Connections are how CloudZero manages the various Cost Sources that bring Billing, Resource, and other types of data into the platform.

How the Snowflake Connection Works

CloudZero relies on account usage and cost information. Connecting to a Snowflake account will show Snowflake cost data alongside other Cost Sources in the Explorer, as well as enable anomaly alerts on Snowflake spend.

CloudZero accesses your Snowflake data via a share from your account to our Snowflake account in the same region using Secure Data Sharing.

Which Accounts to Connect

Except for reader accounts, each of your Snowflake accounts must be individually connected to CloudZero.

A Snowflake reader account should not be connected to CloudZero because the provider account assumes all responsibility for credit charges incurred by users of the reader account.

📘

About CloudZero's Access to your Snowflake Accounts

All of CloudZero's permissions are Read-Only
We have no access to data except where explicitly authorized (for example, the data you explicitly share with CloudZero). The SQL script we offer through the application does require write permissions, just to create the read-only resources for you.

Summary of Permissions:

• Roles
  • CLOUDZERO_COPY_BILLING_DATA_ROLE: role that can read data and execute sync procedure
• Databases
  • CLOUDZERO_SHARED_DATA: database that sits between your billing views and the share with CloudZero
• Procedures
  • CLOUDZERO_COPY_BILLING_DATA: stored procedure to sync data periodically from the billing tables/views
• Tables/Views
  • ACCOUNT_USAGE.METERING_HISTORY
  • ACCOUNT_USAGE.METERING_DAILY_HISTORY
  • ACCOUNT_USAGE.DATABASE_STORAGE_USAGE_HISTORY
  • ACCOUNT_USAGE.STAGE_STORAGE_USAGE_HISTORY
  • ORGANIZATION_USAGE.USAGE_IN_CURRENCY_DAILY
  • ORGANIZATION_USAGE.REMAINING_BALANCE_DAILY
  • ACCOUNT_USAGE.WAREHOUSE_EVENTS_HISTORY
  • ACCOUNT_USAGE.QUERY_HISTORY (Note: The "query_text" column is excluded to avoid capturing sensitive data)
  • ACCOUNT_USAGE.TAGS
  • ACCOUNT_USAGE.TAG_REFERENCES
• Shares
  • CLOUDZERO_SHARE: shares data from CLOUDZERO_SHARED_DATA database with CloudZero Snowflake account

Connect a Snowflake Account

Open the Connections page

The Connections page can be found by going to the "gear" on the sidebar and selecting "Connections" or alternatively going to https://app.cloudzero.com/organization/connections

📘

Note: Admin Role Required

You must be a CloudZero Admin to add new Connections to the platform.

Add a Snowflake Connection

On the Connections page you can see all of the Connections in your system. To connect a Snowflake Account, click the “Add New Connection” button.

On the next page, click the Snowflake tile and then click the Get started button.

1. You will need to fill in your Snowflake Account information into the next page:

   • Connection Name: This is the name you will see throughout the CloudZero UI, in addition to the Snowflake Account ID.
   • Cost Per Credit: Your Snowflake account’s Capacity Credit Price on the bill.
   • Cost Per TB Month: Your Snowflake account’s Capacity Storage Price on the bill.
   • Cost Effective Date: The date on which the “Cost Per” values became effective. If your "Cost Per" values have been the same since you created your Snowflake account, just pick a date from around the time the account was created.
   • Snowflake Account ID: The value returned from running SELECT LOWER(CURRENT_ACCOUNT()) in your Snowflake account.
   • Snowflake Account Region: The value returned from running
     SHOW REGIONS; SELECT display_name FROM TABLE(RESULT_SCAN(LAST_QUERY_ID())) WHERE snowflake_region = CURRENT_REGION();

2. Click the Save button.

Create a Share in your Snowflake Account

After clicking save in the previous step, a SQL script will appear in a text box.

• Copy the SQL script.
• Paste it into a Snowflake worksheet in your account.
• Review the Script
• Select the All Queries Checkbox
• Click Run to create and share the necessary data with CloudZero

🚧

Go get a coffee!

This script can take a while to run if you haven’t used these billing tables before. Our experience shows that first use can take 3+ hours; however, subsequent uses usually take minutes.

📘

Note: Share comment field

The SQL script will create a direct share with a comment like ref=<external_id>. The comment is required to aid CloudZero in accurately identifying shares. The external_id used is arbitrary and does not reveal any information about your account or data.

Return to the Connections Page

Refresh the Connections page to see the status of your Snowflake Connection. Once we discover the share created in (Step 3), a Snowflake Connection will appear on the CloudZero Connections page in the Billing Connections table.

Once the connection has been verified, the Health column will update from “Pending Data” to “Healthy”. Discovery can take up to an hour. It can take up to a day to synchronize new accounts before you see cost data in the Explorer.

If something changes on your side and CloudZero can no longer use the role that was just granted permissions, the Health will change and provide details on why CloudZero cannot connect.

Connect additional Snowflake Accounts with the same process.

Supported Snowflake Regions

CloudZero supports all Snowflake regions except for SnowGov.

Connecting Other Cost Sources

Additionally, you may want CloudZero to help with your other AWS or Azure costs, or the custom costs you can bring in using an AnyCost Adaptor.

Start by learning about CloudZero Connections, or choosing a Cost Source from the What's Next section below: