Private Link Setup Checklist for Loome Integrate → Snowflake

Overview

The following steps will setup a private link from Loome Integrate to Snowflake.

Please note that a Private Link incurs additional Snowflake costs (endpoint + data processed).

Prerequisites

  • Confirm that the Snowflake account is Business Critical edition or higher
  • You will need your ‘Azure storage account resource ID’
  • You will need your ‘Azure storage account blob hostname’ (e.g., mystorageaccount.blob.core.windows.net)
  • Have ‘ACCOUNTADMIN’ role access in Snowflake
  • Have ‘Owner’ permissions on the Azure storage account

Please note for the following steps: - Replace all {placeholders} with the actual values. - Keep the storage integration name handy for Loome Integrate configuration. - Private Link incurs additional Snowflake costs (endpoint + data processed).

Step 1: Provision Private Endpoint in Snowflake

USE ROLE ACCOUNTADMIN;

SELECT SYSTEM$PROVISION_PRIVATELINK_ENDPOINT(
  '/subscriptions/{subscription-id}/resourceGroups/{resource-group}/providers/Microsoft.Storage/storageAccounts/{storage-account-name}',
  '{storage-account-name}.blob.core.windows.net',
  'blob'
);
  • Execute the above function replacing fields with your Azure resource details.
  • Save the output for reference.

Step 2: Approve Private Endpoint in Azure Portal

  • Navigate to the ‘Azure Portal’ → ‘Storage Account’ → ‘Networking’ → ‘Private endpoint connections’.
  • Locate the pending connection from Snowflake.
  • Click and approve the private endpoint connection.

Step 3: Verify Approval Status in Snowflake

SELECT SYSTEM$GET_PRIVATELINK_ENDPOINTS_INFO();
  • Execute the above function.
  • Confirm output shows ‘“status”: “APPROVED”’ for your endpoint.
  • Do not proceed until status is ‘APPROVED’.

Do not proceed to step 4 until you have confirmed that the output shows ‘“status”: “APPROVED”’ for your endpoint.

Step 4: Create Storage Integration in Snowflake

CREATE OR REPLACE STORAGE INTEGRATION loome_integrate_storage_int
  TYPE = EXTERNAL_STAGE
  STORAGE_PROVIDER = AZURE
  AZURE_TENANT_ID = '{your-azure-tenant-id}'
  STORAGE_ALLOWED_LOCATIONS = ('azure://{storage-account-name}.blob.core.windows.net/{container-name}/')
  USE_PRIVATELINK_ENDPOINT = TRUE
  ENABLED = TRUE;
  • Update the above SQL script with your specific values.
  • Execute the script to create the integration.
  • Record the integration name (e.g., loome_integrate_storage_int).

Please keep the storage integration name handy for the Loome Integrate configuration used in step 5 and step 6.

Step 5: Grant Snowflake Access to Azure Storage

DESC STORAGE INTEGRATION loome_integrate_storage_int;
  • Execute the above command and note the AZURE_CONSENT_URL and AZURE_MULTI_TENANT_APP_NAME.
  • Navigate to the consent URL in a browser.
  • Sign in as Azure admin and grant permissions.
  • In Azure Portal, assign “Storage Blob Data Contributor” role to the Snowflake service principal on your storage account/container.

Step 6: Update Loome Integrate Connection String

  • Open Loome Integrate.
  • Navigate to the connections page.
  • Edit the Snowflake connection.
  • Add to the connection string: AzureStorageIntegration=loome_integrate_storage_int.
  • Save and test the connection.

Verification

  • Run a test data migration in Loome Integrate.
  • Confirm that data loads successfully via the private link you just created.
  • Monitor for any connectivity issues.