Snowflake SnowPro Advanced Administrator Quick Facts (2025)

Exam Domain Breakdown

Domain 1: Snowflake Security, RBAC, and User Administration (32% of the exam)

Set up and manage Snowflake authentication.

• Establish federated authentication and Single Sign-on (SSO) — Implement federated authentication/SSO as it relates to Snowflake
• Establish federated authentication and Single Sign-on (SSO) — Configure an Identity Provider (IdP) for Snowflake
• Establish federated authentication and Single Sign-on (SSO) — Configure, use, and manage federated authentication with Snowflake
• Implement Multi-Factor Authentication (MFA) — Enroll a Snowflake user in MFA
• Implement Multi-Factor Authentication (MFA) — Use MFA with different Snowflake drivers and connectors (such as, Web UI, SnowSQL, JDBC, ODBC, etc.)
• Implement Multi-Factor Authentication (MFA) — Monitor users who do not have MFA enabled
• Implement Multi-Factor Authentication (MFA) — Reset passwords and temporarily disable or permanently remove MFA from a user
• Utilize key pair authentication and perform key pair rotation — Create, set up, and configure a Snowflake user for key pair authentication
• Utilize key pair authentication and perform key pair rotation — Configure key pair rotation
• Configure and use OAuth protocol options — Use OAuth 2.0 in Snowflake
• Configure and use OAuth protocol options — Compare Snowflake OAuth to External OAuth
• Configure and use OAuth protocol options — Configure Snowflake OAuth for custom clients
• Configure and use OAuth protocol options — Configure OAuth for technology providers (such as, Tableau, Looker, Microsoft Power BI, OKTA, Azure AD, etc.)
• Configure and use OAuth protocol options — Outline how Snowflake OAuth is impacted by federated authentication, network policies, and private connectivity
• Manage passwords and password policies

Summary: This section develops your expertise in mastering Snowflake authentication methods. You will learn how to establish secure user access through SSO, MFA, key pair authentication, and OAuth integrations. By understanding the setup and configuration of authentication options, you ensure that users can access Snowflake using modern enterprise identity management practices with flexibility and security.

The emphasis here is not only on enabling secure authentication, but also on knowing when to apply each approach. You will demonstrate the ability to integrate OAuth for diverse clients, properly manage MFA enrollment across users, and align configurations with organizational identity providers. Ultimately, this builds the confidence to implement authentication policies that scale with business needs and reflect industry-leading best practices.

Set up and manage network and private connectivity.

• Establish network policies — Configure and manage network policies
• Establish network policies — Describe network policy behavior when both account-level and user-level network policies exist
• Establish private connectivity to Snowflake internal stages — Implement and manage cloud provider interfaces and private endpoints for internal stages
• Establish private connectivity to the Snowflake service — Implement and manage private connectivity between cloud providers and Snowflake
• Access the Snowflake SQL API
• Use IP address allowed lists and blocked lists for access using network access policies

Summary: In this section, your skills expand to managing secure connectivity options and network rules for Snowflake usage. You will configure and maintain network policies at both user and account levels, gaining an understanding of how rules cascade and interact for secure access. Private connectivity configurations are emphasized to ensure compliance and improved control over access pathways.

This knowledge empowers you to optimize how external systems and users connect to Snowflake. By understanding the intricacies of endpoints, allowed IP lists, and private stage connectivity, you will establish network architecture that minimizes risk while giving authorized users seamless data access.

Set up and manage security administration and authorization.

• Use and monitor SCIM — Describe SCIM and its use cases as they relate to Snowflake
• Use and monitor SCIM — Manage users and groups with SCIM
• Use and monitor SCIM — Enable, configure, and manage SCIM integration
• Prevent data exfiltration with PREVENT_UNLOAD_TO_INLINE_URL and REQUIRE_STORAGE_INTEGRATION _FOR_STAGE_CREATION
• Manage service accounts, API integration, and automated authentication (for example, key pair authentication)

Summary: This section advances your ability to integrate identity lifecycle management into Snowflake. You will explore SCIM configuration to automate user and group provisioning while maintaining high levels of control and auditability. Beyond identity processes, you dive into strategies that prevent data exfiltration through policy-driven controls.

The skills learned here enable you to automate and secure account and application-level access, reducing administrative effort while maintaining strong security baselines. Service accounts, API authentication, and governance-oriented settings reinforce your ability to proactively mitigate risks and preserve compliance.

Given a set of business requirements, establish access control architecture.

