Can Panther employees access my Panther instance's data and infrastructure if I own the AWS and Snowflake accounts where Panther is deployed (i.e., I have a Cloud Connected Panther instance)?
Yes, Panther employees can and may access the Snowflake and AWS accounts where Cloud Connected Panther data and infrastructure is hosted for regular maintenance and when there are problems with your account.
In most cases, Panther will use the following roles:
Snowflake: PANTHER_READONLY or pantheraccountadmin
AWS: PantherOperationsRole-<region of the deployment> or PantherDataAccessRole-<region of the deployment>
All actions taken by Panther employees in AWS and Snowflake are logged in CloudTrail and Snowflake, respectively.