- Categories:
System functions (System Control)
SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT¶
Deprovisions a private connectivity endpoint in the Snowflake VPC or VNet to prevent Snowflake from connecting to an external service using private connectivity. The endpoint can be a service endpoint or a resource endpoint depending on the cloud platform that hosts your Snowflake account.
If you call this function and specify the wrong private connectivity endpoint, call the SYSTEM$RESTORE_PRIVATELINK_ENDPOINT system function to restore the endpoint within a seven day period. After seven days, the endpoint is deleted and cannot be recovered; you will need to recreate the endpoint with the SYSTEM$PROVISION_PRIVATELINK_ENDPOINT system function.
Syntax¶
AWS:
SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT( '<provider_service_name>' )
Azure:
SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT( '<provider_resource_id>' [, '<subresource>' ] )
Arguments¶
provider_service_name
Specifies the external service or resource endpoint. For example,
com.amazonaws.us-west-2.execute-api
for the Amazon API Gateway orcom.amazonaws.us-west-2.s3
for Amazon S3.
'provider_resource_id'
Specifies the fully-qualified identifier for the resource in your VPC or VNet.
'subresource'
Specifies the name of the subresource of the Azure resource.
This argument is not required for Azure Private Link Service (https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview) and Azure API Management Service.
For all supported values, see the Sub-resource table (https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-overview#private-link-resource).
Returns¶
Returns a status message stating that the endpoint, with its identifier, is deprovisioned successfully.
Usage notes¶
Only account administrators (users with the ACCOUNTADMIN role) can call this function.
An error message occurs if a private connectivity endpoint is not associated with the specified arguments.
Examples¶
AWS:
Deprovision a private endpoint with external access to Amazon S3:
SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT('com.amazonaws.us-west-2.s3');
Azure:
Deprovision a private endpoint to prevent Snowflake on Microsoft Azure from connecting to the Microsoft Azure API Management service in your Microsoft Azure VNet:
SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT( '/subscriptions/f4b00c5f-f6bf-41d6-806b-e1cac4f1f36f/resourceGroups/aztest1-external-function-rg/providers/Microsoft.ApiManagement/service/aztest1-external-function-api', 'Gateway' );Private endpoint with id "/subscriptions/e48379a7-2fc4-473e-b071-f94858cc83f5/resourcegroups/test_rg/providers/microsoft.network/privateendpoints/5ef8fd34-07db-4583-b0dd-0e2360398ed3" successfully marked for deletion. Before it is fully deleted in 7-8 days, it can be restored.
Deprovision a private endpoint to prevent Snowflake on Microsoft Azure from connecting to an external service using external network access:
SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT( '/subscriptions/11111111-2222-3333-4444-5555555555/resourceGroups/leorg1/providers/Microsoft.Sql/servers/myserver/databases/testdb', 'sqlServer' );"Resource Endpoint with id "/subscriptions/f0abb333-1b05-47c6-8c31-dd36d2512fd1/resourceGroups/privatelink-test/providers/Microsoft.Network/privateEndpoints/external-network-access-pe" deprovisioned successfully"
Deprovision a private endpoint to prevent Snowflake from connecting to an external stage for Microsoft Azure:
SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT( 'storagedemo.blob.core.windows.net', 'blob' );"Resource Endpoint with id "/subscriptions/57faea9a-20c2-4d35-b283-9c0c1e9593d8/resourceGroups/privatelink-test/providers/Microsoft.Network/privateEndpoints/external-network-access-pe" deprovisioned successfully"