Snowflake
Integrate through Secure Data Sharing
Introduction
Snowflake allows you to share a databases, schemas, tables and views with Kubit through a Secure Data Share. Because Snowflake's architecture separates computing from storage, Kubit will cover the cost of all queries and the added workloads won't impact your SLA.
Steps
- Create the view: or select which databases, tables and/or schema
- Create a share: give it a name
- Grant permissions: grant usage permissions
- Share it with Kubit's Snowflake account depending on your Snowflake region (please confirm with Kubit support first)
Region | Cloud Vendor | Account name |
---|---|---|
US West 2 | AWS | NK15162 |
US East 1 | AWS | KUBIT |
US East 2 | AWS | SL59270 |
EU West 1 | AWS | TJ95313 |
EU West 4 | GCP | KU21135 |
Note that both the provider and consumer accounts of the Secure Data Share need to be on the same cloud infrastructure and in the same region. In case your Snowflake is elsewhere we can provision a new matching account in a matter of hours. Here is an example script (sharing to nk15162 on US West Coast):
use role accountadmin;
create share <data_share>;
grant usage on database <DB> to share <data_share>;
grant usage on schema <SCHEMA> to share <data_share>;
grant select on all tables in schema <SCHEMA> to share <data_share>;
grant select on view <VIEW> to share <data_share>;
alter share data share set accounts = nk15162;
resource "snowflake_share" "kubit" {
name = "kubit_share"
comment = "Shared with Kubit"
accounts = ["KUBIT.nk15162"]
}
Snowflake also offers a web interface to review and manage data shares. For details on this topic, please review Snowflake’s documentation here. Please also note, the following cases which require additional configuration. Here is how to:
Query Performance
It is strongly recommended to use the proper Clustering Keys in your database tables to improve query performance. Typically at least the event date column and event name should be part of the clustering key since they are part of the filters in most queries.
Benefits
With Secure Data Share, no actual data is copied or transferred between accounts. All sharing is accomplished through Snowflake’s unique services layer and metadata store. This is an important concept because it means that shared data does not take up any extra storage for either the Provider or Consumer. Since the same underlying data is being shared, the data is guaranteed to be live and without delay.
More importantly, the computing environment is completely separated. The Consumer (Kubit) must create and use their own Virtual Data Warehouse and pay for it themselves. There is absolutely no impact on the Provider’s cost, performance or SLA for their Snowflake services.
Additionally, using Snowflake’s built-in roles and permissions capabilities, access to data share can be controlled and governed using the access controls already in place for your Snowflake account and the data therein. Access can be restricted and monitored the same exact way as your own data.
Snowflake Secure Data Share allows your data engineers to share a database, schema, table or view to Kubit with read-only permission and real-time live data. A view can be used to join multiple tables across different databases and add constraints to expose which columns. You are the Provider while Kubit is the Consumer of the share.
Updated 1 day ago