STORAGE INTEGRATION is a Snowflake object that stores a generated identity and access management entity for external cloud storage (Amazon S3, Google Cloud Storage, or Microsoft Azure). Cloud administrators can grant permissions on the storage locations to the generated entity. By using storage integration users need not provide credentials as open text while creating external stages or when loading data from external cloud storage.

Storage integration can be configured to support any public cloud storage regardless of the cloud provider hosted on the snowflake account.

 

How to Create Storage Integration

 The Syntax for creating storage integration is.

CREATE [ OR REPLACE ] STORAGE INTEGRATION [IF NOT EXISTS]
  <name>
  TYPE = EXTERNAL_STAGE
  cloudProviderParams
  ENABLED = { TRUE | FALSE }
  STORAGE_ALLOWED_LOCATIONS = ('<cloud>://<bucket>/<path>/' [ , '<cloud>://<bucket>/<path>/' ... ] )
  [ STORAGE_BLOCKED_LOCATIONS = ('<cloud>://<bucket>/<path>/' [ , '<cloud>://<bucket>/<path>/' ... ] ) ]
  [ COMMENT = '<string_literal>' ]

Where cloudProviderParams is:

For AWS S3
cloudProviderParams  = STORAGE_PROVIDER = 'S3'
                                        STORAGE_AWS_ROLE_ARN = '<iam_role>'
                                         [ STORAGE_AWS_OBJECT_ACL = 'bucket-owner-full-control' ]

For Google Cloud Storage
cloudProviderParams = STORAGE_PROVIDER = 'GCS'

For Microsoft Azure 
cloudProviderParams = STORAGE_PROVIDER = 'AZURE'
                                       AZURE_TENANT_ID = '<tenant_id>'

 

Examples

AWS S3

create storage integration s3_int
  type = external_stage
  storage_provider = 'S3'
  storage_aws_role_arn = 'arn:aws:iam::001234567890:role/myrole'
  enabled = true
  storage_allowed_locations = ('s3://mybucket1/path1/', 's3://mybucket2/path2/');

Google Cloud Storage

create storage integration gcs_int
   type = external_stage
   storage_provider = 'GCS'
   enabled = true
    storage_allowed_locations = ('gcs://mybucket1/path1/', 'gcs://mybucket2/path2/');

Microsoft Azure

create storage integration azure_int
  type = external_stage
  storage_provider = 'AZURE'
  enabled = true
  azure_tenant_id = '<tenant_id>'
  storage_allowed_locations = ('azure://myaccount.blob.core.windows.net/mycontainer/path1/', 'azure://myaccount.blob.co