Enabling error notifications for tasks using Microsoft Azure Event Grid

This topic provides instructions for configuring error notification support for tasks using Microsoft Azure Event Grid.

Enabling error notification using Microsoft Azure Event Grid

To enable task notifications, follow the steps in the next sections.

Step 1: Creating a Custom Event Grid Topic

An Event Grid topic provides an endpoint where the source sends event notifications. Create a dedicated topic to receive error notifications published by Snowflake. You can use a single topic to receive error notifications for all pipes (for Snowpipe error notifications) or tasks (for task error notifications) in your Snowflake account.

For instructions on creating Event Grid topics, see the Event Grid documentation. Record the Event Grid topic endpoint, which you will need later in these instructions.

Optionally subscribe to the topic to inform Event Grid which events you want to track and where to send those events.

Step 2: Creating a Notification Integration in Snowflake

Retrieve the Tenant ID

Retrieve your Azure tenant ID, which you will need later in these instructions.

  1. Log into the Microsoft Azure portal.

  2. Navigate to Azure Active Directory » Properties. Record the Tenant ID value for reference later. The directory ID, or tenant ID, is needed to generate the consent URL that grants Snowflake access to the Event Grid topic.

Create the Notification Integration

Create an integration using the CREATE NOTIFICATION INTEGRATION command. An integration is a Snowflake object that references the Azure storage queue you created.

Note

Only account administrators (users with the ACCOUNTADMIN role) or a role with the global CREATE INTEGRATION privilege can execute this SQL command.

CREATE NOTIFICATION INTEGRATION <integration_name>
  ENABLED = true
  TYPE = QUEUE
  NOTIFICATION_PROVIDER = AZURE_EVENT_GRID
  DIRECTION = OUTBOUND
  AZURE_EVENT_GRID_TOPIC_ENDPOINT = '<event_grid_topic_endpoint>'
  AZURE_TENANT_ID = '<azure_tenant_id>'
Copy

For example:

CREATE NOTIFICATION INTEGRATION myint
  ENABLED = true
  TYPE = QUEUE
  NOTIFICATION_PROVIDER = AZURE_EVENT_GRID
  DIRECTION = OUTBOUND
  AZURE_EVENT_GRID_TOPIC_ENDPOINT = 'https://myaccount.region-1.eventgrid.azure.net/api/events'
  AZURE_TENANT_ID = 'mytenantid';
Copy

Where:

  • event_grid_topic_endpoint is the Event Grid topic endpoint you recorded in section Step 1.

  • azure_tenant_id is your Azure directory ID, or tenant ID, which you recorded earlier in this section.

Grant Snowflake Access to the Topic

  1. Execute the DESCRIBE INTEGRATION command to retrieve the consent URL:

    DESC NOTIFICATION INTEGRATION <integration_name>;
    
    Copy

    Where:

    Note the values in the following columns:

    AZURE_CONSENT_URL:

    URL to the Microsoft permissions request page.

    AZURE_MULTI_TENANT_APP_NAME:

    Name of the Snowflake client application created for your account. In a later step in this section, you will need to grant this application the permissions necessary to obtain an access token on your allowed topic.

  2. In a web browser, navigate to the URL in the AZURE_CONSENT_URL column. The page displays a Microsoft permissions request page.

  3. Click the Accept button. This action allows the Azure service principal created for your Snowflake account to be granted an access token on specified resources inside your tenant. Obtaining an access token succeeds only if you grant the service principal the appropriate permissions on the container (see the next step).

    The Microsoft permissions request page redirects to the Snowflake corporate site (snowflake.com).

  4. Log into the Microsoft Azure portal.

  5. Navigate to Azure Active Directory » Enterprise applications. Verify the Snowflake application identifier you recorded in Step 2 in this section is listed.

    Important

    If you delete the Snowflake application in Azure Active Directory at a later time, the notification integration stops working.

  6. Navigate to Event Grid Topics » topic_name, where topic_name is the name of the topic you created to receive event notifications.

  7. Click Access Control (IAM) » Add role assignment.

  8. Search for the Snowflake service principal. This is the identity in the AZURE_MULTI_TENANT_APP_NAME property in the DESC NOTIFICATION INTEGRATION output (in Step 1). Search for the string before the underscore in the AZURE_MULTI_TENANT_APP_NAME property.

    Important

    • It can take an hour or longer for Azure to create the Snowflake service principal requested through the Microsoft request page in this section. If the service principal is not available immediately, we recommend waiting an hour or two and then searching again.

    • If you delete the service principal, the notification integration stops working.

  9. Grant the Snowflake application the EventGrid Data Sender permission.

Step 3: Enabling error notifications in tasks

You then enable error notification, in either a standalone or root task, by setting ERROR_INTEGRATION to the name of the notification integration. You can set the property when you create a task (using CREATE TASK) or later (using ALTER TASK).

For details refer to Configuring a task to send error notifications.