Skip to main content

Documentation Index

Fetch the complete documentation index at: https://datost.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Connecting Snowflake lets Datost query your governed warehouse to answer ad-hoc questions, build metrics, and explore tables — all from Slack.

Prerequisites

Before you start, gather the following from Snowflake:
  • Account identifier — the part before .snowflakecomputing.com in your Snowflake URL (for example myorg-myaccount).
  • Virtual warehouse — the compute warehouse Datost should run queries on (for example COMPUTE_WH).
  • Username — a Snowflake user dedicated to Datost.
  • Credential — either a password or an RSA private key (PEM format) for key-pair auth.
  • Database (optional) — a default database to scope queries. If omitted, Datost discovers databases the user can access.
We recommend creating a dedicated DATOST user and role so you can audit and revoke access independently.

Authentication methods

Datost supports two auth methods for Snowflake:
Uses the official Snowflake Node.js driver. Simplest to set up — just provide the username and password.

Required permissions

Grant the Datost role the minimum privileges needed to query your data: 
-- Compute
GRANT USAGE ON WAREHOUSE COMPUTE_WH TO ROLE DATOST;

-- Database + schemas
GRANT USAGE ON DATABASE MY_DB TO ROLE DATOST;
GRANT USAGE ON ALL SCHEMAS IN DATABASE MY_DB TO ROLE DATOST;

-- Read access to tables and views
GRANT SELECT ON ALL TABLES IN DATABASE MY_DB TO ROLE DATOST;
GRANT SELECT ON ALL VIEWS IN DATABASE MY_DB TO ROLE DATOST;
GRANT SELECT ON FUTURE TABLES IN DATABASE MY_DB TO ROLE DATOST;
GRANT SELECT ON FUTURE VIEWS IN DATABASE MY_DB TO ROLE DATOST;

-- Assign role to the Datost user
GRANT ROLE DATOST TO USER DATOST_USER;
Datost reads schema metadata from INFORMATION_SCHEMA — no extra grants are needed for discovery.

Connect in the admin panel

1

Open the admin panel

Go to Data Sources and click Add data source.
2

Pick Snowflake

Select the Snowflake tile from the database list.
3

Choose an auth method

Toggle between Password and Key Pair.
4

Fill in connection details

Enter your account identifier, warehouse, optional database, username, and credential (password or PEM private key).
5

Test and save

Datost runs SELECT CURRENT_VERSION() to verify connectivity before saving. If the test fails, the error message from Snowflake is shown inline.

Limitations

  • Query results are capped at 1,000 rows per request; larger result sets are truncated.
  • A LIMIT is appended automatically to queries that don’t include one.
  • Password-auth connections are cached for 30 minutes of idle time and then reconnect on next use.
  • Key-pair JWTs are issued with a 59-minute lifetime and refreshed automatically.
  • When no database is specified, Datost aggregates tables across every database the role can access; databases that error out are silently skipped.
Datost executes whatever SQL its agents generate through this connection. Always scope the Datost role to read-only access on the data you want to expose.