Configure Security
After deploying the Yuki Proxy, the next step is to configure how Yuki securely connects to your Snowflake account. This step ensures that authentication and network policies are properly aligned with your organizationâs security standards.
Overview
Yuki supports multiple security configurations as part of the onboarding process:
AWS PrivateLink Setup - For Business Critical Snowflake accounts, you can optionally connect Yuki to Snowflake through AWS PrivateLink so that all communication stays on AWS private networking (no public internet).
Service User Authentication - Configure how Yuki authenticates to Snowflake on behalf of your service users (such as dbt, Looker, or Tableau). Yuki supports both direct key upload and secure reference to keys stored in AWS Secrets Manager.
Add User-Allowed IPs - If your Snowflake environment restricts access by IP address, use this step to define which users or applications can connect through Yuki. Yuki will use only the IP addresses you specify to authenticate with Snowflake, ensuring compatibility with your organizationâs network policies.
All steps are optional depending on your environment and Snowflake edition.
Next Steps
Follow these guides to complete your security setup (if applicable):
â AWS PrivateLink Setup (for Business Critical accounts) â Service User Authentication â Add User-Allowed IPs
Last updated