User Directory
Lists all users in the Snowflake system for access monitoring and identity visibility.
Sync Type: Full Synchronisation
Requirements
- You must have a snowflake account and access to creating a service account user, create a role and assign it.
- Monad uses key pair authentication you can follow the Snowflake docs on how to set this up here. Be sure to have your private and public keys handy.
- Create a new snowflake service account user with the following command
CREATE USER monad_service_account
COMMENT = 'Service account for monad snowflake output'
type = 'service'
RSA_PUBLIC_KEY='Your RSA Public Key';
- We need to create a new role for this service account.
-- Create a custom role for the service account
CREATE ROLE monad_service_account_role;
-- To see the full user output, the active role must have MANAGE GRANTS priveledge. Else, snowflake nulls certain fields in the output.
GRANT MANAGE GRANTS ON ACCOUNT TO ROLE TEST_ROLE;
-- Grant the role to the service account
GRANT ROLE monad_service_account_role TO USER monad_service_account;
Details
Monad uses the cron field to schedule the input at specific intervals, returning all users across the account.
Configuration
The following configuration defines the input parameters. Each field's specifications, such as type, requirements, and descriptions, are detailed below.
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
| Cron | string | Yes | Cron string for scheduling tasks. Ex: '0 0 * * *' for daily execution at midnight. |
| Account | string | Yes | The unique identifier for your Snowflake account, typically in the form of 'organization-account_name' |
| User | string | Yes | The username of the Snowflake account used to establish the connection |
| role | string | Yes | The name of the role the service account user will use |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
| Private Key | string | Yes | The RSA private key used to authenticate |
| Password | string | Yes | Snowflake password used to authenticate |
Note: One out of Private Key and Password can be used to authenticate with this input.
Sample Record
{
"comment": "Business Intelligence user",
"created_on": "2025-08-11T23:46:45.760701Z",
"days_to_expiry": 89,
"default_namespace": "TEST",
"default_role": "ENGINEER",
"default_secondary_roles": "REVIEWER",
"default_warehouse": "ETL_WH_5",
"disabled": null,
"display_name": "Alice Johnson",
"email": "Tom Smith@example.com",
"expires_at_time": null,
"ext_authn_duo": null,
"ext_authn_uid": null,
"first_name": "John",
"has_mfa": false,
"has_password": false,
"has_rsa_public_key": false,
"last_name": "Jones",
"last_success_login": "2025-08-11T23:46:45.760897Z",
"locked_until_time": null,
"login_name": "swilliams615",
"mins_to_bypass_mfa": 54,
"mins_to_unlock": 91,
"must_change_password": null,
"name": "TEST_USER_366",
"owner": "USERADMIN",
"snowflake_lock": null,
"type": "SERVICE"
}