Merge pull request #422 from cagov/365_update_dbt_docs

added Snowflake OAuth instructions and fixed many case, spelling, and grammars errors

Author: ian-r-rose

docs/code/local-setup.md

@@ -48,7 +48,7 @@ We use [Terraform](https://www.terraform.io/) to manage infrastructure.
 Dependencies for Terraform (mostly in the [go ecosystem](https://go.dev/))
 can be installed via a number of different package managers.
 
-If you are running Mac OS, you can install you can install these dependencies with [Homebrew](https://brew.sh/).
+If you are running Mac OS, you can install these dependencies with [Homebrew](https://brew.sh/).
 First, install Homebrew
 
 ```bash
@@ -89,7 +89,7 @@ export SNOWFLAKE_WAREHOUSE=TRANSFORMING_XS_DEV
 export SNOWFLAKE_AUTHENTICATOR=ExternalBrowser
 ```
 
-This will enable you to perform transforming activities which is needed for dbt.
+This will enable you to perform transforming activities which are needed for dbt.
 Open a new terminal and verify that the environment variables are set.
 
 **Switch to Loader role**
@@ -104,7 +104,7 @@ export SNOWFLAKE_WAREHOUSE=LOADING_XS_DEV
 export SNOWFLAKE_AUTHENTICATOR=ExternalBrowser
 ```
 
-This will enable you to perform loading activities and is needed to which is needed for Airflow or Fivetran.
+This will enable you to perform loading activities which are needed for Airflow or Fivetran.
 Again, open a new terminal and verify that the environment variables are set.
 
 ## Configure AWS (optional)

docs/dbt/dbt-performance.md

@@ -131,15 +131,15 @@ There are six primary functional roles:
 
 ## Reporting and analysis
 
-The most prominent consumer of the data products from this project are PowerBI and Tableau dashboards and the CalInnovate team.
+The most prominent consumers of the data products from this project are PowerBI and Tableau dashboards and the CalInnovate team.
 
 ## Custom schema names
 
 dbt's default method for generating [custom schema names](https://docs.getdbt.com/docs/build/custom-schemas)
 works well for a single-database setup:
 
 * It allows development work to occur in a separate schema from production models.
-* It allows analytics engineers to develop side-by-side without stepping on each others toes.
+* It allows analytics engineers to develop side-by-side without stepping on each other's toes.
 
 A downside of the default is that production models all get a prefix,
 which may not be an ideal naming convention for end-users.
@@ -169,7 +169,7 @@ So your data access looks like the following:
 
 ![developer](../images/developer.png)
 
-Now let's consider the nigthly production build. This service account builds the production models
+Now let's consider the nightly production build. This service account builds the production models
 in `TRANSFORM_PRD` and `ANALYTICS_PRD` based on the raw data in `RAW_PRD`.
 The development environment effectively doesn't exist to this account, and data access looks like the following:
 

docs/infra/architecture.md

@@ -1,4 +1,4 @@
-# Cloud Infrastructure
+# Cloud infrastructure
 
 The DSE team [uses Terraform](../code/terraform-local-setup.md) to manage cloud infrastructure.
 Our stack includes:

docs/infra/cloud-infrastructure.md

@@ -82,15 +82,15 @@ X-Large: Powerful for demanding workloads and data-intensive operations.
 3X-Large: Triple the capacity of X-Large.
 4X-Large: Quadruple the capacity of X-Large.
 
-1. **`LOADING_{size}_{env}`**: These warehouse is for loading data to `RAW`.
+1. **`LOADING_{size}_{env}`**: This warehouse is for loading data to `RAW`.
 1. **`TRANSFORMING_{size}_{env}`**: This warehouse is for transforming data in `TRANSFORM` and `ANALYTICS`.
 1. **`REPORTING_{size}_{env}`**: This warehouse is the role for BI tools and other end-users of the data.
 
 ### Four roles
 
 There are four primary functional roles:
 
-1. **`LOADER_{env}`**: This role is for tooling like Fivetran or Airflow to load raw data in to the `RAW` database.
+1. **`LOADER_{env}`**: This role is for tooling like Fivetran or Airflow to load raw data into the `RAW` database.
 1. **`TRANSFORMER_{env}`**: This is the analytics engineer/dbt role, for transforming raw data into something analysis-ready. It has read/write/control access to both `TRANSFORM` and `ANALYTICS`, and read access to `RAW`.
