u0627\u062a\u06cc \u060c \u0627\u0645\u0646\u06cc\u062a \u062f\u0627\u062f\u0647 \u0647\u0627 \u0631\u0627 \u062a\u0642\u0648\u06cc\u062a \u0645\u06cc \u06a9\u0646\u0646\u062f.<\/p>\n<hr\/>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter-rtl ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">\u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%DA%86%D8%B1%D8%A7_AWS_Tri-Secret_Secure_%D8%A8%D8%B1%D8%A7%DB%8C_%D9%85%D8%AF%DB%8C%D8%B1%D8%A7%D9%86_%D8%A7%D9%85%D9%86%DB%8C%D8%AA%DB%8C_%D8%A7%D9%85%D9%88%D8%B1_%D8%A7%D9%85%D9%86_%D8%A7%D8%B3%D8%AA\" >\u0686\u0631\u0627 AWS Tri-Secret Secure \u0628\u0631\u0627\u06cc \u0645\u062f\u06cc\u0631\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0645\u0648\u0631 \u0627\u0645\u0646 \u0627\u0633\u062a!<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D9%85%D8%B2%D8%A7%DB%8C%D8%A7%DB%8C_%DA%A9%D9%84%DB%8C%D8%AF%DB%8C\" >\u0645\u0632\u0627\u06cc\u0627\u06cc \u06a9\u0644\u06cc\u062f\u06cc:<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D8%B3%D9%87_%D9%84%D8%A7%DB%8C%D9%87_AWS_Tri-Secret_Secure\" >\u0633\u0647 \u0644\u0627\u06cc\u0647 AWS Tri-Secret Secure<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D9%86%D8%AD%D9%88%D9%87_%D8%A7%D8%AC%D8%B1%D8%A7%DB%8C_AWS_Tri-Secret_%D8%AF%D8%B1_Snowflake\" >\u0646\u062d\u0648\u0647 \u0627\u062c\u0631\u0627\u06cc AWS Tri-Secret \u062f\u0631 Snowflake<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D9%85%D8%B1%D8%AD%D9%84%D9%87_1_%D8%B1%D9%85%D8%B2%DA%AF%D8%B0%D8%A7%D8%B1%DB%8C_%D8%A8%D9%88%D9%85%DB%8C_Snowflake_%D8%B1%D8%A7_%D9%81%D8%B9%D8%A7%D9%84_%DA%A9%D9%86%DB%8C%D8%AF\" >\u0645\u0631\u062d\u0644\u0647 1: \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0628\u0648\u0645\u06cc Snowflake \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D9%85%D8%B1%D8%AD%D9%84%D9%87_2_AWS_KMS_%D8%B1%D8%A7_%D8%A8%D8%B1%D8%A7%DB%8C_%D9%85%D8%AF%DB%8C%D8%B1%DB%8C%D8%AA_%DA%A9%D9%84%DB%8C%D8%AF_%D8%AE%D8%A7%D8%B1%D8%AC%DB%8C_%D8%A7%D8%AF%D8%BA%D8%A7%D9%85_%DA%A9%D9%86%DB%8C%D8%AF\" >\u0645\u0631\u062d\u0644\u0647 2: AWS KMS \u0631\u0627 \u0628\u0631\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u06a9\u0644\u06cc\u062f \u062e\u0627\u0631\u062c\u06cc \u0627\u062f\u063a\u0627\u0645 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D9%85%D8%B1%D8%AD%D9%84%D9%87_3_%D8%A7%D8%AC%D8%B1%D8%A7%DB%8C_%DA%A9%D9%86%D8%AA%D8%B1%D9%84_%D8%AF%D8%B3%D8%AA%D8%B1%D8%B3%DB%8C_%D9%85%D8%A8%D8%AA%D9%86%DB%8C_%D8%A8%D8%B1_%D9%86%D9%82%D8%B4_RBAC\" >\u0645\u0631\u062d\u0644\u0647 3: \u0627\u062c\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0642\u0634 (RBAC)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D9%85%D8%B1%D8%AD%D9%84%D9%87_4_%D9%85%D9%85%DB%8C%D8%B2%DB%8C_%D9%88_%D9%86%D8%B8%D8%A7%D8%B1%D8%AA_%D8%B1%D8%A7_%D8%A8%D8%A7_AWS_CloudTrail_%D9%81%D8%B9%D8%A7%D9%84_%DA%A9%D9%86%DB%8C%D8%AF\" >\u0645\u0631\u062d\u0644\u0647 4: \u0645\u0645\u06cc\u0632\u06cc \u0648 \u0646\u0638\u0627\u0631\u062a \u0631\u0627 \u0628\u0627 AWS CloudTrail \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D8%A8%D9%87%D8%AA%D8%B1%DB%8C%D9%86_%D8%B1%D9%88%D8%B4%D9%87%D8%A7_%D8%A8%D8%B1%D8%A7%DB%8C_DBA\" >\u0628\u0647\u062a\u0631\u06cc\u0646 \u0631\u0648\u0634\u0647\u0627 \u0628\u0631\u0627\u06cc