Documentation
Sparvi Cloud Database Connections
This guide covers how to connect your databases to Sparvi Cloud and configure authentication for secure access.
Supported Databases
Sparvi Cloud provides native, optimized integrations with:
- Snowflake - Username/password and key-pair authentication support
Snowflake Integration
Sparvi Cloud offers two authentication methods for Snowflake:
Username/Password Authentication (Recommended)
Standard username and password authentication for Snowflake connections.
Setup Steps:
- In Sparvi Cloud: Navigate to Connections → Add New Connection → Snowflake
- Choose Username/Password: Select standard authentication
- Configure Connection: Provide your Snowflake connection details:
- Account identifier (e.g.,
xy12345.us-east-1) - Username
- Password
- Database name
- Schema name (default:
PUBLIC) - Warehouse name
- Account identifier (e.g.,
- Test Connection: Verify the connection works correctly
Benefits:
- Simple setup process
- Works with existing Snowflake accounts
- No additional configuration required
- Compatible with all Snowflake deployments
Key-Pair Authentication
For environments where password authentication isn't preferred, Sparvi Cloud supports Snowflake key-pair authentication.
Setup Steps:
- Generate Key Pair: Create RSA private/public key pair
- Configure Snowflake User: Add public key to your Snowflake user account
- In Sparvi Cloud: Choose "Key-Pair Authentication" option
- Upload Private Key: Securely upload your private key file
- Configure Connection: Provide connection details and user information
- Test Connection: Verify authentication works
Security Notes:
- Private keys are encrypted at rest
- Keys are never logged or exposed
- Follows Snowflake security best practices
- Supports key rotation
Required Snowflake Permissions
For both authentication methods, your Snowflake user needs these minimum permissions:
-- Database and schema access
GRANT USAGE ON DATABASE <database_name> TO ROLE <role_name>;
GRANT USAGE ON SCHEMA <database_name>.<schema_name> TO ROLE <role_name>;
-- Table access (for all tables you want to monitor)
GRANT SELECT ON ALL TABLES IN SCHEMA <database_name>.<schema_name> TO ROLE <role_name>;
GRANT SELECT ON FUTURE TABLES IN SCHEMA <database_name>.<schema_name> TO ROLE <role_name>;
-- Information schema access (for metadata discovery)
GRANT USAGE ON DATABASE INFORMATION_SCHEMA TO ROLE <role_name>;
-- Warehouse usage
GRANT USAGE ON WAREHOUSE <warehouse_name> TO ROLE <role_name>;
Connection Security
Encryption at Rest
- All connection credentials are encrypted using AES-256 encryption
- Encryption keys are managed separately from data
- Regular key rotation following security best practices
Encryption in Transit
- All database connections use SSL/TLS encryption
- Certificate verification enabled by default
- Support for custom certificates and CA bundles
Access Controls
- Connection access controlled by organization membership
- Role-based permissions for connection management
- Audit logging for all connection-related activities
Network Security
- Support for IP whitelisting
- VPC peering available for enterprise customers
- Private endpoint connections (coming soon)
Connection Management
Testing Connections
Before saving, Sparvi Cloud tests each connection:
- Verifies authentication credentials
- Checks database permissions
- Tests sample queries
- Validates SSL configuration
Connection Health Monitoring
- Automatic connection health checks
- Alerts when connections become unavailable
- Connection performance monitoring
- Historical uptime tracking
Credential Management
- Secure credential storage with encryption
- Support for credential rotation
- Integration with external secret managers (enterprise)
- Audit trail for credential changes
Troubleshooting
Common Snowflake Issues
Username/Password Authentication Failed
- Double-check username and password are correct
- Verify your Snowflake account identifier format
- Ensure user account is not locked or suspended
- Check that user has permission to use the warehouse
Key-Pair Authentication Failed
- Verify private key format (PKCS#8 or PKCS#1)
- Check that public key is correctly associated with user
- Ensure user account is not locked or suspended
- Verify role assignments and permissions
Connection Timeout
- Check network connectivity to Snowflake
- Verify warehouse is available and running
- Consider firewall and proxy configurations
- Try connecting from Snowflake web interface
Best Practices
Security
- Always use SSL/TLS encryption for production connections
- Implement least-privilege access principles
- Regular credential rotation (quarterly recommended)
- Monitor connection access logs
- Use key-pair authentication for enhanced security (Snowflake)
Performance
- Choose appropriate Snowflake warehouse sizes
- Configure connection pooling settings
- Monitor query performance and resource usage
- Use efficient sampling strategies for large tables
- Schedule resource-intensive operations during off-peak hours
Monitoring
- Set up connection health alerts
- Monitor data freshness and availability
- Track query performance metrics
- Review access patterns and usage
- Regular permission audits
Enterprise Features
Advanced Authentication
- Single Sign-On (SSO) integration (coming soon)
- LDAP/Active Directory integration
- Multi-factor authentication enforcement
- Custom authentication providers
Network Security
- VPC peering for private connections
- IP whitelisting and access controls
- Private endpoints and service connections
- Custom DNS and network routing
Compliance
- SOC 2 Type II certification
- GDPR compliance features
- Data residency options
- Audit logging and reporting
Next Steps
- Connect Your Database: Start with our connection wizard
- Verify Permissions: Ensure your database user has required access
- Test Data Discovery: Run initial metadata discovery
- Set Up Monitoring: Configure validation rules and anomaly detection
- Invite Team Members: Add colleagues and configure roles
Need help connecting your database? Contact our support team for personalized assistance.