AWS PrivateLink creates a secure, private connection between services running in AWS. This document describes the steps to set this up between Snowflake and Atlan, when you use our Single Tenant SaaS deployment.
π€ Who can do this? You will need Snowflake Support, and probably your Snowflake administrator involved β you may not have access or the tools to run these tasks.
Prerequisites
- Snowflake must be setup with Business Critical Edition (or higher).
- Open a ticket with Snowflake Support to enable PrivateLink for your Snowflake account.
- Snowflake support will take 1-2 days to review and enable PrivateLink.
(For all details, see the Snowflake documentation.)
Fetch PrivateLink information
Log in to snowCLI using the ACCOUNTADMIN account, and run the following commands:
use role accountadmin;
select system$get_privatelink_config();This will produce output like the following (formatted here for readability):
{
"privatelink-account-name":"abc123.ap-south-1.privatelink",
"privatelink-vpce-id":"com.amazonaws.vpce.ap-south-1.vpce-svc-257a4d536bd8e3594",
"privatelink-account-url":"abc123.ap-south-1.privatelink.snowflakecomputing.com",
"regionless-privatelink-account-url":"xyz789-abc123.privatelink.snowflakecomputing.com",
"privatelink_ocsp-url":"ocsp.abc123.ap-south-1.privatelink.snowflakecomputing.com",
"privatelink-connection-urls":"[]"
}Share details with Atlan support team
Share the following values with the Atlan support team:
privatelink-account-nameprivatelink-vpce-idprivatelink-account-urlprivatelink_ocsp-url
Atlan Support will finish the configuration on the Atlan side using these values. Support will then provide the Snowflake PrivateLink endpoint back to you.
When you use this endpoint in the configuration for crawling and mining, Atlan will connect to Snowflake over the PrivateLink.
