Prev Next

Database / Snowflake Interview Questions

What is Snowflake's Tri-Secret Secure model and when is it used?

Tri-Secret Secure is Snowflake's highest tier of data protection. It ensures that data can only be decrypted when two independent keys are simultaneously present: Snowflake's own master key and a Customer-Managed Key (CMK) held in the customer's own cloud KMS (AWS KMS or Azure Key Vault). Neither party can decrypt the data alone.

In the standard key model, Snowflake holds all key hierarchy tiers. In Tri-Secret Secure, the account master key is wrapped not just by Snowflake's root key but also by the customer's CMK. Snowflake must call the customer's KMS every time it needs to access encrypted data. If the customer revokes the CMK, all data in that account becomes immediately inaccessible — even to Snowflake engineers. This gives customers provable data sovereignty.

Use cases: financial institutions with regulatory mandates, government agencies, healthcare organizations requiring proof they can revoke Snowflake's access at any time. Requires Business Critical or Virtual Private Snowflake edition plus a Tri-Secret Secure subscription add-on.

Operational risk: if the customer loses or deletes the CMK without a backup, all data is permanently lost. The customer bears full responsibility for CMK lifecycle management.

-- Conceptual setup: link an Azure Key Vault key to the Snowflake account
-- (actual steps involve Snowflake Support + Azure Key Vault configuration)
ALTER ACCOUNT SET HSM_MASTER_KEY_ID = 'https://myvault.vault.azure.net/keys/mykey/version';

-- Verify Tri-Secret Secure is active
SHOW PARAMETERS LIKE 'TRI_SECRET_SECURE' IN ACCOUNT;
In Tri-Secret Secure, if a customer revokes their Customer-Managed Key, what happens to their Snowflake data?
Which minimum Snowflake edition is required to enable Tri-Secret Secure?

Invest now in Acorns!!! 🚀 Join Acorns and get your $5 bonus!

Invest now in Acorns!!! 🚀
Join Acorns and get your $5 bonus!

Earn passively and while sleeping

Acorns is a micro-investing app that automatically invests your "spare change" from daily purchases into diversified, expert-built portfolios of ETFs. It is designed for beginners, allowing you to start investing with as little as $5. The service automates saving and investing. Disclosure: I may receive a referral bonus.

Invest now!!! Get Free equity stock (US, UK only)!

Use Robinhood app to invest in stocks. It is safe and secure. Use the Referral link to claim your free stock when you sign up!.

The Robinhood app makes it easy to trade stocks, crypto and more.

Webull! Receive free stock by signing up using the link: Webull signup.

More Related questions...

What is Snowflake and how does its multi-cluster, shared-data architecture differ from traditional data warehouses? What are the three layers of Snowflake's architecture (Storage, Compute, Cloud Services) and what does each do? What is a Virtual Warehouse in Snowflake and how does it scale independently of storage? What is the difference between Snowflake's columnar storage and row-based storage in traditional RDBMS? What is the Snowflake Cloud Services layer and what components does it manage? What are micro-partitions in Snowflake and how do they enable automatic data clustering? What is data clustering in Snowflake and when should you define a clustering key? What is the difference between Snowflake Standard, Enterprise, Business Critical, and Virtual Private Snowflake edition? How does Snowflake handle multi-cloud deployment and cross-cloud replication? What is Snowflake's separation of compute from storage and what billing advantages does it provide? What are the stages in Snowflake (internal vs external) and how do you use them for data loading? How does the COPY INTO command work and what file formats does it support? What is Snowpipe and how does it enable continuous / serverless data ingestion? What is the difference between bulk loading with COPY INTO and micro-batch loading with Snowpipe? How does Snowflake handle semi-structured data (JSON, Avro, Parquet, ORC) with the VARIANT type? What are Snowflake Dynamic Tables and how do they differ from regular tables and views? What is Time Travel in Snowflake and how does it work (retention period, UNDROP, AT/BEFORE)? What is Fail-safe in Snowflake and how does it differ from Time Travel? What is the Snowflake Query Profile and how do you use it to diagnose slow queries? What is result caching in Snowflake and under what conditions does it apply? What is the metadata cache (Cloud Services layer cache) and how does it speed up queries? What is a clustering key and how does it reduce partition pruning cost for large tables? What are Snowflake Materialized Views and when should you use them over regular views? What is the difference between a Snowflake View, Materialized View, and Dynamic Table? How do you optimize query performance in Snowflake (warehouse sizing, clustering, pruning, result cache)? What are Snowflake Streams and how do they implement Change Data Capture (CDC)? What are Snowflake Tasks and how do you schedule SQL transformations with them? How does Snowflake implement Role-Based Access Control (RBAC) and what are the system-defined roles? What is column-level security in Snowflake (Dynamic Data Masking and Column-level Security policies)? What is Row Access Policy in Snowflake and how does it implement row-level security? How does Snowflake encrypt data at rest and in transit? What is Snowflake's Tri-Secret Secure model and when is it used? What are Snowflake Object Tags and Data Classification and how do they support governance? What is the Snowflake Access History feature and how does it support audit and compliance? What is Snowflake Secure Data Sharing and how does it work without copying data? What is the Snowflake Data Marketplace and what types of data products are available? What are Snowflake Data Clean Rooms and what privacy problems do they solve? What is Snowpark and how does it allow Python/Java/Scala code to run inside Snowflake? What are Snowflake Native Apps and how does the Native App Framework work? What are Snowflake External Tables and when would you use them over internal tables? What is Snowflake's multi-cluster warehouse and how does it handle concurrency auto-scaling? What is Resource Monitor in Snowflake and how do you use it to control credit consumption? How does Snowflake support ELT patterns and how does it compare to ETL? What are common Snowflake anti-patterns and performance pitfalls to avoid? How does Snowflake compare to BigQuery and Redshift in architecture and pricing model?
Show more question and Answers...

CouchDB Interview Questions

Comments & Discussions

Interviews Questions

About Javapedia.net

Javapedia.net is for Java and J2EE developers, technologist and college students who prepare of interview. Also this site includes many practical examples.

This site is developed using J2EE technologies by Steve Antony, a senior Developer/lead at one of the logistics based company.

contact: javatutorials2016[at]gmail[dot]com

Kindly consider donating for maintaining this website. Thanks.

Copyright © 2026, javapedia.net, all rights reserved. privacy policy.

DMCA.com Protection Status