When a consumer installs Metatate, the application creates a set of objects within their Snowflake account. This page documents every object created, its purpose, and the privileges required.
Application Roles
| Role | Purpose |
|---|
app_admin | Full administrative access to all application features |
app_user | Standard access for governance operations |
See Authentication & Authorization for the detailed permission matrix.
Schemas
| Schema | Purpose | Visibility |
|---|
app_data | Governance tables, tenant configuration, activity logging | Internal |
core | MCP tools, MCP server, utility functions | Consumer-accessible |
app_public | Versioned procedures, lifecycle callbacks, consumer-facing API | Consumer-accessible |
app_internal | Internal procedures and helpers | Admin only |
Compute Pools
| Compute Pool | Instance Type | Purpose |
|---|
| Pool 1 | CPU_X64_XS | Main application services (router, frontend, backend) |
| Pool 2 | CPU_X64_XS | Streamlit launcher |
Both pools use the smallest available instance type. The consumer can monitor pool utilization through standard Snowflake compute pool commands.
Services
| Service | Purpose |
|---|
| Main service | Core application (router, frontend, backend) |
| Streamlit service | Application launcher in Snowsight |
Streamlit Launcher
A Streamlit application (metatate_launcher) that serves as the entry point in Snowsight. It provides a launch button that opens the main application running on SPCS.
Tables
Tenant Configuration
| Table | Purpose |
|---|
app_data.tenant_config | Tenant-level settings (display preferences, feature flags) |
app_data.activity_log | User action audit trail |
Governance Tables (6 core)
| Table | Purpose |
|---|
app_data.governed_tables | Master index of all governed tables |
app_data.deployed_instructions | All materialized instructions |
app_data.deployed_column_details | Column classification and masking details |
app_data.deployed_usage_rules | Usage, AI, and retention rules |
app_data.deployed_data_meaning | Business context, lineage, compliance metadata |
app_data.deployed_validation_rules | Query validation rules |
Tracking Tables
| Table | Purpose |
|---|
app_data.governance_snapshots | Point-in-time governance state snapshots |
app_data.governance_decision_log | Authorization decision audit trail |
Core Schema Objects
| Object | Purpose |
|---|
core.discover_context | Browse governed tables and their metadata |
core.get_decision_context | Retrieve business context, lineage, compliance, and policy summary for a table |
core.inspect_data_meaning | Get column-level classification, masking, and semantic details |
core.authorize_use | Evaluate whether a proposed data use is allowed |
core.validate_query_context | Validate a SQL query against deployed governance rules |
core.explain_why | Retrieve the reasoning trace for a previous decision |
MCP Server
| Object | Purpose |
|---|
core.metatate_mcp | MCP server registered via v1.register_mcp_server(), exposes the 6 tools above to external AI agents |
Each MCP tool is configured with:
- Input schema (JSON Schema defining parameters)
- Warehouse reference (uses consumer's APP_WAREHOUSE)
- Function or procedure type
Stored Procedures
Consumer-Facing (app_public)
| Procedure | Purpose |
|---|
| Version registration | Lifecycle management for versioned installs |
| Reference callbacks | Handle consumer granting/revoking table and warehouse references |
| Configuration procedures | Tenant setup and settings management |
Privileges Requested
The application requests the following privileges during installation:
| Privilege | Purpose |
|---|
CREATE COMPUTE POOL | Create the two compute pools for running services |
CREATE WAREHOUSE | Not used — the app uses the consumer's warehouse via reference |
IMPORTED PRIVILEGES ON DATABASE SNOWFLAKE | Access to Cortex AI functions (optional, AI features only) |
BIND SERVICE ENDPOINT | Expose the application through SPCS ingress |
References Requested
| Reference | Type | Access | Purpose |
|---|
DATABASE_CATALOG | Multi-valued table | SELECT | Read table metadata for governance catalog |
APP_WAREHOUSE | Warehouse | USAGE | Execute queries and MCP tool operations |
The consumer controls exactly which tables are shared through DATABASE_CATALOG. The application can only read (SELECT) from those tables and cannot modify them.