Snowflake Announces Support for AWS PrivateLink

The cloud-built data warehouse is now even more secure for protecting enterprise data, while providing all the benefits of cloud computing and cloud analytics.

SAN MATEO, Calif. – Nov 28, 2017 Snowflake Computing, the data warehouse built for the cloud, today announced its support for AWS PrivateLink – a new capability for SaaS offerings running on Amazon Web Services (AWS). AWS PrivateLink allows any Snowflake customer to connect to their Snowflake instance without traversing the Internet. This is yet another opportunity for AWS customers and Snowflake customers to derive insight from their data in a secure environment.

Security remains the top concern for enterprises considering a move to the cloud. Moreover, industries such as healthcare and financial services must adhere to significant regulatory requirements when it comes to protecting their data. But these enterprises have long exceeded the capacity of their costly and often poor-performing, on-premises solutions. They now require the benefits of cloud analytics protected by security measures superior to what is possible with on-premises solutions, which continue to be the targets of hackers.

A key technical issue and security concern for many customers is how to send data from their private subnet to Snowflake, without allowing such systems unrestricted outbound access to the Internet and without violating security compliance requirements. Many Snowflake customers need to enforce restrictive firewall rules on outbound traffic. Others have restrictive policies about their resources accessing the Internet. With AWS PrivateLink, Snowflake customers can now connect to Snowflake from their Amazon Virtual Private Cloud (VPC) and avoid the need to traverse the Internet.

With AWS PrivateLink, Snowflake customers are in control of how traffic reaches the Snowflake application endpoint for their account, since that endpoint is on the customer’s VPC. AWS PrivateLink can also eliminate the need to have proxies setup between Snowflake and a customer’s network as a stand-in solution for outbound control. Snowflake customers concerned about their network and security can benefit from AWS PrivateLink.

“We’re pleased that Snowflake offers support for AWS PrivateLink,” AWS Director of Software Development, David Brown said. “With AWS PrivateLink, Snowflake customers’ traffic remains in AWS’s secure network, thus significantly reducing exposure to common security threats. Snowflake builds on this capability by allowing companies to securely transmit data between a customer’s virtual private network and Snowflake’s data warehouse without accessing the Internet, making inter-network connectivity secure and easier to manage.”

Snowflake CEO, Bob Muglia said: “AWS PrivateLink is another leading security measure that further protects enterprise data in the cloud. Security has always been a central pillar of Snowflake’s architecture, implementation and operations. AWS PrivateLink will further strengthen our security offering in both single and multi-tenant situations and is the perfect complement to Snowflake’s data warehouse built for the cloud.”

Snowflake already delivers industry-leading security technology for all five editions of its cloud-built data warehouse – Standard, Premier, Enterprise, Enterprise for Sensitive Data (ESD) and Virtual Private Snowflake (VPS). AWS PrivateLink will enhance the following security benefits that ESD already offers:

  • Tri-Secret Secure – A new feature that ensures customer control and data protection by combining a customer-provided encryption key with a Snowflake-provided encryption key and user credentials.
  • Encryption everywhere – Snowflake automatically encrypts data at rest and in-transit.
  • Comprehensive protection – Features such as multi-factor authentication, role-based access control, IP address whitelisting, federated authentication and annual rekeying of encrypted data are all part of ESD.
  • Security validations – SOC 2 Type 2, PCI DSS compliance and support for HIPAA compliance validate the level of security of Snowflake’s cloud data warehouse.

VPS, Snowflake’s most advanced edition, includes all of the security features of ESD and a private deployment of Snowflake. VPS provides enterprises with a dedicated and managed instance of Snowflake on a separate Amazon VPC. With AWS PrivateLink, Snowflake ESD and VPS customers enable enterprises to analyze and derive insight from their data in a secure environment.

To read about the technical details of AWS PrivateLink for Snowflake, click here.


About Snowflake Computing

Snowflake is the only data warehouse built for the cloud. Snowflake delivers the performance, concurrency and simplicity needed to store and analyze all data available to an organization in one location. Snowflake’s technology combines the power of data warehousing, the flexibility of big data platforms, the elasticity of the cloud, and live data sharing at a fraction of the cost of traditional solutions. Snowflake: Your data, no limits. Find out more at

Media Contact

Eszter Szikora
Snowflake Computing
(408) 666-5694
[email protected]