Snowflake SnowPro Specialty - Native Apps Sample Questions:

1. You are deploying a containerized application within a Snowflake Native App using Snowpark Container Services (SPCS). This application needs to interact with Snowflake's metadata, specifically retrieving information about tables and views within the customer's account. Which of the following methods is the MOST appropriate and secure way to achieve this?

A) Creating a REST endpoint within the container that accepts SQL queries as input and executes them against Snowflake using the application's internal service account, then returns the results as JSON.
B) Exposing a Snowflake UDF as an API endpoint that the container can call to retrieve metadata. The UDF executes the SQL queries against the INFORMATION SCHEMA.
C) Leveraging the Snowpark Python API within the container to execute SQL queries against the Snowflake INFORMATION_SCHEMA views.
D) Using the Snowflake CLI (snowsql) within the container, configured with the application's service account credentials, to execute queries against the INFORMATION SCHEMA.
E) Using the 'snowflake-jdbc' driver directly within the container, configured with the customer's Snowflake account credentials, which are passed as environment variables.

2. You are developing a Snowflake Native App that needs to persist state information between different invocations. The app requires tracking of user preferences, processing progress, and other runtime dat a. Which of the following options are viable and secure methods for persisting this type of state information within the context of a Snowflake Native App?

A) Using the application provider's own Snowflake account to store state information associated with each consumer.
B) Using internal stages and secured views in consumer account to persist state information.
C) Using secure external stages managed by the application provider to store the consumer-specific state information.
D) Storing state information within the application package itself by updating the package version with each state change.
E) Using temporary tables within the consumer's account to store state information. The tables are dropped when the app is uninstalled.

3. You are developing a Snowflake Native Application that manages customer accounts. In version 1.0, you had a table named 'CUSTOMER_ACCOUNTS with columns 'ACCOUNT D', 'CUSTOMER NAME, and 'EMAIL'. You are now releasing version 2.0, which requires adding a new column 'PHONE NUMBER to the 'CUSTOMER ACCOUNTS table, but you need to ensure backward compatibility and allow seamless upgrades for existing installations. Which of the following approaches within the 'setup.sqr file is the MOST robust and reliable to implement this schema change without disrupting existing users?

A)

B)

C)

D)

E)

4. You are developing a Snowflake Native App that processes sensitive customer dat a. Your app needs to access data from a table owned by the consumer and write transformed data back to another table also owned by the consumer. To ensure data privacy and security, you decide to use a secure view for accessing the customer data and a stored procedure for writing the transformed data.
However, you are facing issues with privilege escalation when the stored procedure tries to access the secure view. The stored procedure is defined with the 'EXECUTE AS CALLER clause. Which of the following steps can you take to mitigate this privilege escalation issue and ensure secure data access?

A) Change the stored procedure to run with the 'EXECUTE AS OWNER clause. Ensure the consumer grants 'IMPORTED PRIVILEGES' on their database to your application. Create a database role owned by the application and grant USAGE on database to it and SELECT on secure view to the database role. Also, grant the consumer database ownership to the application.
B) Grant the 'APPLY MASKING POLICY privilege on the customer data table to the application role. Define masking policies on the sensitive columns of the customer data table.
C) Grant the 'EXECUTE MANAGED TASK' privilege to the application role. Change the stored procedure to run with the 'EXECUTE AS OWNER clause. Ensure consumer grants 'IMPORTED PRIVILEGES' on their database to your application.
D) Revoke the 'SELECT privilege on the secure view from the application role. Grant the 'SELECT' privilege on the secure view directly to the stored procedure using the 'GRANT ... TO PROCEDURE syntax.
E) Change the stored procedure to run with the 'EXECUTE AS OWNER clause. Ensure the consumer grants 'IMPORTED PRIVILEGES' on their database to your application. Create a database role owned by the application and grant USAGE on database to it and SELECT on secure view to the database role.

5. You are developing a Snowflake Native App that uses JavaScript stored procedures. During consumer testing, you observe inconsistent behavior: sometimes the app works perfectly, other times it throws intermittent 'JavaScript out of memory' errors. You suspect a memory leak in your JavaScript code. Which of the following actions could help you diagnose and resolve this issue effectively?

A) Refactor your JavaScript code to minimize the creation of large, temporary objects and ensure that objects are properly garbage collected by setting unused object references to 'null'.
B) Use the 'INFORMATION SCHEMA.QUERY HISTORY view on the consumer account to examine the query profiles of the JavaScript stored procedures, looking for excessive memory consumption or spillover to local storage.
C) Contact Snowflake support immediately, as 'JavaScript out of memory' errors always indicate a platform bug.
D) Enable detailed logging within your JavaScript stored procedures using 'CALL SYSTEM$LOG(...)'})$ and analyze the logs for excessively large data structures or recursive function calls.
E) Increase the warehouse size for the consumer's instance where the app is installed, assuming larger warehouses always provide more memory for JavaScript execution.

Solutions: