[destination-snowflake] unexpected external connection attempt #52586

iandvt · 2025-01-27T23:43:58Z

Connector Name

destination-snowflake

Connector Version

3.15.4

What step the error happened?

Other

Relevant information

Environment

airbyte @ v1.4.0
aks @ v1.30.0
destination-snowflake @ 3.15.4

Observed Behavior

During connection verification, the destination-snowflake connector is attempting to establish an external connection to sdgp7dsfcb1stg.blob.core.windows.net. If this endpoint is allowed through the firewall, the connection test passes successfully. Without this firewall rule, the connection verification process hangs indefinitely.

Open Questions

Is this expected behavior?
Document any required external endpoints for the connector.
Provide guidance on configuring the connector to work in restricted network environments.

The text was updated successfully, but these errors were encountered:

marcosmarxm · 2025-01-28T12:53:20Z

@iandvt can you share the complete sync log to debug where this access is happening?

iandvt · 2025-01-28T19:39:57Z

TBH - It looks like an issue with the Azure Snowflake Integration.

init container

nsetting empty environment variable 'AWS_SECRET_MANAGER_REGION'
Unsetting empty environment variable 'DATA_PLANE_SERVICE_ACCOUNT_CREDENTIALS_PATH'
Unsetting empty environment variable 'DD_AGENT_HOST'
Unsetting empty environment variable 'FEATURE_FLAG_CLIENT'
Unsetting empty environment variable 'OTEL_COLLECTOR_ENDPOINT'
Unsetting empty environment variable 'KEYCLOAK_INTERNAL_REALM_ISSUER'
Unsetting empty environment variable 'DATA_PLANE_SERVICE_ACCOUNT_EMAIL'
Unsetting empty environment variable 'VAULT_PREFIX'
Unsetting empty environment variable 'AB_AZURE_KEY_VAULT_TENANT_ID'
Unsetting empty environment variable 'SECRET_STORE_GCP_PROJECT_ID'
Unsetting empty environment variable 'AB_AZURE_KEY_VAULT_VAULT_URL'
Unsetting empty environment variable 'AWS_SECRET_MANAGER_SECRET_TAGS'
Unsetting empty environment variable 'FEATURE_FLAG_BASEURL'
Unsetting empty environment variable 'VAULT_ADDRESS'
Unsetting empty environment variable 'AB_AZURE_KEY_VAULT_TAGS'
Unsetting empty environment variable 'KEYCLOAK_CLIENT_ID'
Unsetting empty environment variable 'METRIC_CLIENT'
Unsetting empty environment variable 'LAUNCHDARKLY_KEY'
Unsetting empty environment variable 'AIRBYTE_API_AUTH_HEADER_NAME'
Unsetting empty environment variable 'CONTROL_PLANE_AUTH_ENDPOINT'
Unsetting empty environment variable 'AWS_KMS_KEY_ARN'
Unsetting empty environment variable 'DD_DOGSTATSD_PORT'
Unsetting empty environment variable 'S3_PATH_STYLE_ACCESS'
Unsetting empty environment variable 'AIRBYTE_API_AUTH_HEADER_VALUE'
2025-01-28 19:20:45,505 [main]  INFO    i.a.i.ApplicationKt(main):12 - Init start
 __  __ _                                  _   
|  \/  (_) ___ _ __ ___  _ __   __ _ _   _| |_ 
| |\/| | |/ __| '__/ _ \| '_ \ / _` | | | | __|
| |  | | | (__| | | (_) | | | | (_| | |_| | |_ 
|_|  |_|_|\___|_|  \___/|_| |_|\__,_|\__,_|\__|
2025-01-28 19:20:46,181 [main]  INFO    i.m.c.e.DefaultEnvironment(<init>):168 - Established active environments: [worker-v2, control-plane, oss, local-secrets]
2025-01-28 19:20:46,924 [main]  INFO    c.z.h.HikariDataSource(<init>):79 - config-pool - Starting...
2025-01-28 19:20:46,943 [main]  INFO    c.z.h.HikariDataSource(<init>):81 - config-pool - Start completed.
2025-01-28 19:20:47,328 [main]  WARN    i.a.m.l.MetricClientFactory(initialize):72 - MetricClient was not recognized or not provided. Accepted values are `datadog` or `otel`. 
2025-01-28 19:20:47,330 [main]  INFO    i.a.i.InputFetcher(fetch):27 - Fetching workload...
2025-01-28 19:20:48,088 [main]  INFO    i.a.i.InputFetcher(fetch):37 - Workload 424892c4-daac-4491-b35d-c6688ba547ba_8b0426ff-08e6-444a-b3e7-1efdfc88706e_0_check fetched.
2025-01-28 19:20:48,089 [main]  INFO    i.a.i.InputFetcher(fetch):39 - Processing workload...
2025-01-28 19:20:48,633 [main]  INFO    o.j.t.JooqLogger(lambda$info$5):386 - Version                  : Database version is supported by dialect POSTGRES: 16.4
2025-01-28 19:20:48,862 [main]  INFO    i.a.i.InputFetcher(fetch):45 - Workload processed.
2025-01-28 19:20:48,934 [main]  INFO    i.m.r.Micronaut(start):170 - No embedded container found. Running as CLI application
2025-01-28 19:20:48,948 [main]  INFO    c.z.h.HikariDataSource(close):349 - config-pool - Shutdown initiated...
2025-01-28 19:20:48,953 [main]  INFO    c.z.h.HikariDataSource(close):351 - config-pool - Shutdown completed.
2025-01-28 19:20:48,955 [main]  INFO    i.a.i.ApplicationKt(main):26 - Init end

