Skip to main content
You will connect Elementary Cloud to Snowflake for syncing the Elementary schema (created by the Elementary dbt package).

Create a user for Elementary cloud

  • Please create a Snowflake key-pair (private and public key) using this guide.
  • Using the public key generated in the previous step, please run the following in your dbt project folder: 
## Store the public key in an environment variable
export SNOWFLAKE_PUBLIC_KEY="<public key>"

## Print the query you should run to generate a user
dbt run-operation create_elementary_user --args "{'public_key': '$SNOWFLAKE_PUBLIC_KEY'}"
This command will generate a query to create a user with the necessary permissions. Run this query on your data warehouse with admin permissions to create the user.

Permissions and security

Elementary cloud doesn’t require read permissions to your tables and schemas, but only the following:
  • Read-only access to the elementary schema.
  • Access to read metadata in information schema and query history, related to the tables in your dbt project.
It is recommended to create a user using the instructions specified above to avoid granting excess privileges. For more details, refer to security and privacy.

Fill the connection form

Provide the following fields:
  • Account: Find your account by using the Snowflake account URL and removing snowflakecomputing.com. e.g. example.us-east-1. For more information, see Account Identifiers in the Snowflake docs.
  • Database name: The name of the database where your Elementary schema exist. e.g. analytics.
  • Warehouse: e.g. ELEMENTARY_WAREHOUSE.
  • Elementary schema: The name of your Elementary schema. Usually [schema name]_elementary.
  • Role (optional): e.g. ELEMENTARY_ROLE.
Elementary Cloud supports the following authentication methods:
  • Key pair (Recommended):
    • User: The user created for Elementary.
    • Private key: The private key you generated for Elementary. For more information, see Generate Private Key in the Snowflake docs.
    • Private key passphrase (optional)
  • User password (Deprecated, not recommended):
    • User: The user created for Elementary.
    • Password: The password you set when creating your Snowflake account.
Snowflake are in the process of deprecating single-factor username & password authentication for all human users. As a result, while still supported, we recommend configuring the user in advance using key-pair authentication rather than username & password, and configuring the user as TYPE=SERVICE (this is automatically handled in the user creation macro above).See here for more information regarding this change.

Add the Elementary IP to allowlist

If you use network policies to restrict access, run this query on your data warehouse with admin permissions: 
CREATE NETWORK POLICY ELEMENTARY_CLOUD
	ALLOWED_IP_LIST=('3.126.156.226')
	BLOCKED_IP_LIST=()
COMMENT='IP used by Elementary Cloud to sync the Elementary schema';
After creating a network policy you would need to activate it. To activate a network policy for the elementary user simply run the following command - 
ALTER USER <user_name> SET NETWORK_POLICY = ELEMENTARY_CLOUD;

Need help with onboarding?

We can provide support on Slack or hop on an onboarding call.