• Describe access control framework — Discretionary Access Control (DAC)
• Describe access control framework — Role-Based Access Control (RBAC)
• Describe the uses for, and hierarchy of, system-defined roles
• Use cases for custom security roles
• Demonstrate key concepts of access control
• Describe the implications of role inheritance when granting or revoking privileges
• Describe the enforcement model
• Demonstrate how to grant access to specific objects within a database that requires privilege inheritance

Summary: This section equips you to align business needs with Snowflake’s access control models. You will analyze frameworks such as DAC and RBAC and determine where each is best applied. By mastering the role hierarchy and inheritance model, your ability to establish an access structure that ensures both usability and compliance is strengthened.

Through this knowledge, you are able to design access strategies that protect sensitive data while ensuring valid business functions are supported. You learn to implement object-level access aligned with hierarchy models, enabling precise and scalable governance of privileges across large-scale Snowflake deployments.

Given a scenario, create and manage access control.

• List and use different privileges available for each object type in Snowflake
• Custom security roles and users (for example, include related SHOW commands)
• Audit user activity history and query activity history across a Snowflake account

Summary: This section takes role-based access control further into the realm of active management. You focus on matching privileges to Snowflake objects and applying them through custom roles and policies. Practical commands such as SHOW-based queries give visibility into current access models while supporting governance and auditing practices.

You also gain competence in auditing both user history and query activity, enhancing transparency and accountability. This ensures that real-world security considerations can be enforced and validated, tying operational practices back to compliance requirements.

Given a scenario, configure access controls.

• Use system-defined roles
• Create custom roles
• Use secondary roles
• Implement inheritance and nesting of system-defined roles
• Follow best practices for using and securing the ACCOUNTADMIN role
• Align usage of object access with business functions
• Describe cloned objects and their impact on granted privileges
• Designate additional Administrators in Snowflake
• View granted privileges TO users and roles, and ON objects
• Implement and manage future grants including restrictions and limitations
• Evaluate the various scenarios using warehouse grants (for example, USAGE, OPERATE, MODIFY, MONITOR)
• Implement and manage managed access schemas
• Provide access to a non-account Administrator to monitor billing and usage information
• Manage account-level permissions

Summary: This final security section ensures you build end-to-end expertise in configuring granular access within Snowflake. You will demonstrate mastery in customizing and securing Snowflake roles, aligning their functions with business objectives. By mastering best practices around ACCOUNTADMIN and other system roles, you create a secure governance model.

Operational confidence comes from applying grants to warehouses, schemas, and individual objects. You will know how to evaluate future grants, manage role inheritance, and configure managed schemas, all supporting flexible yet controlled environments. Cloned object permissions and account-level controls further strengthen your ability to maintain compliance and secure system usage.

Domain 2: Account Management and Data Governance (22% of the exam)

Manage organizations and accounts.

• Describe the benefits of an organization
• Describe organizational tasks — Create and name an organization
• Describe organizational tasks — Name various types of organization accounts
• Describe organizational tasks — Identify what regions are available for a given organization
• Understand account tasks — View, create, and list accounts
• Understand account tasks — Change account names
• Understand account tasks — Enable replication for accounts
• Manage Tri-Secret Secure
• Manage encryption keys in Snowflake — Describe how Snowflake encrypts customer data
• Manage encryption keys in Snowflake — Describe encryption key rotation and periodic rekeying configuration

Summary: Here you build the knowledge to effectively manage organizations and accounts within Snowflake. This includes creating, naming, and scaling accounts, while fully exploring region availability for deployments. You will also understand Tri-Secret Secure and key encryption rotations, boosting your overall security posture.

This section helps you align organizational hierarchy and account governance with data security expectations. By mastering these tasks, you are able to provide structure and encryption coverage, ensuring accounts are managed with reliability and security across diverse geographies.

Manage organizations and access control.

• Follow best practices when using the ORGADMIN role
• Compare the differences between ORGADMIN and ACCOUNTADMIN roles

Summary: This section focuses on governance at the organization versus account level, with roles being the centerpiece. You will clearly define responsibilities and best practices for ORGADMIN usage. Knowing role relevance at organization scale ensures efficiency and consistency.

This brings clarity to administrative layers, strengthening your decision-making for how tasks are allocated across ORGADMIN and ACCOUNTADMIN. It ensures that your administration model not only streamlines tasks but also distributes access responsibly.

Implement and manage data governance in Snowflake.

