Snowflake Reliability

Connecting Snowflake to ADOC helps you monitor your data infrastructure for performance and reliability. Once connected, ADOC can:

  • Monitor the health of your Snowflake schemas and datasets
  • Track data quality and freshness across tables
  • Generate alerts and diagnostics when reliability issues arise

Prerequisites

Before connecting Snowflake to ADOC, you need to set up Snowflake so ADOC can securely monitor your data for quality, performance, and cost. This setup ensures the right users and roles exist, and that they have the permissions needed to access only what’s necessary.

Note All steps in this section must be executed from the Snowflake Web UI or a SQL editor (like SnowSQL or a Snowflake IDE) using an account with ACCOUNTADMIN privileges.

Users and Roles Overview

Before we start, here’s a quick overview of the users and roles that will be created:

Role/UserPurpose
AD_DATA_RELIABILITY_ROLERead-only role for monitoring your business data
adoc_userAuthenticates into ADOC to analyze schema, freshness, and data quality

ADOC needs access to your actual data — not to change it, but to analyze it for things like freshness, schema drift, and data quality. This part sets up a read-only role and user that ADOC uses to scan your data safely.

Who Should Perform These Steps?

  • Snowflake Admins: Set up users, roles, and grants
  • Cloud/Network Admins: Configure PrivateLink and DNS
  • Data Owners: Choose databases and tables to monitor
  • ADOC Users: Complete setup in the ADOC UI
SQL
Copy

  1. Create a Custom Role

This role limits access to just what's needed for monitoring. Using a separate role improves security and auditing.

  1. Allow Warehouse Usage

ADOC runs lightweight queries to check data freshness, row counts, and run profiling jobs. It needs a Snowflake warehouse to do this.

  1. Grant Access to Your Data

ADOC does not write to your tables — it only needs SELECT access to:

  • Profile column statistics
  • Validate data quality rules
  • Detect schema drift
  • Repeat these grants for each database and schema you want ADOC to observe.

Note ADOC uses read-only access and only queries metadata or data you explicitly grant. It never modifies or deletes data and adheres to Snowflake’s least-privilege access model.

  1. Create and Configure a Monitoring User

This user is used by ADOC to authenticate and run observability jobs. The user only inherits the read-only permissions from the role you just created.

Add Snowflake as a Data Source

Step 1: Start Setup

  1. In the ADOC UI, click Register from the left menu.

  2. Click Add Data Source.

  3. Select Snowflake.

  4. On the Basic Details page:

    1. Enter a name for this data source.
    2. (Optional) Add a description.
    3. Choose your Data Plane or click Setup Data Plane to create one.
    4. You must enable at least one or both of the following to continue:
      • Compute Observability
      • Data Reliability Monitoring

  5. Click Next.

Step 2: Add Connection Details

  1. Enter the Snowflake URL (e.g., https://<account>.snowflakecomputing.com)

  2. Provide the following Snowflake credentials:

    1. Username
    2. Password
    3. Role (e.g., AD_COMPUTE_MONITOR)

  3. Select your Data Plane Engine:

    • Spark (for external compute)
    • Pushdown (for in-Snowflake processing)

Note Pushdown is more cost-effective, while Spark provides more control over compute.

  1. (Optional) Enable OAuth: If using OAuth, toggle Enable OAuth and provide:

    1. Authorization Endpoint
    2. Token Endpoint
    3. Client ID / Client Secret
    4. (Optional) Enable PKCE

  2. (Optional for Pushdown): Configure Global Storage. If Pushdown is selected, you can optionally toggle Configure Global Storage in Snowflake and enter:

    1. Stage Name
    2. Stage File Format (e.g., PARQUET, CSV)

  3. Click Test Connection. If the connection is successful, you'll see a “Connected” message. If not, check the credentials and try again.

  4. Click Next.

Optimizing Data Partitioning

To tune performance for large datasets, you can adjust Snowflake's default parallelism using this environment variable in your ADOC Data Plane configuration:

Bash
Copy
FieldDescription
Default Snowflake Partition100 MB
ADOC Default2000 MB
Use CaseLower the value to increase parallelism for large datasets

Note Smaller partitions = higher concurrency = faster data processing

You can connect Snowflake to ADOC securely over AWS PrivateLink for improved network isolation.

Prerequisites:

  • AWS account with necessary permissions
  • VPC in us-west-2
  • Snowflake account ready

Why Use PrivateLink?

AWS PrivateLink allows your Snowflake data to connect with ADOC services over a secure, private network path—without traversing the public internet. This enhances data security, reduces latency, and improves performance.

Share your AWS account ID with the Acceldata support team. Acceldata will use this ID to authorize your account for PrivateLink connectivity.

Note This is a one-time setup per AWS account.

Step 2: Create VPC Endpoints

In the AWS Management Console:

  1. Navigate to VPC.
  2. In the navigation pane, choose Endpoints.
  3. Select Create Endpoint.
  4. Create the following two endpoints:
Service NameEndpoint
ADOC Control Planecom.amazonaws.vpce.us-west-2.vpce-svc-091c001843d33bbaa
Secure Relaycom.amazonaws.vpce.us-west-2.vpce-svc-02830f09899d40f01

Note Make sure the VPC region is set to us-west-2.

Step 3: Configure DNS Using Route 53

In Amazon Route 53:

  1. Navigate to the Hosted Zones section for your domain.
  2. Add the following A records:
Record NameTypeValue
<tenant>.acceldata.appAIP address of the ADOC Control Plane VPC endpoint. Replace <tenant> with your tenant subdomain.
dataplane.acceldata.appAIP address of the Secure Relay VPC endpoint. Use the IP address assigned to each endpoint in your VPC.

Note These DNS records ensure your traffic is routed directly to the ADOC services via PrivateLink. You’ll need to replace the placeholder values with your actual VPC endpoint IPs.

Security Tip Use least-privileged IAM roles when creating and attaching these endpoints.

Troubleshooting

IssuePossible CauseResolution
Stage creation failsRole doesn’t have ownership privilegesLog in as ACCOUNTADMIN, check the monitoring database, run SHOW STAGES, and use GRANT OWNERSHIP to fix role access
OAuth failsUser role/namespace not setEnsure the Snowflake user does not have ACCOUNTADMIN role; re-authenticate via ADOC
Connection test failsInvalid credentials, missing grants, or wrong roleDouble-check Snowflake URL, credentials, warehouse, and role permissions

What’s Next

After you’ve connected Snowflake:

  • Visit the Reliability tab to see data quality scores and crawler stats
  • Schedule profiling jobs and schema checks
  • Get real-time alerts for query spikes, delays, or data freshness issues
  • Explore Pipelines to analyze data movement and transformation patterns
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Databricks Compute

For additional help, contact www.acceldata.force.com OR call our service desk +1 844 9433282

Copyright © 2025

On This Page
Snowflake ReliabilityPrerequisitesUsers and Roles OverviewCreate a Custom RoleAllow Warehouse UsageGrant Access to Your DataCreate and Configure a Monitoring UserAdd Snowflake as a Data SourceStep 1: Start SetupStep 2: Add Connection DetailsOptimizing Data PartitioningSetting Up PrivateLink (Optional)Step 1: Authorize PrivateLink AccessStep 2: Create VPC EndpointsStep 3: Configure DNS Using Route 53TroubleshootingWhat’s Next