In this article we are going to dive into and summarise the different Snowflake editions, how they can help business of all shapes and sizes and identify what might work for your needs.
Features change from time to time with new features being added regularly, it is recommended that you review the documentation for the latest on what specific features are included with any of the Editions.
Table of Contents
Open Table of Contents
Release Management
Standard Edition:
- No early access to releases.
Enterprise Edition:
- 12-hour early access.
Business Critical Edition:
- 24-hour early access.
VPS (Virtual Private Snowflake):
- 24-hour early access.
Security, Governance, and Data Protection
Snowflake offers strong, modern and competitive features to help understand what these are, let’s breakdown Security, Governance, and Data Protection, there is a lot of information here, to help, I have provided common and more Enterprise-Centric features.
Features change from time to time with new features being added regularly, it is recommended that you review the documentation for the latest on what specific features are included with any of the Editions.
Common Features (All Editions)
SOC 2 Type II Certification
SOC 2 Type II certification ensures that Snowflake maintains strict security protocols across its services. This certification is critical for data privacy, covering controls for safeguarding sensitive information and ensuring that security, availability, processing integrity, confidentiality, and privacy are adhered to. For engineering users, this certification provides peace of mind, knowing that Snowflake operates with high standards in compliance, reducing risks around data breaches and system vulnerabilities, and making it suitable for companies handling sensitive or regulated data.
SOC 2 Type II and other Organisation Controls
Federated Authentication such as SSO
Federated authentication allows users to log into Snowflake using Single Sign-On (SSO), where one set of credentials provides access to multiple systems or applications. Think of it similar to when you can login with Google for example.
This simplifies identity management for engineering teams, streamlining login processes and enhancing security by centralising authentication, such as using Azure Entra for example.
Engineers benefit from reduced password fatigue and improved user experience, while administrators gain control over access rights via a unified identity management system.
OAuth Support
Snowflake supports OAuth, an open standard for token-based authentication, allowing secure API integrations without exposing user credentials.
OAuth offers flexibility and security when developing applications or connecting third-party services to Snowflake. It enables great access control and is ideal for building secure pipelines that require data access without the need for sharing credentials, making development and data integration secure.
Network Policies
Network policies in Snowflake allow users to control which networks can access their Snowflake instances.
Engineers or admins of the system, can define IP whitelists and/ or apply restrictions to prevent unauthorised access from unknown networks.
This provides an additional layer of security for data stored in Snowflake, ensuring that only trusted devices or services can connect. I have found that this feature enhances the overall security posture, protecting data from potential network-based attacks, something all teams of all sizes should be considering.
More information on Snowflake Network Polciies
Automatic Data Encryption
Snowflake automatically encrypts all data, both in transit and at rest, ensuring that sensitive information is protected from unauthorised access. Snowflake uses industry-standard encryption techniques, including AES-256, to secure data.
This feature is particularly beneficial to engineering users as it ensures data security without requiring manual encryption management.
It reduces the complexity of handling secure data, allowing engineers to focus on building and managing applications while knowing their data is protected.
What are Snowflake’s Encryption Standards?
Multi-factor Authentication (MFA)
Multi-factor authentication (MFA) provides an extra layer of security by requiring users to verify their identity using multiple methods, such as a password and a one-time code sent to a mobile device.
For engineering users, MFA helps protect Snowflake accounts from unauthorised access, even if passwords are compromised.
This feature is especially useful for teams dealing with sensitive or critical data, as it mitigates the risk of account takeovers and enhances the overall security framework of the platform.
Object-level Access Control
Object-level access control in Snowflake allows administrators to manage permissions at a granular level, assigning access to specific objects like tables, views, and schemas.
This ensures that only authorised users or roles can interact with particular data sets. For teams or departments, this allows precise control over who can view or modify sensitive data, reducing the risk of accidental or malicious data changes.
It supports a more structured, secure, and compliant data environment, especially for large teams or organisations working with confidential data.
Enterprise Editions and Above
-
Extended Time Travel (up to 90 days). How does this work?
-
Periodic rekeying of encrypted data.
-
Column-level Security.
-
Row-level Security.
-
Aggregation and Projection policies.
-
Object Tagging.
-
Sensitive data classification.
-
ACCESS_HISTORY audit.
-
Tri-Secret Secure.
-
Private connectivity (AWS PrivateLink, Azure Private Link, Google Cloud Private Service Connect).
-
Support for PHI data (HIPAA, HITRUST CSF).
-
Support for PCI DSS.
-
Public sector workload support (FedRAMP, ITAR).
-
IRAP - Protected data support (Asia Pacific regions).
-
Dedicated metadata store and compute resources (Virtual Private Snowflake only).
Compute Resource Management
Snowflake is a powerful and cost effective way to run heavy compute workloads, with diffrent offerings to meet diffrent use cases.
Features change from time to time with new features being added regularly, it is recommended that you review the documentation for the latest on what specific features are included with any of the Editions.
Common Features (All Editions)
-
Virtual warehouses.
-
Resource monitors.
-
Multi-cluster virtual warehouses (Enterprise Edition and above).
SQL Support
Common Features (All Editions)
-
Standard SQL.
-
Advanced DML (multi-table INSERT, MERGE).
-
Broad support for standard data types.
-
Semi-structured data support (JSON, Avro, ORC, Parquet, XML).
-
Geospatial data support.
-
Unstructured data support.
-
Collation rules.
-
Integrity constraints.
-
Multi-statement transactions.
-
UDFs (Java, JavaScript, Python, SQL).
-
External functions. More Information Here
-
Amazon API Gateway private endpoints (Enterprise Edition and above).
-
Stored procedures (Java, JavaScript, Python, Scala, SQL).
-
Dynamic tables.
-
External tables.
-
Hybrid tables.
-
Data clustering.
-
Query acceleration (Enterprise Edition and above).
-
Search optimization (Enterprise Edition and above).
-
Materialized views.
-
Support for Iceberg tables. Ice-What Now?!
Interfaces & Tools
Common Features (All Editions)
-
Snowsight - Snowflakes GUI online.
-
SnowSQL - Snowflake’s own CLI tool.
-
SnowCD - Snowflake’s Connectivity Diagnostic Tool
-
Programmatic interfaces (Python, Spark, Node.js, .NET, PHP, Go).
-
JDBC and ODBC support.
-
Snowflake SQL API. A developers guide to the Snowflake REST API
-
Extensive ecosystem connectivity.
-
Snowflake Partner Connect.
-
Snowpark.
-
Streamlit in Snowflake. What is Streamlit?
Data Import & Export
Common Features (All Editions)
- Bulk loading and unloading.
- Snowpipe for continuous micro-batch loading.
- Snowflake Connector for Kafka.
Data Pipelines
Common Features (All Editions)
- Streams.
- Tasks.
Data Replication & Failover
Common Features (All Editions)
- Database and share replication.
- Failover and failback (Business Critical Edition and above).
- Client connection redirection (Business Critical Edition and above).
Data Sharing
Common Features (All Editions)
- Secure data sharing.
- Cross-region and cross-platform data sharing.
- Snowflake Marketplace and Listings.
- Data Exchange.
Customer Support
Common Features (All Editions)
- Snowflake Community.
- Premier support (24/7, 1-hour response for Severity 1 issues, applies to Standard accounts provisioned after May 1, 2020).