Deploy the Yuki Proxy
The Yuki Proxy is a lightweight component that connects your Snowflake environment to Yuki's optimization engine. It forwards only metadata and can run either in Yuki's managed SaaS environment or inside your own VPC.
For most users, the Fully Hosted option is the simplest and fastest.
Deployment Options
| Option | Where It Runs | Setup Complexity |
|---|---|---|
| Fully Hosted (SaaS) | Managed by Yuki | Easy |
| Helm Deployment | Your Kubernetes cluster | Medium |
| Terraform Deployment | Your AWS account | Medium |
Architecture by Deployment Type
All deployment options follow the same communication and encryption principles: queries flow securely from your internal services → through the Yuki Proxy → to Snowflake, with HTTPS + JWT authentication at every step.
The diagram below illustrates how the proxy's placement changes across deployment models.
Your existing environment:
With Yuki - Full Hosted (SaaS):
With Yuki - Same Cluster:
With Yuki - Dedicated VPC:
Security
- Processes only metadata - no access to query text or actual data
- All communication encrypted via HTTPS (TLS 1.2+)
- JWT authentication between Proxy and Engine
Optional: AWS PrivateLink
For Business Critical Snowflake accounts, configure AWS PrivateLink to keep all traffic on AWS private networking.