 1. **`REPORTER_{env}`**: This role read access to `ANALYTICS`, and is intended for BI tools and other end-users of the data.
 1. **`READER_{env}`**: This role has read access to all three databases, and is intended for CI service accounts to generate documentation.

docs/infra/snowflake.md

@@ -1,4 +1,4 @@
-# Cloud Data Warehouses
+# Cloud data warehouses
 
 ## What is a cloud data warehouse?
 

docs/learning/cloud-data-warehouses.md

@@ -1,4 +1,4 @@
-# Git and GitHub
+# git and GitHub
 
 ## What are git and GitHub?
 
@@ -42,7 +42,7 @@ for learning to use its various features, including:
 * [How to review pull requests](https://github.com/skills/review-pull-requests)
 * [How to automate tasks and use CI/CD with GitHub actions](https://github.com/skills/hello-github-actions)
 
-## Git+GitHub at CalData
+## git and GitHub at CalData
 
 On the CalData Data Services and Engineering team we make heavy use of git and GitHub for our projects,
 and have our own set of [guidelines and best practices](../code/code-review.md) for code review.

docs/learning/git.md

@@ -1,4 +1,4 @@
-# Modern Data Stack Glossary
+# Modern data stack glossary
 
 This glossary is a reference for commonly used acronyms, terms, and tools associated with the modern data stack and data and analytics engineering practices.
 

docs/learning/glossary.md

@@ -1,8 +1,8 @@
-# Naming Conventions
+# Naming conventions
 
 This page documents the Data Services and Engineering (DSE) team's naming conventions for cloud resources.
 
-## General Approach
+## General approach
 
 Our approach is adapted from [this blog post](https://stepan.wtf/cloud-naming-convention/).
 The goals of establishing a naming convention are:

docs/learning/naming-conventions.md

@@ -1,9 +1,9 @@
-# Security Guidelines
+# Security guidelines
 
 This document describes security conventions for CalData's Data Services and Engineering team,
 especially as it relates to cloud and SaaS services.
 
-## Cloud Security and IAM
+## Cloud security and IAM
 
 The major public clouds (AWS, GCP, Azure) all have a service for Identity and Access Management (IAM).
 This allows us to manage which users or services are able to perform actions on which resources.
@@ -17,7 +17,7 @@ In general, IAM is described by:
 
 Most of the work of IAM is managing users, permissions, groups, policies, and roles to perform tasks in a secure way.
 
-### Principle of Least-Privilege
+### Principle of least-privilege
 
 In general, users and roles should be assigned permissions according to the
 [Principle of Least Privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege),
@@ -48,11 +48,11 @@ Some good practices around the use of service accounts
   and being able to edit or decommission accounts separately from each other is a good idea.
 * Regularly rotate access keys for long-term service accounts.
 
-### Production and Development Environments
+### Production and development environments
 
 Production environments should be treated with greater care than development ones.
 In the testing and developing of a service, roles and policies are often crafted
-which do not follow the principal of least privilege (i.e., they have too many permissions).
+which do not follow the principle of least privilege (i.e., they have too many permissions).
 
 When productionizing a service or application, make sure to review the relevant
 roles and service accounts to ensure they only have the necessary policies,
@@ -72,7 +72,7 @@ GCS buckets in a project, when their application only requires access to one.
 AWS has a nice [user guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html)
 for how to work with IAM, including some [best-practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html).
 
-## Third-party SaaS Integrations
+## Third-party SaaS integrations
 
 Often a third-party software-as-a-service (SaaS) provider will require service accounts
 to access resources within a cloud account.
@@ -116,6 +116,6 @@ The DSE team both manages CalData projects and onboards clients into Fivetran, a
 Security policies for Snowflake can be found
 [here](../infra/snowflake.md#security-policies).
 
-## Security Review Standard Practices
+## Security review standard practices
 
 (TODO, possibly pulling from [Agile Application Security](https://www.amazon.com/Agile-Application-Security-Enabling-Continuous/dp/1491938846/ref=cm_cr_arp_d_product_top))