Composable Audience Studio connects to Snowflake using RSA key pair authentication. You generate a private/public key pair, assign the public key to a Snowflake user, and provide the private key to Treasure Data.
Run the following commands to create an RSA key pair in PKCS#8 format:
# Generate a 2048-bit private key in PKCS#8 format (no passphrase)
openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt
# Derive the public key from the private key
openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pubThis creates two files:
- rsa_key.p8 -- Private key (keep this secure; you will provide it to Treasure Data)
- rsa_key.pub -- Public key (you will assign this to your Snowflake user)
The private key must be in PKCS#8 format. Other formats will cause connection failures.
Open the public key file and copy its contents, excluding the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers:
cat rsa_key.pubIn Snowflake, assign the public key to the user that Treasure Data will use:
ALTER USER <username> SET RSA_PUBLIC_KEY='MIIBIjANBgkqhk...your_public_key_content...';Verify the key assignment:
DESC USER <username>;Look for the RSA_PUBLIC_KEY_FP property to confirm the key fingerprint is set.
For more details, see the Snowflake Key Pair Authentication Documentation.