Categories:

System functions (System Control)

SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT

取消 Snowflake VPC 或 VNet 中的专用连接端点的设置,或阻止 Snowflake 通过使用专用连接来连接到外部服务。端点可以是服务端点或资源端点,具体取决于托管 Snowflake 账户的云平台。

If you call this function and specify the wrong private connectivity endpoint, call the SYSTEM$RESTORE_PRIVATELINK_ENDPOINT system function to restore the endpoint within a seven day period. After seven days, the endpoint is deleted and cannot be recovered; you will need to recreate the endpoint with the SYSTEM$PROVISION_PRIVATELINK_ENDPOINT system function.

语法

AWS:

SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
 '<provider_service_name>' )

Azure:

SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
 '<provider_resource_id>'
 [, '<subresource>' ]
)

Google Cloud

 SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
   '<service_attachment_id>'
);

实参

AWS

provider_service_name

Specifies the external service or resource endpoint to restore. For example, com.amazonaws.us-west-2.execute-api for the Amazon API Gateway or com.amazonaws.us-west-2.s3 for Amazon S3.

Azure

'provider_resource_id'

Specifies the fully-qualified identifier for the resource in your VPC or VNet.

'subresource'

Specifies the name of the subresource of the Azure resource.

This argument is not required for Azure Private Link Service (https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview) and Azure API Management Service.

For all supported values, see the Sub-resource table (https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-overview#private-link-resource).

Google Cloud

'target_service_id'

Specifies the ID of the service attachment in your VPC network or the regional Google API.

返回

返回一条状态消息,表明已成功取消配置端点及其标识符。

Access control requirements

只有账户管理员(具有 ACCOUNTADMIN 角色的用户)才能调用此函数。

使用说明

  • 如果专用连接端点未与指定实参关联,则会出现错误消息。

示例

AWS:

取消配置对 Amazon S3 具有外部访问权限的专用端点:

SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT('com.amazonaws.us-west-2.s3');

Azure:

Deprovision a private endpoint to prevent Snowflake on Microsoft Azure from connecting to the Microsoft Azure API Management service in your Microsoft Azure VNet:

SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
  '/subscriptions/f4b00c5f-f6bf-41d6-806b-e1cac4f1f36f/resourceGroups/aztest1-external-function-rg/providers/Microsoft.ApiManagement/service/aztest1-external-function-api',
  'Gateway'
  );
Private endpoint with id "/subscriptions/e48379a7-2fc4-473e-b071-f94858cc83f5/resourcegroups/test_rg/providers/microsoft.network/privateendpoints/5ef8fd34-07db-4583-b0dd-0e2360398ed3" successfully marked for deletion. Before it is fully deleted in 7-8 days, it can be restored.

Deprovision a private endpoint to prevent Snowflake on Microsoft Azure from connecting to an external service using external network access:

SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
  '/subscriptions/11111111-2222-3333-4444-5555555555/resourceGroups/leorg1/providers/Microsoft.Sql/servers/myserver/databases/testdb',
  'sqlServer'
  );
"Resource Endpoint with id "/subscriptions/f0abb333-1b05-47c6-8c31-dd36d2512fd1/resourceGroups/privatelink-test/providers/Microsoft.Network/privateEndpoints/external-network-access-pe" deprovisioned successfully"

Deprovision a private endpoint to prevent Snowflake from connecting to an external stage for Microsoft Azure:

SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
  '/subscriptions/cb72345g5-d347-4sdc-r3ee-70d234551a78/resourceGroups/rg-db-dev/providers/Microsoft.Storage/storageAccounts/dbasdfffext',
  'blob'
);
"Resource Endpoint with id "/subscriptions/57faea9a-20c2-4d35-b283-9c0c1e9593d8/resourceGroups/privatelink-test/providers/Microsoft.Network/privateEndpoints/external-network-access-pe" deprovisioned successfully"

Google Cloud

Deprovision a private endpoint to prevent Snowflake on Google Cloud from connecting to the service attachment in your Google Cloud VPC Network:

SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
  'projects/my-project/regions/us-east4/serviceAttachments/my-service-attachment'
  );
Private endpoint with id "abcd0000000000000001" successfully marked for deletion. Before it is fully deleted in 7-8 days, it can be restored.

Deprovision a private endpoint to prevent Snowflake on Google Cloud from connecting to a regional Google service endpoint (CloudKMS):

SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
 'cloudkms.us-east4.rep.googleapis.com'
 );
Private endpoint with id "abcd0000000000000001" successfully marked for deletion. Before it is fully deleted in 7-8 days, it can be restored.

Deprovision a private endpoint to prevent Snowflake from connecting to an external stage for Google Cloud:

SELECT SYSTEM$DEPROVISION_PRIVATELINK_ENDPOINT(
 'storage.us-east4.rep.googleapis.com'
 );
Private endpoint with id "abcd0000000000000001" successfully marked for deletion. Before it is fully deleted in 7-8 days, it can be restored.