connector-sidecar container

Defaulted container "connector-sidecar" out of: connector-sidecar, main, init (init)
Unsetting empty environment variable 'DATA_PLANE_SERVICE_ACCOUNT_CREDENTIALS_PATH'
Unsetting empty environment variable 'KEYCLOAK_INTERNAL_REALM_ISSUER'
Unsetting empty environment variable 'DATA_PLANE_SERVICE_ACCOUNT_EMAIL'
Unsetting empty environment variable 'KEYCLOAK_CLIENT_ID'
Unsetting empty environment variable 'AIRBYTE_API_AUTH_HEADER_NAME'
Unsetting empty environment variable 'CONTROL_PLANE_AUTH_ENDPOINT'
Unsetting empty environment variable 'S3_PATH_STYLE_ACCESS'
Unsetting empty environment variable 'AIRBYTE_API_AUTH_HEADER_VALUE'
2025-01-28 19:20:57,038 [main]  INFO    i.a.c.ApplicationKt(main):12 - Sidecar start

    ___    _      __          __
   /   |  (_)____/ /_  __  __/ /____
  / /| | / / ___/ __ \/ / / / __/ _ \
 / ___ |/ / /  / /_/ / /_/ / /_/  __/
/_/  |_/_/_/  /_.___/\__, /\__/\___/
                    /____/
 : airbyte-container-orchestrator :

