Troubleshooting Snowflake connectivity

Why are some assets from a database or schema missing?

  • Check the grants on the role attached to the user defined for the crawler. Ensure the missing database or schema is present in these grants.
    SHOW GRANTS TO ROLE atlan_user_role;

Why are new tables or views missing?

  • Make sure the role attached to the user defined for the crawler has grants for future tables and views being created in the database:
    GRANT USAGE ON FUTURE SCHEMAS IN DATABASE "<database-name>" TO ROLE atlan_user_role;
    GRANT REFERENCES ON FUTURE TABLES IN DATABASE "<database-name>" TO ROLE atlan_user_role;
    GRANT REFERENCES ON FUTURE VIEWS IN DATABASE "<database-name>" TO ROLE atlan_user_role;
    GRANT REFERENCES ON FUTURE EXTERNAL TABLES IN DATABASE "<database-name>" TO ROLE atlan_user_role;
  • Make sure you run the below commands as well so that new tables and views you've created in-between are also visible to the user:
    GRANT USAGE ON ALL SCHEMAS IN DATABASE "<database-name>" TO role atlan_user_role; 
    GRANT REFERENCES ON ALL TABLES IN DATABASE "<database-name>" TO role atlan_user_role; 
    GRANT REFERENCES ON ALL EXTERNAL TABLES IN DATABASE "<database-name>" TO atlan_user_role;
    GRANT REFERENCES ON ALL VIEWS IN DATABASE "<database-name>" TO role atlan_user_role;

Why is some lineage missing?

  • The query miner only mines query history for up to the previous two weeks. The miner will not mine any queries that ran before that time window. If the queries that created your assets ran before that time window, lineage for those assets will not be present.
  • To mine more than the previous two weeks of query history, either use S3-based query mining or please raise a ticket. Do be aware that Snowflake itself only retains query history for so long as well, though. Once Snowflake itself no longer contains the query history we will be unable to mine it for lineage.

Missing attributes and lineage

  • When using the account usage extraction method, there are currently some limitations. We are working with Snowflake to find workarounds for crawling the following:
    • External table location data
    • Procedures
    • View definitions for materialized views, even when you are the owner of the materialized views
    • Primary key designation
  • Furthermore, only database-level filtering is currently possible.

What views does Atlan require access to for the account usage method?

When using the account usage method for fetching metadata, Atlan requires access to the following views in Snowflake:

  • For the crawler: DATABASES, SCHEMATA, TABLES, VIEWS, COLUMNS, and PIPES
  • For the miner and popularity metrics: QUERY_HISTORY, ACCESS_HISTORY, and SESSIONS

Why am I getting a destination URL mismatch error when authenticating via Okta SSO?

This error can occur when you're connecting to Snowflake through Okta SSO and enter the URL of your Snowflake instance in a format different from the one used in Okta.

Snowflake follows two URL formats:

  • Legacy format — <AccountLocator>.<Region>.snowflakecomputing.com or <AccountLocator>.<Region>.<cloud>.snowflakecomputing.com
  • New URL format — <Orgname>-<AccountName>.snowflakecomputing.com

Ensure that you're using the same Snowflake URL format in Snowflake and Okta. Refer to Snowflake documentation to learn more.

Why am I getting a 'name or service not known' error when connecting via private link?

If you're getting the following error messages — java.net.UnknownHostException and Name or service not known — this is a known error for users who have upgraded to the Snowflake JDBC driver version 3.13.25., have underscores in their account name, and connect to their Snowflake accounts over private link (for example, https://my_account.us-west-2.privatelink.snowflakecomputing.com).

If your Snowflake account name has an underscore — for example, my_account — the updated JDBC driver will automatically convert underscores to dashes or hyphens -. This does not affect normal URLs because Snowflake accepts URLs with both hyphens and underscores.

For private link users, however, the JDBC driver will return an error if there are underscores present in the account name and the connection will fail. To troubleshoot further, refer to Snowflake documentation.

Related articles

Was this article helpful?
1 out of 1 found this helpful