Private connectivity for outbound network traffic in Snowflake Open Catalog¶
When you work with tables in Open Catalog, you generate outbound network traffic from your Open Catalog account to your external cloud storage. For example:
When you select a table in Open Catalog, Open Catalog displays the schema for the table by retrieving the metadata for the table. This metadata is stored in your external cloud storage.
When your query engine attempts to load data from Open Catalog, Open Catalog accesses the external cloud storage to read the metadata for your Iceberg table and then returns the metadata for the table to the query engine.
By default, outbound network traffic traverses the public internet. For increased security, you can enable private connectivity for outbound network traffic to route this traffic through private endpoints instead of the public internet.
备注
Private connectivity for outbound network traffic is only supported for the following cloud storage providers:
扩展注意事项¶
出站专用连接的实施必须遵循与云提供商相关的以下限制:
Cannot have more than five private endpoints per Snowflake account
过去七天内取消配置的专用端点计入此限制。
To increase this limit, contact Snowflake Support.
Cannot have more than one endpoint to the same AWS service or Azure subresource
For AWS, this limitation is per service. So if you have one endpoint to an S3 bucket, you cannot have a different endpoint to another S3 bucket because the endpoint-to-S3 service combination would be duplicated.
For Azure, if a resource has only one subresource, you can only have one endpoint. But if the resource has different subresources available, you can have multiple endpoints to the resource as long as they connect to different subresources.
备注
您可以在不同的 Snowflake 账户中复制端点到服务或端点到子资源的组合。
计费¶
Snowflake calculates costs for outbound private connectivity based on private endpoint usage. For details on pricing for outbound private connectivity, see the Snowflake Service Consumption Table.