• Mask column data in Snowflake — Implement and manage column-level security using masking policies
• Mask column data in Snowflake — Use external tokenization to protect Personal Identifiable Information (PII) — Describe the differences between data masking and external tokenization
• Implement and manage row access policies — Configure a row access policy on an object
• Implement and manage row access policies — Compare row access policies to secure views
• Perform auditing of access history — Audit access history details using the access history views
• Use tagging and classification in Snowflake — Identify use cases where tagging would be beneficial
• Use tagging and classification in Snowflake — Implement and manage tagging
• Use tagging and classification in Snowflake — Implement tag-based masking policies
• Use tagging and classification in Snowflake — Implement data classification (EXTRACT_SEMANTIC_CATEGORIES, ASSOCIATE_SEMANTIC_CATEGORIES)

Summary: In this section, you gain strong capabilities in enforcing data governance through column masking, tokenization, and access policies. You'll learn to distinguish where row-level security applies compared to secure views, strengthening comprehension of data access strategies.

Governance expands with auditing, tagging, and classification capabilities that bolster data visibility, regulation, and sensitivity management. This equips you to confidently implement policies that meet compliance requirements while supporting business-driven metadata strategies.

Given a scenario, manage account identifiers.

• Describe the differences between account names and account locators
• Identify when a given account identifier needs to be used
• Use region IDs and region groups

Summary: This section equips you with the details around how accounts are mapped and identified. Understanding the distinction between account locators, names, and region groups ensures seamless configuration and troubleshooting in enterprise deployments.

It enhances your ability to apply identifiers to appropriate operations such as cross-region data interaction. With this expertise, you provide clarity when working in multi-account and cross-region scenarios.

Given a scenario, manage databases, tables, and views.

• Implement Snowflake table structures
• Establish and use temporary and transient tables
• Establish and use external tables
• Implement and manage views, secure views, and materialized views
• Outline table design considerations
• Outline the use cases when cloning is beneficial
• Outline data storage and data retention considerations

Summary: Your focus here is on creating and managing robust database architectures in Snowflake. You’ll explore options for temporary, transient, and external tables while evaluating storage and retention strategies. Views and materialized views further expand optimization techniques.

This equips you with capabilities to design resilient database solutions tailored to different analytic and compliance needs. By understanding design considerations and leveraging cloning, you enhance business agility and operational efficiency.

Perform queries in Snowflake.

• Use Snowflake sequences
• Use persisted query results
• Demonstrate the ability to cancel statements for both a single user as well as for other users
• Use query history filters including client-generated queries and queries executed by user tasks
• Visualize query results with Snowsight — Use Snowsight dashboards to monitor activity
• Visualize query results with Snowsight — Share worksheets and dashboards
• Visualize query results with Snowsight — Generate and share Snowsight charts

Summary: This part develops your ability to efficiently perform and manage queries. You will use sequences and persisted results to optimize queries while managing load and execution interruptions. History tracking ensures analysis capabilities across varied queries.

Visualization steps bring clarity to outputs, allowing you to create dashboards and charts in Snowsight for collaborative usage. Together, these empower business teams with both efficient queries and actionable visual data.

Given a scenario, stage data in Snowflake.

• Stage data files from a local file system — Use SnowSQL
• Stage data files from a local file system — Use Snowsight
• Create, manage, and maintain Snowflake internal and external stages — Data exfiltration, storage integrations, etc.

Summary: You now explore the staging of data from multiple environments into Snowflake. This section covers options such as SnowSQL, Snowsight, and the setup of internal and external stages in the system.

Understanding staging provides assurance when handling files at scale. You will establish workflows with storage integrations and controls that prevent exfiltration, securing the data ingestion process.

Given a scenario, manage streams and tasks.

• Outline user-managed (virtual-warehouse) tasks and associated use cases — Schedule tasks
• Outline user-managed (virtual-warehouse) tasks and associated use cases — Permissions required for creating and executing tasks
• Outline user-managed (virtual-warehouse) tasks and associated use cases — Troubleshoot task historical runs
• Outline Snowflake-managed (serverless) tasks and associated use cases
• Outline streams and associated use cases — Create, monitor, and consume streams
• Outline streams and associated use cases — Describe how data retention configuration affects usage of streams

Summary: This section focuses on task scheduling and stream management across Snowflake. You learn when to apply user-managed versus serverless tasks, accompanying permissions, and performance monitoring needs.

With streams, you establish mechanisms for monitoring and consuming changes, ensuring that you maintain efficiency in real-time usage needs. The outcome is mastery over stream-based data pipelines tied tightly to robust scheduling.

Domain 3: Performance Monitoring and Tuning (22% of the exam)

Given business requirements, design, manage, and maintain virtual warehouses.

