Deploy the Yuki Proxy

Yuki can be deployed in three different ways, depending on your organization’s infrastructure and security requirements.

The Yuki Proxy is a lightweight component that connects your Snowflake environment to Yuki’s optimization engine. It forwards only metadata and can run either in Yuki’s managed SaaS environment or inside your own VPC.

💡 For most users, the Fully Hosted option is the simplest and fastest.

After deploying the proxy, Business Critical Snowflake accounts can optionally configure AWS PrivateLink Setup to keep all Yuki–Snowflake communication private within AWS.

Deployment Options Overview

Option

Where It Runs

Setup Complexity

Fully Hosted (SaaS)

Managed by Yuki

Easy

Helm Deployment

Your Kubernetes cluster

Medium

Terraform Deployment

Your AWS account

Medium

Architecture by Deployment Type

All deployment options follow the same communication and encryption principles: queries flow securely from your internal services → through the Yuki Proxy → to Snowflake, with HTTPS + JWT authentication at every step.

The diagram below illustrates how the proxy’s placement changes across deployment models.

Your existing Environment:

With Yuki - Full Hosted (SAAS):

With Yuki - Same Cluster:

With Yuki - Dedicated VPC:

Security & Data Flow

Yuki Proxy only processes metadata related to query execution, warehouse usage, and performance statistics. No access to your query text or data. Communication between Snowflake, the proxy, and the Yuki Engine is encrypted via HTTPS (TLS 1.2+).

Next Steps

Choose your preferred deployment method:

→ Fully Hosted (Recommended)

→ Helm Deployment

→ Terraform Deployment

PreviousGrant Yuki access to your Snowflake account NextFully Hosted (SaaS)

Last updated 2 days ago