DBA<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/nabfollower.com\/blog\/managers-guide-aws-tri-secret-secure-in-snowflake-59l\/#%D9%BE%D8%A7%DB%8C%D8%A7%D9%86\" >\u067e\u0627\u06cc\u0627\u0646<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"%DA%86%D8%B1%D8%A7_AWS_Tri-Secret_Secure_%D8%A8%D8%B1%D8%A7%DB%8C_%D9%85%D8%AF%DB%8C%D8%B1%D8%A7%D9%86_%D8%A7%D9%85%D9%86%DB%8C%D8%AA%DB%8C_%D8%A7%D9%85%D9%88%D8%B1_%D8%A7%D9%85%D9%86_%D8%A7%D8%B3%D8%AA\"><\/span>\n<p>  \u0686\u0631\u0627 AWS Tri-Secret Secure \u0628\u0631\u0627\u06cc \u0645\u062f\u06cc\u0631\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0645\u0648\u0631 \u0627\u0645\u0646 \u0627\u0633\u062a!<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>AWS Tri-Secret Secure \u062a\u0636\u0645\u06cc\u0646 \u0645\u06cc \u06a9\u0646\u062f <strong>\u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0628\u0631 \u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc<\/strong>\u060c \u06a9\u0627\u0647\u0634 \u062e\u0637\u0631\u0627\u062a \u0648 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0627\u0632 \u0631\u0639\u0627\u06cc\u062a \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f\u0647\u0627\u06cc \u0646\u0638\u0627\u0631\u062a\u06cc. \u0627\u06cc\u0646 \u0686\u0627\u0631\u0686\u0648\u0628 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062a\u0631\u06a9\u06cc\u0628 \u0645\u06cc \u0634\u0648\u062f <strong>\u0633\u0647 \u0644\u0627\u06cc\u0647 \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc<\/strong> \u0628\u0631\u0627\u06cc \u0627\u0631\u0627\u0626\u0647 \u0633\u0637\u062d \u0627\u0636\u0627\u0641\u06cc \u0627\u0632 \u0645\u062d\u0627\u0641\u0638\u062a.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%D9%85%D8%B2%D8%A7%DB%8C%D8%A7%DB%8C_%DA%A9%D9%84%DB%8C%D8%AF%DB%8C\"><\/span>\n<p>  <strong>\u0645\u0632\u0627\u06cc\u0627\u06cc \u06a9\u0644\u06cc\u062f\u06cc:<\/strong><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ol>\n<li>\n<strong>\u0627\u0645\u0646\u06cc\u062a \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647<\/strong> &#8211; \u062a\u0631\u06a9\u06cc\u0628\u06cc <strong>\u0631\u0645\u0632 \u0648 \u0631\u0627\u0632 \u0628\u0631\u0641<\/strong>\u0628\u0627 <strong>\u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc AWS KMS<\/strong>\u0648\u062a <strong>\u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0645\u0634\u062a\u0631\u06cc<\/strong> \u0628\u0631\u0627\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0644\u0627\u06cc\u0647 \u0627\u06cc<\/li>\n<li>\n<strong>\u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0646\u0647<\/strong> &#8211; \u0644\u0648\u0627\u0632\u0645 \u062c\u0627\u0646\u0628\u06cc <strong>\u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0642\u0634 (RBAC)<\/strong> \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u062d\u0633\u0627\u0633.<\/li>\n<li>\n<strong>\u0627\u0646\u0637\u0628\u0627\u0642 \u0646\u0638\u0627\u0631\u062a\u06cc<\/strong> &#8211; \u062a\u0636\u0645\u06cc\u0646 \u0627\u0646\u0637\u0628\u0627\u0642 <strong>SOC 2 \u060c HIPAA \u060c GDPR \u0648 ISO 27001<\/strong>\u0628\u0634\u0631<\/li>\n<li>\n<strong>\u062d\u0633\u0627\u0628\u0631\u0633\u06cc \u0648 \u0646\u0638\u0627\u0631\u062a \u062f\u0631 \u0632\u0645\u0627\u0646 \u0648\u0627\u0642\u0639\u06cc<\/strong> &#8211; \u0627\u0633\u062a\u0641\u0627\u062f\u0647 <strong>AWS CloudTrail<\/strong> \u0648\u062a <strong>\u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0628\u0631\u0641<\/strong> \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0644\u06cc\u062f\u06cc.