2025-01-28 19:20:58,122 [main]  INFO    i.m.c.e.DefaultEnvironment(<init>):168 - Established active environments: [worker-v2, control-plane, oss, local-secrets]
2025-01-28 19:20:59,521 [main]  INFO    c.a.c.u.l.LoggingEventBuilder(performLogging):375 - {"az.sdk.message":"The following Netty versions were found on the classpath and have a mismatch with the versions used by azure-core-http-netty. If your application runs without issue this message can be ignored, otherwise please align the Netty versions used in your application. For more information, see https://aka.ms/azsdk/java/dependency/troubleshoot.","azure-netty-version":"4.1.110.Final","azure-netty-native-version":"2.0.65.Final","classpath-netty-version-io.netty:netty-common":"4.1.116.Final","classpath-netty-version-io.netty:netty-handler":"4.1.116.Final","classpath-netty-version-io.netty:netty-handler-proxy":"4.1.116.Final","classpath-netty-version-io.netty:netty-buffer":"4.1.116.Final","classpath-netty-version-io.netty:netty-codec":"4.1.116.Final","classpath-netty-version-io.netty:netty-codec-http":"4.1.116.Final","classpath-netty-version-io.netty:netty-codec-http2":"4.1.116.Final","classpath-netty-version-io.netty:netty-transport-native-unix-common":"4.1.116.Final","classpath-netty-version-io.netty:netty-transport-native-epoll":"4.1.116.Final","classpath-netty-version-io.netty:netty-transport-native-kqueue":"4.1.116.Final","classpath-native-netty-version-io.netty:netty-tcnative-boringssl-static":"2.0.69.Final"}
2025-01-28 19:21:01,856 [pool-2-thread-1]       INFO    i.a.c.i.LineGobbler(voidCall):177 - 
2025-01-28 19:21:01,908 [pool-2-thread-1]       INFO    i.a.c.i.LineGobbler(voidCall):177 - ----- START CHECK -----
2025-01-28 19:21:01,909 [pool-2-thread-1]       INFO    i.a.c.i.LineGobbler(voidCall):177 - 
2025-01-28 19:30:01,900 [main]  WARN    i.a.c.ConnectorWatcher(waitForConnectorOutput):104 - Failed to find output files from connector within timeout of 9 minute(s). Is the connector still running?
2025-01-28 19:30:01,902 [main]  INFO    i.a.c.ConnectorWatcher(failWorkload):307 - Failing workload 424892c4-daac-4491-b35d-c6688ba547ba_8b0426ff-08e6-444a-b3e7-1efdfc88706e_0_check.
2025-01-28 19:30:02,000 [main]  INFO    i.a.c.ConnectorWatcher(exitFileNotFound):225 - Deliberately exiting process with code 2.

main container (I had Claude [REDACTED] the sensitive information)

Using AIRBYTE_ENTRYPOINT: /airbyte/base.sh
Jan 28, 2025 7:21:13 PM net.snowflake.client.jdbc.SnowflakeConnectionV1 initConnectionWithImpl
INFO: Initializing new connection
Jan 28, 2025 7:21:13 PM net.snowflake.client.core.SFSession open
INFO: Opening session with server: https://[REDACTED].snowflakecomputing.com:443/, account: [REDACTED], user: [REDACTED], password is not provided, role: [REDACTED], database: [REDACTED], schema: [REDACTED], warehouse: [REDACTED], validate default parameters: null, authenticator: null, ocsp mode: FAIL_OPEN, passcode in password: null, passcode is not provided, private key is not provided, disable socks proxy: null, application: airbyte_oss, app id: JDBC, app version: 3.20.0, login timeout: null, retry timeout: null, network timeout: 60, query timeout: null, connection timeout: null, socket timeout: null, tracing: null, private key file: [REDACTED], private key pwd is not provided, enable_diagnostics: not provided, diagnostics_allowlist_path: null, session parameters: client store temporary credential: null, gzip disabled: null, browser response timeout: null

Jan 28, 2025 7:21:13 PM net.snowflake.client.core.SFBaseSession logHttpClientInitInfo
INFO: Driver OCSP mode: FAIL_OPEN, gzip disabled: false and no proxy

Jan 28, 2025 7:21:13 PM net.snowflake.client.core.SFSession open
INFO: Connecting to GLOBAL Snowflake domain

Jan 28, 2025 7:21:13 PM net.snowflake.client.core.FileUtil logFileUsage
INFO: Cache file creation: Accessing file: /home/[REDACTED]/.cache/snowflake/ocsp_response_cache.json