• Outline the impact on data loading, and query processing based on warehouse sizes
• Configure warehouse properties (auto-suspend, auto-resume)
• Given a scenario, manage warehouse usage in sessions and size the warehouse accordingly
• Given a scenario, manage a multi-cluster warehouse — Describe use cases and benefits
• Given a scenario, manage a multi-cluster warehouse — Describe, establish, and maintain a scaling policy
• Given a scenario, manage a multi-cluster warehouse — Monitor multi-cluster warehouses

Summary: This section centers on warehouse design and management, giving you insight into how compute resources impact performance. You understand configuration settings, auto-suspend, and auto-resume features to optimize costs and efficiency.

By applying this knowledge, you will confidently scale warehouses with multi-cluster configurations. This ensures workloads are managed effectively across varying demands, complementing both performance and economic constraints.

Monitor Snowflake performance.

• Evaluate and interpret Query Profiles to improve performance — Describe the components of the Query Profile: Steps, Operator tree, Operator nodes, Operator types
• Evaluate and interpret Query Profiles to improve performance — Compare compile versus runtime optimizations
• Evaluate and interpret Query Profiles to improve performance — Identify/create efficient queries — Articulate the execution path, Use effective joining conditions, Perform grouping, sorting, and ordering
• Evaluate and interpret Query Profiles to improve performance — Troubleshoot common query performance issues
• Evaluate and interpret Query Profiles to improve performance — If data spilling is present, describe its impact and remediation tactics
• Evaluate and interpret Query Profiles to improve performance — If data pruning is not occurring, describe its impact and remediation tactics
• Evaluate and interpret Query Profiles to improve performance — Describe the various timeout parameters
• Use an explain plan
• Compare and contrast different caching techniques available in Snowflake and the impact of caching on performance — Resultset cache, Local disk (warehouse) cache, Metadata cache
• Implement performance improvements — Recommend the use of materialized views, Use the search optimization service, Create external tables, Use data caching, Use the query acceleration service

Summary: Monitoring performance is core to this section. You learn to use Query Profiles, Explain Plans, and caching mechanisms to analyze query behavior and deliver improvements. This unlocks insights into execution patterns and identifies best practices.

These practices establish a toolkit for systematic tuning of workloads. You will recommend materialized views, apply acceleration services, and diagnose performance blockers to keep workloads running smoothly and efficiently.

Manage DML locking and concurrency in Snowflake.

• Describe DML concurrency considerations
• Follow best practices for DML locking and concurrency
• Monitor transaction activity — Abort transactions

Summary: In this section, you master techniques for ensuring data manipulation language concurrency is preserved without conflict. You will handle transaction monitoring and cancellation scenarios.

By implementing best practices, workloads remain responsive and reliable. This prepares you to adapt operationally while maintaining high availability in multi-user environments.

Given a scenario, implement resource monitors.

• Create, manage, modify, and remove resource monitors based on use cases and business requirements — Set up notifications for resource monitors

Summary: Resource monitoring here becomes a proactive approach for workload management. You will establish thresholds and alerts for warehouses, ensuring proactive handling of consumption trends.

These monitor strategies ensure costs and performance remain predictable while empowering administrators to take control through alerts and interventions.

Interpret and make recommendations for data clustering.

• Configure and maintain cluster keys — Create and enable cluster keys — Outline a methodology for explicit clustering
• Configure and maintain cluster keys — Use the automatic clustering service — Monitor and assess usage
• Configure and maintain cluster keys — Follow best practices for clustering — Lowest cardinality column first, fewer columns is generally better, verify table scan issues
• Describe micro-partitions, their benefits, and their impact
• Retrieve clustering information (depth, ratio, and histogram)

Summary: This part adds expertise in clustering strategies and micro-partitions for performance optimization. You practice explicit clustering, automatic clustering, and evaluating scenarios where clustering attributes matter most.

With this foundation, you gain the ability to analyze tables with clustering ratios and optimize large query workloads more effectively.

Manage costs and pricing.

• Manage organization costs — Describe the differences between account_usage and organization_usage
• Manage organization costs — Monitor accounts and usage on the organization level — Use the ORGANIZATION_USAGE schema in the SNOWFLAKE shared database
• Manage organization costs — Monitor and calculate data transfer costs
• Manage organization costs — Monitor and calculate data replication costs
• Forecast and monitor costs and pricing — Enable resource monitor notifications
• Forecast and monitor costs and pricing — Determine when warehouses should be suspended or resumed based on cost and pricing
• Describe the use cases for the account_usage and information_schema — Views available from the information_schema, latency, and data retention considerations
• Monitor and calculate data storage usage/credit
• Monitor and calculate warehouse usage/credits — Demonstrate cost saving strategies and use resource monitors
• Describe how Snowflake credits are consumed by the cloud services layer (such as Snowpipe, materialized views, and automatic clustering)
• Apply techniques for cost optimization

Summary: This section ensures you know how to actively monitor and optimize costs across Snowflake usage. You gain clarity on account_usage and organization_usage schemas for effective monitoring.