<\/li>\n<li>\n<strong>\u0627\u062f\u063a\u0627\u0645 \u0628\u062f\u0648\u0646 \u062f\u0631\u0632<\/strong> &#8211; \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc AWS KMS \u0627\u0633\u062a <strong>\u0628\u0648\u0645\u06cc \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc \u0634\u0648\u062f<\/strong> \u062f\u0631 \u0628\u0631\u0641 \u0628\u0627 \u062d\u062f\u0627\u0642\u0644 \u062a\u0623\u062b\u06cc\u0631 \u0639\u0645\u0644\u06a9\u0631\u062f.<\/li>\n<\/ol>\n<hr\/>\n<h2><span class=\"ez-toc-section\" id=\"%D8%B3%D9%87_%D9%84%D8%A7%DB%8C%D9%87_AWS_Tri-Secret_Secure\"><\/span>\n<p>  \u0633\u0647 \u0644\u0627\u06cc\u0647 AWS Tri-Secret Secure<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ol>\n<li>\n<p><strong>\u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0628\u0627 \u0645\u062f\u06cc\u0631\u06cc\u062a Snowflake (\u0644\u0627\u06cc\u0647 1)<\/strong><\/p>\n<ul>\n<li>\u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0628\u0631\u0641 \u0628\u0631\u0641 <strong>\u062a\u0645\u0627\u0645 \u062f\u0627\u062f\u0647 \u0647\u0627 \u062f\u0631 \u062d\u0627\u0644\u062a \u0627\u0633\u062a\u0631\u0627\u062d\u062a \u0648 \u062d\u0645\u0644 \u0648 \u0646\u0642\u0644<\/strong> \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 <strong>\u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc AES-256<\/strong>\u0628\u0634\u0631<\/li>\n<li>TLS 1.2 \u062a\u0636\u0645\u06cc\u0646 \u0645\u06cc \u06a9\u0646\u062f <strong>\u0627\u0631\u062a\u0628\u0627\u0637 \u0627\u06cc\u0645\u0646 \u0628\u06cc\u0646 \u0645\u0634\u062a\u0631\u06cc \u0648 \u06af\u0644 \u0628\u0631\u0641<\/strong>\u0628\u0634\u0631<\/li>\n<\/ul>\n<\/li>\n<li>\n<p><strong>\u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc AWS KMS (\u0644\u0627\u06cc\u0647 2)<\/strong><\/p>\n<ul>\n<li>AWS KMS \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc \u06a9\u0646\u062f <strong>\u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0628\u0627 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0645\u0634\u062a\u0631\u06cc (CMKS)<\/strong> \u0628\u0631\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a \u0628\u06cc\u0634\u062a\u0631<\/li>\n<li>\u0627\u0632 \u06a9\u0644\u06cc\u062f \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f <strong>\u0686\u0631\u062e\u0634 \u060c \u0627\u0646\u0642\u0636\u0627 \u0648 \u0627\u0628\u0637\u0627\u0644<\/strong>\u0628\u0634\u0631<\/li>\n<\/ul>\n<\/li>\n<li>\n<p><strong>\u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0634\u062f\u0647 \u0645\u0634\u062a\u0631\u06cc (\u0644\u0627\u06cc\u0647 3)<\/strong><\/p>\n<ul>\n<li>\u0628\u0647 \u0633\u0627\u0632\u0645\u0627\u0646 \u0647\u0627 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 <strong>\u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u06cc\u0627\u0648\u0631\u06cc\u062f (BYOK)<\/strong>\u0628\u0634\u0631<\/li>\n<li>\u062a\u0635\u0648\u06cc\u0628 \u06a9\u0631\u062f\u0646 <strong>\u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0628\u0631 \u0633\u06cc\u0627\u0633\u062a \u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0648 \u0631\u0645\u0632\u06af\u0634\u0627\u06cc\u06cc<\/strong>\u0628\u0634\u0631<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<hr\/>\n<h2><span class=\"ez-toc-section\" id=\"%D9%86%D8%AD%D9%88%D9%87_%D8%A7%D8%AC%D8%B1%D8%A7%DB%8C_AWS_Tri-Secret_%D8%AF%D8%B1_Snowflake\"><\/span>\n<p>  \u0646\u062d\u0648\u0647 \u0627\u062c\u0631\u0627\u06cc AWS Tri-Secret \u062f\u0631 Snowflake<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><span class=\"ez-toc-section\" id=\"%D9%85%D8%B1%D8%AD%D9%84%D9%87_1_%D8%B1%D9%85%D8%B2%DA%AF%D8%B0%D8%A7%D8%B1%DB%8C_%D8%A8%D9%88%D9%85%DB%8C_Snowflake_%D8%B1%D8%A7_%D9%81%D8%B9%D8%A7%D9%84_%DA%A9%D9%86%DB%8C%D8%AF\"><\/span>\n<p>  <strong>\u0645\u0631\u062d\u0644\u0647 1: \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0628\u0648\u0645\u06cc Snowflake \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/strong><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Snowflake \u0628\u0647 \u0637\u0648\u0631 \u062e\u0648\u062f\u06a9\u0627\u0631 \u062a\u0645\u0627\u0645 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0645\u0634\u062a\u0631\u06cc \u0631\u0627 \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0645\u06cc \u06a9\u0646\u062f. \u062a\u06cc\u0645 \u0647\u0627\u06cc DBA \u0628\u0627\u06cc\u062f \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0631\u0627 \u062a\u0623\u06cc\u06cc\u062f \u06a9\u0646\u0646\u062f:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight sql\"><code><span class=\"k\">SELECT<\/span> <span class=\"k\">SYSTEM<\/span><span class=\"err\">$<\/span><span class=\"n\">SHOW_PARAMETER<\/span><span class=\"p\">(<\/span><span class=\"s1\">'ENCRYPTION'<\/span><span class=\"p\">);<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u062e\u0637 \u0645\u0634\u06cc \u0647\u0627\u06cc \u0634\u0628\u06a9\u0647 \u062f\u0631 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a <strong>\u062f\u0633\u062a\u0631\u0633\u06cc \u0631\u0627 \u0645\u062d\u062f\u0648\u062f \u06a9\u0646\u06cc\u062f<\/strong>:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight sql\"><code><span class=\"k\">ALTER<\/span> <span class=\"n\">NETWORK<\/span> <span class=\"n\">POLICY<\/span> <span class=\"o\">&lt;<\/span><span class=\"n\">policy_name<\/span><span class=\"o\">&gt;<\/span> <span class=\"k\">SET<\/span> <span class=\"n\">ALLOWED_IP_LIST<\/span> <span class=\"o\">=<\/span> <span class=\"p\">(<\/span><span class=\"s1\">'192.168.1.1\/32'<\/span><span class=\"p\">,<\/span> <span class=\"s1\">'10.0.0.0\/24'<\/span><span class=\"p\">);<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h3><span class=\"ez-toc-section\" id=\"%D9%85%D8%B1%D8%AD%D9%84%D9%87_2_AWS_KMS_%D8%B1%D8%A7_%D8%A8%D8%B1%D8%A7%DB%8C_%D9%85%D8%AF%DB%8C%D8%B1%DB%8C%D8%AA_%DA%A9%D9%84%DB%8C%D8%AF_%D8%AE%D8%A7%D8%B1%D8%AC%DB%8C_%D8%A7%D8%AF%D8%BA%D8%A7%D9%85_%DA%A9%D9%86%DB%8C%D8%AF\"><\/span>\n<p>  <strong>\u0645\u0631\u062d\u0644\u0647 2: AWS KMS \u0631\u0627 \u0628\u0631\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u06a9\u0644\u06cc\u062f \u062e\u0627\u0631\u062c\u06cc \u0627\u062f\u063a\u0627\u0645 \u06a9\u0646\u06cc\u062f<\/strong><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ol>\n<li>\n<p><strong>\u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 AWS KMS CMK (\u06a9\u0644\u06cc\u062f \u0627\u0635\u0644\u06cc \u0645\u0634\u062a\u0631\u06cc):<\/strong><\/p>\n<ul>\n<li>\u0628\u0647 \u0633\u0645\u062a <strong>\u06a9\u0646\u0633\u0648\u0644 AWS KMS<\/strong> \u2192 <strong>\u0627\u06cc\u062c\u0627\u062f \u06a9\u0644\u06cc\u062f<\/strong>\u0628\u0634\u0631<\/li>\n<li>\u0627\u0646\u062a\u062e\u0627\u0628 \u06a9\u0631\u062f\u0646 <strong>\u06a9\u0644\u06cc\u062f \u0645\u062a\u0642\u0627\u0631\u0646<\/strong> \u0648 \u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 <strong>\u0686\u0631\u062e\u0634 \u06a9\u0644\u06cc\u062f\u06cc<\/strong>\u0628\u0634\u0631<\/li>\n<li>\u0646\u0642\u0634 \u0647\u0627\u06cc IAM \u0631\u0627 \u0627\u062e\u062a\u0635\u0627\u0635 \u062f\u0647\u06cc\u062f \u062a\u0627 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0628\u0631\u0641 \u0628\u0631\u0641\u06cc \u0641\u0631\u0627\u0647\u0645 \u0634\u0648\u062f.<\/li>\n<\/ul>\n<\/li>\n<li>\n<p><strong>\u06a9\u0644\u06cc\u062f AWS KMS \u0631\u0627 \u0628\u0647 \u0628\u0631\u0641 \u0628\u0631\u0641\u06cc \u0648\u0635\u0644 \u06a9\u0646\u06cc\u062f:<\/strong><\/p>\n<ul>\n<li>\u062a\u0648\u0644\u06cc\u062f <strong>AWS KMS KEY ARN<\/strong>\u0628\u0634\u0631<\/li>\n<li>\u06a9\u0644\u06cc\u062f \u0631\u0627 \u062f\u0631 Snowflake \u062b\u0628\u062a \u06a9\u0646\u06cc\u062f:\n<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight sql\"><code>   <span class=\"k\">ALTER<\/span> <span class=\"n\">ACCOUNT<\/span> <span class=\"k\">SET<\/span> <span class=\"n\">MASTER_KEY<\/span> <span class=\"o\">=<\/span> <span class=\"s1\">'arn:aws:kms:region:account-id:key\/key-id'<\/span><span class=\"p\">;<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h3><span class=\"ez-toc-section\" id=\"%D9%85%D8%B1%D8%AD%D9%84%D9%87_3_%D8%A7%D8%AC%D8%B1%D8%A7%DB%8C_%DA%A9%D9%86%D8%AA%D8%B1%D9%84_%D8%AF%D8%B3%D8%AA%D8%B1%D8%B3%DB%8C_%D9%85%D8%A8%D8%AA%D9%86%DB%8C_%D8%A8%D8%B1_%D9%86%D9%82%D8%B4_RBAC\"><\/span>\n<p>  <strong>\u0645\u0631\u062d\u0644\u0647 3: \u0627\u062c\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0642\u0634 (RBAC)<\/strong><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ol>\n<li>\n<strong>\u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u06cc\u0645\u0646 \u0646\u0642\u0634 \u0647\u0627\u06cc \u0633\u0641\u0627\u0631\u0634\u06cc \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f:<\/strong>\n<\/li>\n<\/ol>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight sql\"><code>   <span class=\"k\">CREATE<\/span> <span class=\"k\">ROLE<\/span> <span class=\"n\">SECURITY_ADMIN<\/span><span class=\"p\">;<\/span>\n   <span class=\"k\">GRANT<\/span> <span class=\"k\">USAGE<\/span> <span class=\"k\">ON<\/span> <span class=\"n\">WAREHOUSE<\/span> <span class=\"n\">my_warehouse<\/span> <span class=\"k\">TO<\/span> <span class=\"k\">ROLE<\/span> <span class=\"n\">SECURITY_ADMIN<\/span><span class=\"p\">;<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<ol>\n<li>\n<strong>\u0628\u0631\u0627\u06cc \u0632\u0645\u06cc\u0646\u0647 \u0647\u0627\u06cc \u062d\u0633\u0627\u0633 \u0645\u0627\u0633\u06a9 \u062f\u0627\u062f\u0647 \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u06cc\u062f:<\/strong>\n<\/li>\n<\/ol>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight sql\"><code>   <span class=\"k\">CREATE<\/span> <span class=\"n\">MASKING<\/span> <span class=\"n\">POLICY<\/span> <span class=\"n\">ssn_mask<\/span> <span class=\"k\">AS<\/span> <span class=\"p\">(<\/span><span class=\"n\">val<\/span> <span class=\"n\">STRING<\/span><span class=\"p\">)<\/span> <span class=\"k\">RETURNS<\/span> <span class=\"n\">STRING<\/span> <span class=\"o\">-&gt;<\/span>\n   <span class=\"k\">CASE<\/span> <span class=\"k\">WHEN<\/span> <span class=\"k\">CURRENT_ROLE<\/span><span class=\"p\">()<\/span> <span class=\"k\">IN<\/span> <span class=\"p\">(<\/span><span class=\"s1\">'DBA_MANAGER'<\/span><span class=\"p\">)<\/span> <span class=\"k\">THEN<\/span> <span class=\"n\">val<\/span> <span class=\"k\">ELSE<\/span> <span class=\"s1\">'XXX-XX-XXXX'<\/span> <span class=\"k\">END<\/span><span class=\"p\">;<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h3><span class=\"ez-toc-section\" id=\"%D9%85%D8%B1%D8%AD%D9%84%D9%87_4_%D9%85%D9%85%DB%8C%D8%B2%DB%8C_%D9%88_%D9%86%D8%B8%D8%A7%D8%B1%D8%AA_%D8%B1%D8%A7_%D8%A8%D8%A7_AWS_CloudTrail_%D9%81%D8%B9%D8%A7%D9%84_%DA%A9%D9%86%DB%8C%D8%AF\"><\/span>\n<p>  <strong>\u0645\u0631\u062d\u0644\u0647 4: \u0645\u0645\u06cc\u0632\u06cc \u0648 \u0646\u0638\u0627\u0631\u062a \u0631\u0627 \u0628\u0627 AWS CloudTrail \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/strong><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li>\n<strong>AWS CloudTrail<\/strong> \u06a9\u0644\u06cc\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc API \u0631\u0627 \u0628\u0647 <strong>KMS AWS<\/strong>\u060c \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0627\u0632 \u062f\u06cc\u062f \u062f\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0644\u06cc\u062f\u06cc.<\/li>\n<li>\u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0631\u062f\u0646 <strong>\u0647\u0634\u062f\u0627\u0631\u0647\u0627 \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06a9\u0644\u06cc\u062f \u063a\u06cc\u0631\u0645\u062c\u0627\u0632<\/strong>:\n<\/li>\n<\/ul>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight json\"><code><span class=\"w\">  <\/span><span class=\"p\">{<\/span><span class=\"w\">\n      <\/span><span class=\"nl\">\"source\"<\/span><span class=\"p\">:<\/span><span class=\"w\"> <\/span><span class=\"p\">[<\/span><span class=\"s2\">\"aws.kms\"<\/span><span class=\"p\">],<\/span><span class=\"w\">\n      <\/span><span class=\"nl\">\"detail-type\"<\/span><span class=\"p\">:<\/span><span class=\"w\"> <\/span><span class=\"p\">[<\/span><span class=\"s2\">\"AWS API Call via CloudTrail\"<\/span><span class=\"p\">],<\/span><span class=\"w\">\n      <\/span><span class=\"nl\">\"detail\"<\/span><span class=\"p\">:<\/span><span class=\"w\"> <\/span><span class=\"p\">{<\/span><span class=\"w\">\n          <\/span><span class=\"nl\">\"eventName\"<\/span><span class=\"p\">:<\/span><span class=\"w\"> <\/span><span class=\"p\">[<\/span><span class=\"s2\">\"Decrypt\"<\/span><span class=\"p\">,<\/span><span class=\"w\"> <\/span><span class=\"s2\">\"GenerateDataKey\"<\/span><span class=\"p\">]<\/span><span class=\"w\">\n      <\/span><span class=\"p\">}<\/span><span class=\"w\">\n  <\/span><span class=\"p\">}<\/span><span class=\"w\">\n<\/span><\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<hr\/>\n<h2><span class=\"ez-toc-section\" id=\"%D8%A8%D9%87%D8%AA%D8%B1%DB%8C%D9%86_%D8%B1%D9%88%D8%B4%D9%87%D8%A7_%D8%A8%D8%B1%D8%A7%DB%8C_DBA\"><\/span>\n<p>  \u0628\u0647\u062a\u0631\u06cc\u0646 \u0631\u0648\u0634\u0647\u0627 \u0628\u0631\u0627\u06cc DBA<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ol>\n<li>\n<strong>\u0628\u0647 \u0637\u0648\u0631 \u0645\u0631\u062a\u0628 \u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc AWS KMS \u0631\u0627 \u0628\u0686\u0631\u062e\u0627\u0646\u06cc\u062f<\/strong> -\u0627\u0632 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0646 \u062f\u0631 \u0645\u0639\u0631\u0636 \u0637\u0648\u0644\u0627\u0646\u06cc \u0645\u062f\u062a \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u06a9\u0646\u06cc\u062f.<\/li>\n<li>\n<strong>\u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0645\u062a\u0631\u06cc\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f<\/strong> &#8211; \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0645\u062f\u06cc\u0631 \u0631\u0627 \u0645\u062d\u062f\u0648\u062f \u06a9\u0646\u06cc\u062f.<\/li>\n<li>\n<strong>\u062a\u0623\u06cc\u06cc\u062f \u0647\u0648\u06cc\u062a \u0686\u0646\u062f \u0639\u0627\u0645\u0644\u06cc (MFA)<\/strong> &#8211; \u0627\u0632 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062d\u0633\u0627\u0628\u0647\u0627\u06cc Snowflake \u0648 AWS \u0645\u062d\u0627\u0641\u0638\u062a \u06a9\u0646\u06cc\u062f.<\/li>\n<li>\n<strong>\u062d\u0633\u0627\u0628\u0631\u0633\u06cc \u0627\u0646\u0637\u0628\u0627\u0642 \u062e\u0648\u062f\u06a9\u0627\u0631<\/strong> &#8211; \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f <strong>\u0642\u0637\u0628 \u0627\u0645\u0646\u06cc\u062a\u06cc AWS<\/strong> \u0648\u062a <strong>\u062d\u0633\u0627\u0628 \u0647\u0627\u06cc Snowflake Account_Usage<\/strong>\u0628\u0634\u0631<\/li>\n<li>\n<strong>\u0622\u0632\u0645\u0627\u06cc\u0634 \u0646\u0641\u0648\u0630 \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u062f<\/strong> &#8211; \u0628\u0647 \u0637\u0648\u0631 \u0645\u0631\u062a\u0628 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0627 \u0622\u0632\u0645\u0627\u06cc\u0634 \u06a9\u0646\u06cc\u062f.<\/li>\n<\/ol>\n<hr\/>\n<h2><span class=\"ez-toc-section\" id=\"%D9%BE%D8%A7%DB%8C%D8%A7%D9%86\"><\/span>\n<p>  \u067e\u0627\u06cc\u0627\u0646<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0628\u0647 \u0637\u0648\u0631 \u062e\u0644\u0627\u0635\u0647 \u060c AWS Tri-Secret Secure in Snowflake <strong>\u0645\u062f\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0642\u062f\u0631\u062a\u0645\u0646\u062f<\/strong> \u0627\u06cc\u0646 \u062a\u0636\u0645\u06cc\u0646 \u0645\u06cc \u06a9\u0646\u062f <strong>\u062d\u0641\u0627\u0638\u062a \u0627\u0632 \u062f\u0627\u062f\u0647 \u0647\u0627 \u060c \u0627\u0646\u0637\u0628\u0627\u0642 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc<\/strong>\u0628\u0634\u0631 \u0627\u0632 \u0637\u0631\u0641 <strong>\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 KMS AWS \u060c \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0628\u0631\u0641 \u0648 \u06a9\u06cc\u06a9 \u0647\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0645\u0634\u062a\u0631\u06cc<\/strong>\u060c \u0633\u0627\u0632\u0645\u0627\u0646 \u0647\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f <strong>\u0627\u0645\u0646\u06cc\u062a \u0631\u0627 \u062a\u0642\u0648\u06cc\u062a \u06a9\u0646\u06cc\u062f \u060c \u062e\u0637\u0631\u0627\u062a \u0631\u0627 \u06a9\u0627\u0647\u0634 \u062f\u0647\u06cc\u062f \u0648 \u0627\u0632 \u062f\u0633\u062a\u0631\u0633\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u06a9\u0646\u06cc\u062f<\/strong>\u0628\u0634\u0631<\/p>\n<p>\u0628\u0627 \u062f\u0646\u0628\u0627\u0644 \u06a9\u0631\u062f\u0646 <strong>\u0628\u0647\u062a\u0631\u06cc\u0646 \u0634\u06cc\u0648\u0647 \u0647\u0627 \u0648 \u0627\u0633\u062a\u0631\u0627\u062a\u0698\u06cc \u0647\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc<\/strong>\u060c \u0645\u062f\u06cc\u0631\u0627\u0646 \u0627\u0628\u0631 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u06cc\u06a9 \u0628\u0633\u0627\u0632\u0646\u062f <strong>\u0632\u06cc\u0631\u0633\u0627\u062e\u062a \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0628\u0633\u06cc\u0627\u0631 \u0627\u06cc\u0645\u0646 \u0648 \u0645\u0642\u06cc\u0627\u0633 \u067e\u0630\u06cc\u0631<\/strong> \u0636\u0645\u0646 \u062d\u0641\u0638 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0628\u0631 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u062d\u0633\u0627\u0633.<\/p>\n<hr\/><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062f\u06cc\u0631 \u0628\u0633\u062a\u0631 \u062f\u0627\u062f\u0647 \u0647\u0627\u060c \u062d\u0635\u0648\u0644 \u0627\u0645\u0646\u06cc\u062a \u062f\u0627\u062f\u0647 \u0647\u0627 \u060c \u0627\u0646\u0637\u0628\u0627\u0642 \u0648 \u0639\u0645\u0644\u06a9\u0631\u062f \u062f\u0631 \u0645\u062d\u06cc\u0637 \u0647\u0627\u06cc \u0627\u0628\u0631\u06cc \u0627\u0648\u0644\u0648\u06cc\u062a \u0627\u0635\u0644\u06cc \u0627\u0633\u062a. \u0645\u062e\u0641\u06cc AWS Snowflake&#39;s Trie-Secret \u0627\u0645\u0646 \u0645\u062f\u0644 \u0628\u0627 \u0627\u062f\u063a\u0627\u0645 \u0627\u0645\u0646\u06cc\u062a \u0631\u0627 \u062a\u0642\u0648\u06cc\u062a \u0645\u06cc \u06a9\u0646\u062f \u0633\u0631\u0648\u06cc\u0633 \u0645\u062f\u06cc\u0631\u06cc\u062a \u06a9\u0644\u06cc\u062f AWS (KMS)\u0628\u0627 \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u062f\u0627\u062e\u0644\u06cc Snowflake\u0648\u062a \u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0645\u0634\u062a\u0631\u06cc\u060c \u0627\u0631\u0627\u0626\u0647 \u0645\u062d\u0627\u0641\u0638\u062a \u0686\u0646\u062f \u0644\u0627\u06cc\u0647 \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u062f\u0633\u062a\u0631\u0633\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632. &hellip;<\/p>\n","protected":false},"author":2,"featured_media":97108,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","footnotes":""},"categories":[339],"tags":[],"class_list":["post-97107","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dev"],"_links":{"self":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts\/97107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/comments?post=97107"}],"version-history":[{"count":0,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts\/97107\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/media\/97108"}],"wp:attachment":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/media?parent=97107"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/categories?post=97107"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/tags?post=97107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}