Snowflake connector aggregation problem

ajithkallur03 · March 12, 2024, 4:32am

Which IIQ version are you inquiring about?

Version 8.4

Share all details related to your problem, including any error messages you may have received.

Hello guys hope everyone is fine. We are getting invalid configuration error occurred during querying snowflake server in sailpoint iiq.
We are getting this during aggregation

We have given correct base url and key pair authentication. Test connection passed but facing error only during account and group aggregation

443 failed response
Can anyone suggest me what to do. Test connection passed but aggregation is getting failed for snowflake

703hardik · March 12, 2024, 4:59am

Hello @ajithkallur03,

Are you using any Aggregation rules?
This error is most probably because the system cannot properly iterate over the accounts

I suggest you to check your aggregation task & application definition (Rules tab)
Also check the account you are using is authorised to read data on snowflake.

Please attach the complete error you are getting on tomcat
Ensure you didn’t change any identity attribute as mentioned in this doc

ajithkallur03 · March 12, 2024, 7:28pm

This is the error

Exception during aggregation of Object Type Role on Application snowflake-test1. Reason: openconnector.InvalidConfigurationException: [ InvalidConfigurationException ] [ Possible suggestions ] An error occurred while querying the Snowflake server. Make sure the connection parameters are valid and correct. [ Error details ] org.apache.http.NoHttpResponseException:url:443 failed to respond

Do you think it is fire wall issue

703hardik · March 12, 2024, 8:08pm

I don’t think it is a firewall issue, because your test connection is successful. But still, if you want to test you can try deactivating the firewall for a while and test it out if it is your training environment.

I would still recommend checking the Account you are using for this connection does that account have all the required permissions to read data out of Snowflake?

ajithkallur03 · March 13, 2024, 6:01pm

ok tq for your reply. can u suggest me how to increase time out in account/group aggregation task

703hardik · March 13, 2024, 7:47pm

Sorry I don’t know how to do that but I found one snowflake doc
Which have steps to troubleshoot a similar issue in windows

ismaelmoreno1 · March 14, 2024, 10:05pm

Hi @ajithkallur03

Please, try to use Connectivity Diagnostic Tool (SnowCD) to check network connection to Snowflake.

In this case, you must try this tool in the following way:

./snowcd < json file > [flags]

where json file contains the list of urls of Snowflake storage and repository

Please refer to following url with for more information to execute this tool.: SnowCD (Connectivity Diagnostic Tool) | Snowflake Documentation

ismaelmoreno1 · March 14, 2024, 10:06pm

Additionally, you can check if permissions to aggregate accounts are properly granted

Account Aggregation Permissions (sailpoint.com)

ajithkallur03 · March 14, 2024, 10:45pm

Hello Ismael. Thank you for your reply. I will work with snowflake app team to check this.

However, I found one troubleshooting link for same error in IDN.

Troubleshooting (sailpoint.com)

Aggregation fails with exception error

Aggregation fails with one of the following exception errors:

org.apache.http.NoHttpResponseException: failed to respond
connector.sdk.webservices.exception.WebServicesSdkException: java.net.SocketException: Socket closed

Resolution: Add the following attribute using Rest API for updating a source in IdentityNow, and then run aggregation.

Key= conSnowflakeApiRetrySleepTimeSeconds Value= 60000 in ms, default: 30000 ms

Key=conSnowflakeApiRetryMaxAttempts Value=3, default: 3

Key=retryableErrors Value=[error messages]

I tried added these as entry key and values but still unsuccessful. Can you pls help me if you know the syntax on how to add these in application.xml

Thank you so much and appreciate ur help.

ismaelmoreno1 · March 17, 2024, 7:04pm

Hi @ajithkallur03

Please try with the following entries in your xml app

<entry key="conSnowflakeApiRetryMaxAttempts" value="3"/>
<entry key="conSnowflakeApiRetrySleepTimeSeconds" value="60000"/>
<entry key="authSearchAttributes">
        <value>
          <List>
            <String>443 failed to respond</String>
          </List>
        </value>
      </entry>

ajithkallur03 · March 18, 2024, 4:00pm

Thank you @ismaelmoreno1

Tried it but no luck.

I think somehow the connection is getting dropped. Every time groups scanned are around 1200. We have total of 9000 GROUPS

Any other way I am really struck here

ismaelmoreno1 · March 25, 2024, 5:14pm

Hi @ajithkallur03

Did you able to solve this issue?

According to Troubleshooting section, other solution is to set a timeout value in the connector

On the other side, please let me know if SnowCD tool was executed in you enviroment to check that there is not connection issues

chris_mort · April 27, 2024, 1:21am

Where you able to fix this? Shouldnt the third entry be “retryableErrors”?

ajithkallur03 · April 27, 2024, 2:01am

Thanks guys the issue is with ootb connector. Sailpoint support team shared efix and it worked

Topic		Replies	Views
Snowflake native connector group aggregation error ISC Discussion and Questions identity-security-cloud , identityiq	1	88	April 26, 2024
Account aggregation task is been getting failed IIQ Discussion and Questions webservice-connector , aggregation , identityiq	5	782	August 10, 2023
SnowFlake Provisioning error: Grant not executed: Insufficient privileges IIQ Discussion and Questions identity-security-cloud , identityiq , provisioning	3	130	March 13, 2024
SailPoint IdentityIQ custom USAccess Web Service Aggregation Error IdentityIQ (IIQ)	0	1308	April 27, 2022
JDBC Error in Account Aggregation when Merging IIQ Discussion and Questions aggregation	3	551	July 17, 2023

Snowflake connector aggregation problem

Which IIQ version are you inquiring about?

Share all details related to your problem, including any error messages you may have received.

Related Topics