You will connect Elementary Cloud to Snowflake for syncing the Elementary schema (created by the Elementary dbt package).

Create a user for Elementary cloud

On your dbt project, run:

## Print the query you should run to generate a user
dbt run-operation create_elementary_user

This command will generate a query to create a user with the necessary permissions. Run this query on your data warehouse with admin permissions to create the user.

Permissions and security

Elementary cloud doesn't require read permissions to your tables and schemas, but only the following:

  • Read-only access to the elementary schema.
  • Access to read metadata in information schema and query history, related to the tables in your dbt project.

It is recommended to create a user using the instructions specified above to avoid granting excess privileges. For more details, refer to security and privacy.

Fill the connection form

Provide the following fields:

  • Account: Find your account by using the Snowflake account URL and removing snowflakecomputing.com. e.g. example.us-east-1. For more information, see Account Identifiers in the Snowflake docs.
  • Database name: The name of the database where your Elementary schema exist. e.g. analytics.
  • Warehouse: e.g. ELEMENTARY_WAREHOUSE.
  • Elementary schema: The name of your Elementary schema. Usually [schema name]_elementary.
  • Role (optional): e.g. ELEMENTARY_ROLE.

Elementary Cloud supports the user password and key pair authentication connection methods.

  • User password:
    • User: The user created for Elementary.
    • Password: The password you set when creating your Snowflake account.
  • Key pair:
    • User: The user created for Elementary.
    • Private key: The private key you generated for Elementary. For more information, see Generate Private Key in the Snowflake docs.
    • Private key passphrase (optional)

Add the Elementary IP to allowlist

If you use network policies to restrict access, run this query on your data warehouse with admin permissions:

CREATE NETWORK POLICY ELEMENTARY_CLOUD
	ALLOWED_IP_LIST=('3.126.156.226')
	BLOCKED_IP_LIST=()
COMMENT='IP used by Elementary Cloud to sync the Elementary schema';

After creating a network policy you would need to activate it. To activate a network policy for the elementary user simply run the following command -

ALTER USER <user_name> SET NETWORK_POLICY = ELEMENTARY_CLOUD;

Need help with onboarding?

We can provide support on Slack or hop on an onboarding call.