A Snowflake Architect is designing an application and tenancy strategy for an organization where strong legal isolation rules as well as multi-tenancy are requirements.
Which approach will meet these requirements if Role-Based Access Policies (RBAC) is a viable option for isolating tenants?
Creating accounts for each tenant within the Snowflake organization ensures the highest level of isolation, as each tenant's data and activities are completely separated. This approach aligns with strong legal isolation requirements and allows for effective multi-tenancy. Additionally, using separate accounts allows Role-Based Access Policies to manage access effectively within each tenant's environment.
Answer is C and is validated
but why not B, as the question says that isolating the tenants is a viable option.
You can use a single object for multiple tenants if row-level security is viable.
You can use a single object for multiple tenants if row-level security is viable.
Answer c
Why not A? This approach utilizes separate Snowflake accounts for each tenant, ensuring the highest level of isolation as required by strong legal rules, while still allowing multi-tenancy within the broader organizational context. Each tenant's data and processes remain fully isolated in their dedicated account, aligned with stringent compliance needs.
C https://resources.snowflake.com/white-paper/design-patterns-for-building-multi-tenant-applications-on-snowflake
Answer "A", according to these two points from this link. • Isolates tenants, thereby reducing the risk of mismanaging security. • Allows for strict security measures (encryption keys, IP allow lists, better-than-RBAC controls) by isolating tenants by account.
The question states RBAC is viable, Roles are under the account