PrivateLink connectivity for Snowflake (Direct Connect) Data Pipeline overview
Learn about how PrivateLink connectivity provides a private network path between your Reltio tenant and your Snowflake account for the Snowflake (Direct Connect) Data Pipeline.
PrivateLink connectivity for the Snowflake (Direct Connect) Data Pipeline establishes a private network path between your Reltio tenant and your Snowflake account, which removes data flow over the public internet.
By default, the Snowflake (Direct Connect) Data Pipeline connects to your Snowflake account over a JDBC connection, and Snowflake encrypts data in transit using TLS 1.2 or higher. PrivateLink is not required to encrypt data in transit. PrivateLink provides additional network-level isolation that some customers require for compliance or network policy reasons. For more information, see Understanding end-to-end encryption in Snowflake.
Use these configuration steps, only if you require private connectivity between a Reltio tenant on AWS and a Snowflake account on AWS.
Requirements for setting up PrivateLink connectivity
PrivateLink connectivity between your Reltio tenant and your Snowflake account is supported only under the conditions described in the following requirements.
| Requirement | Details |
|---|---|
| Cloud provider | Your Reltio tenant and your Snowflake account are both hosted on AWS. PrivateLink does not support deployments where either Reltio or Snowflake is hosted on Azure or Google Cloud Platform. |
| Snowflake edition requirement | Your Snowflake account runs on Snowflake Business Critical Edition (BCE) or a higher edition. |
| Region consistency | Your Reltio tenant and your Snowflake account can reside in different AWS regions. PrivateLink supports cross-region connectivity on AWS. |
See PrivateLink connectivity support matrix for Snowflake (Direct Connect) to check whether your Reltio and Snowflake deployment supports PrivateLink.
Any requirement not explicitly listed above and as part of the support matrix is not supported.
Supported scenarios
PrivateLink supports three deployment scenarios. The scenario that applies to your deployment depends on your Reltio edition and the number of Snowflake accounts you operate.
The following table summarizes the three scenarios, the conditions under which each scenario applies, and the topic that describes the setup.
| Scenario | Reltio edition | Snowflake configuration | Setup topic |
|---|---|---|---|
| Scenario 1 | Reltio standard edition | A single Snowflake Business Critical Edition account | Scenario 1: Set up PrivateLink and configure the Snowflake (Direct Connect) Data Pipeline for Reltio standard edition |
| Scenario 2 | Reltio Business Critical Edition (BCE) | A single Snowflake Business Critical Edition account, either without a backup account or with a read-only backup account | Scenario 2: Set up PrivateLink and configure the Snowflake (Direct Connect) Data Pipeline for Reltio BCE with a single Snowflake account having a read-only backup account |
| Scenario 3 | Reltio Business Critical Edition (BCE) | A Snowflake Business Critical Edition account with a read-write Snowflake backup account | Scenario 3: Set up PrivateLink and configure the Snowflake (Direct Connect) Data Pipeline for Reltio BCE with a Snowflake account having a read-write backup account |
Activities and responsibilities
PrivateLink onboarding involves coordinated activities between you and the Reltio team. Some activities are completed by you in your Snowflake account, and others are performed by Reltio.
The following table summarizes the activities required during PrivateLink onboarding and ongoing operation. For setup steps specific to your scenario, see the linked setup topic in the Supported scenarios.
| Activity | Customer | Reltio |
|---|---|---|
| Open a Reltio support ticket to request PrivateLink setup | ✅ | - |
| Share the AWS account IDs of the Reltio environments | - | ✅ |
| Open a Snowflake support ticket to enable PrivateLink for the Reltio AWS account IDs | ✅ | - |
Run SYSTEM$GET_PRIVATELINK_CONFIG() in the Snowflake account and share the output with Reltio | ✅ | - |
| Establish PrivateLink connectivity between Reltio and Snowflake | - | ✅ |
| Configure the Snowflake (Direct Connect) Data Pipeline | ✅ | - |
| Validate connectivity and trigger the initial data sync | ✅ | - |
| Respond to disasters as described in Disaster recovery for the Snowflake (Direct Connect) Data Pipeline | ✅(Snowflake outage only) | ✅(Reltio outage) |
Disaster recovery
Disaster recovery responsibilities for the Snowflake (Direct Connect) Data Pipeline depend on the type of outage. For Reltio outages, Reltio manages the switchover to the backup environment automatically and no customer action is required. For Snowflake outages, you activate the secondary Snowflake account and switch the active data pipeline.
For the full recovery procedure, see Disaster recovery for the Snowflake (Direct Connect) Data Pipeline.