diff --git a/metadata-ingestion/src/datahub/ingestion/source_config/sql/snowflake.py b/metadata-ingestion/src/datahub/ingestion/source_config/sql/snowflake.py
index ba3aa50b62e74..bd2c8eb6eb8e0 100644
--- a/metadata-ingestion/src/datahub/ingestion/source_config/sql/snowflake.py
+++ b/metadata-ingestion/src/datahub/ingestion/source_config/sql/snowflake.py
@@ -179,6 +179,14 @@ def authenticator_type_is_valid(cls, v, values, field):
                 f"unsupported authenticator type '{v}' was provided,"
                 f" use one of {list(VALID_AUTH_TYPES.keys())}"
             )
+        if (
+            values.get("private_key") is not None
+            or values.get("private_key_path") is not None
+        ) and v != "KEY_PAIR_AUTHENTICATOR":
+            raise ValueError(
+                f"Either `private_key` and `private_key_path` is set but `authentication_type` is {v}. "
+                f"Should be set to 'KEY_PAIR_AUTHENTICATOR' when using key pair authentication"
+            )
         if v == "KEY_PAIR_AUTHENTICATOR":
             # If we are using key pair auth, we need the private key path and password to be set
             if (
diff --git a/metadata-ingestion/tests/unit/test_snowflake_source.py b/metadata-ingestion/tests/unit/test_snowflake_source.py
index 94720faa8d0b8..630768c80dfea 100644
--- a/metadata-ingestion/tests/unit/test_snowflake_source.py
+++ b/metadata-ingestion/tests/unit/test_snowflake_source.py
@@ -238,6 +238,16 @@ def test_snowflake_config_with_no_connect_args_returns_base_connect_args():
     }
 
 
+def test_private_key_set_but_auth_not_changed():
+    with pytest.raises(ValidationError):
+        SnowflakeV2Config.parse_obj(
+            {
+                "account_id": "acctname",
+                "private_key_path": "/a/random/path",
+            }
+        )
+
+
 def test_snowflake_config_with_connect_args_overrides_base_connect_args():
     config: SnowflakeV2Config = SnowflakeV2Config.parse_obj(
         {