The knowledge allows you to calculate, forecast, and optimize across dimensions such as data transfer, replication, and warehouse usage. You can confidently keep operations lean, while improving alignment with business goals.

Domain 4: Data Sharing, Data Exchange, and Snowflake Marketplace (12% of the exam)

Manage and implement data sharing.

• Given a scenario, implement sharing solutions and impacts — Types of sharing (such as one to one/one to many, private exchange, Snowflake Marketplace)
• Given a scenario, implement sharing solutions and impacts — Sharing among different editions of Snowflake
• Given a scenario, implement sharing solutions and impacts — Sharing cross-regions or cross-clouds — The role of replications, cross-cloud auto fulfillment for listings
• Given a scenario, implement sharing solutions and impacts — Configure data sharing programmatically — Share different types of data objects including secure functions
• Given a scenario, implement sharing solutions and impacts — Configure data sharing programmatically — Describe the role of context functions in data sharing
• Manage data providers and consumers — Create, manage, and maintain an outbound data share
• Manage data providers and consumers — Share objects securely in a data share (for example, what type to use)
• Manage data providers and consumers — Use secure objects to share data — Secure views, Secure User-defined Functions (UDFs)
• Manage data providers and consumers — Create, manage and maintain readers accounts — Create user and role for access, create resource monitors, create objects, determine if there is a need to store data (CREATE DATABASE)
• Manage data providers and consumers — Import, manage, and maintain inbound data shares

Summary: This section builds the foundation of secure data exchange between Snowflake accounts and beyond. You will apply best practices in understanding various data share types, programmatic options, and cross-region use cases.

By mastering secure objects such as views and UDFs while configuring readers and monitors, you establish frameworks to safely expand data access for partners, clients, and other stakeholders.

Use the Data Exchange.

• Manage administration and membership
• Access the Data Exchange
• Outline the process of becoming a data provider — Create, edit, or delete provider profiles
• Manage data listings — Publish, edit, unpublish, or republish data listings

Summary: Here you integrate your knowledge into the Snowflake Data Exchange ecosystem. You develop skills to manage membership, provider profiles, and data listing lifecycles with confidence.

These skills ensure you are well-prepared to guide your organization in becoming a reliable participant in the Snowflake data economy. You gain insights into managing visibility, trust, and data accessibility.

Use the Snowflake Marketplace.

• Access the Snowflake Marketplace to browse listings — Request access to a Snowflake Marketplace listing (as a consumer)
• Request that new data or a data provider be added to the Snowflake Marketplace — Create and manage data provider profiles
• Request that new data or a data provider be added to the Snowflake Marketplace — Create, submit, manage, and modify a data listing
• Manage listing requests — View and manage pending listing requests
• Manage data listings
• Monitor data sharing usage

Summary: This section showcases navigation and contribution to the Snowflake Marketplace. You will learn how to request, manage, and configure listings while supporting both provider and consumer perspectives.

The Marketplace provides immense potential for collaboration and innovation. By mastering listing management, request flows, and usage monitoring, you ensure your organization maximizes its value exchange.

Domain 5: Disaster Recovery, Backup, and Data Replication (12% of the exam)

Manage data replication.

• Describe the differences between primary and secondary databases
• Replicate database objects and account-level objects
• Manage access controls and perform database replication
• Enable scheduled replication
• Outline replication processes across editions
• Describe limitations and implications of database replications with special considerations such as automatic clustering, materialized views, external tables, policies, table streams, tasks, stages, access controls, historical usage data, tags, pipes, cloned objects
• Perform replication across multiple accounts
• Outline failover, failback, and connection redirection
• Design and implement disaster recovery and business continuity plans with awareness of costs
• Implement backup best practices in Snowflake

Summary: You gain advanced expertise in replication and disaster recovery. This ensures continuity across business functions by implementing primary-secondary database strategies and replication across accounts and regions.

You develop ability to recognize limitations and factors for replicated objects, while implementing best practices in failover scenarios. This makes you a reliable steward of Snowflake disaster recovery practices.

Given a scenario, manage Snowflake Time Travel and Fail-safe.

• Data retention periods
• Enable and/or disable
• Query historical data
• Restore dropped objects
• Snowflake edition implications

Summary: This concludes with Time Travel and Fail-safe as unique Snowflake capabilities. You will master retention practices, historical data queries, and restoration strategies to maintain availability.

Edition nuances add insight into advanced administrative considerations. These abilities enhance your overall administration confidence by securing access to historical and recovery capabilities.