Jan 28, 2025 7:21:13 PM net.snowflake.client.core.FileUtil logFileUsage
INFO: Read cache: Accessing file: /home/[REDACTED]/.cache/snowflake/ocsp_response_cache.json

Jan 28, 2025 7:21:13 PM net.snowflake.client.core.FileUtil logFileUsage
INFO: Extract private key from file: Accessing file: [REDACTED]

Jan 28, 2025 7:21:13 PM net.snowflake.client.core.FileUtil logWarnWhenAccessibleByOthers
WARNING: Extract private key from file: File [REDACTED] is accessible by others to: read

Jan 28, 2025 7:21:14 PM net.snowflake.client.core.FileUtil logFileUsage
INFO: Write to cache: Accessing file: /home/[REDACTED]/.cache/snowflake/ocsp_response_cache.json

Jan 28, 2025 7:21:14 PM net.snowflake.client.core.SFSession open
INFO: Session [REDACTED] opened in 1,107 ms.

Jan 28, 2025 7:21:14 PM net.snowflake.client.jdbc.SnowflakeConnectionV1 initConnectionWithImpl
INFO: Connection initialized successfully in 1,121 ms. Session id: [REDACTED]

Jan 28, 2025 7:21:14 PM net.snowflake.client.jdbc.SnowflakeConnectionV1 initConnectionWithImpl
INFO: Initializing new connection

Jan 28, 2025 7:21:14 PM net.snowflake.client.core.SFSession open
INFO: Opening session with server: https://[REDACTED].snowflakecomputing.com:443/, account: [REDACTED], user: [REDACTED], password is not provided, role: [REDACTED], database: [REDACTED], schema: [REDACTED], warehouse: [REDACTED], validate default parameters: null, authenticator: null, ocsp mode: FAIL_OPEN, passcode in password: null, passcode is not provided, private key is not provided, disable socks proxy: null, application: airbyte_oss, app id: JDBC, app version: 3.20.0, login timeout: null, retry timeout: null, network timeout: 60, query timeout: null, connection timeout: null, socket timeout: null, tracing: null, private key file: [REDACTED], private key pwd is not provided, enable_diagnostics: not provided, diagnostics_allowlist_path: null, session parameters: client store temporary credential: null, gzip disabled: null, browser response timeout: null

Jan 28, 2025 7:21:14 PM net.snowflake.client.core.SFBaseSession logHttpClientInitInfo
INFO: Driver OCSP mode: FAIL_OPEN, gzip disabled: false and no proxy

Jan 28, 2025 7:21:14 PM net.snowflake.client.core.SFSession open
INFO: Connecting to GLOBAL Snowflake domain

Jan 28, 2025 7:21:14 PM net.snowflake.client.core.FileUtil logFileUsage
INFO: Extract private key from file: Accessing file: [REDACTED]

Jan 28, 2025 7:21:14 PM net.snowflake.client.core.FileUtil logWarnWhenAccessibleByOthers
WARNING: Extract private key from file: File [REDACTED] is accessible by others to: read

Jan 28, 2025 7:21:15 PM net.snowflake.client.core.SFSession open
INFO: Session [REDACTED] opened in 228 ms.

Jan 28, 2025 7:21:15 PM net.snowflake.client.jdbc.SnowflakeConnectionV1 initConnectionWithImpl
INFO: Connection initialized successfully in 230 ms. Session id: [REDACTED]

Jan 28, 2025 7:21:15 PM net.snowflake.client.jdbc.SnowflakeConnectionV1 initConnectionWithImpl
INFO: Initializing new connection

[... similar connection attempts with same pattern continue ...]

Jan 28, 2025 7:21:16 PM net.snowflake.client.jdbc.cloud.storage.SnowflakeAzureClient createSnowflakeAzureClient
INFO: Initializing Snowflake Azure client with encryption: false

Jan 28, 2025 7:21:16 PM net.snowflake.client.core.SFSession open
INFO: Session [REDACTED] opened in 132 ms.

Jan 28, 2025 7:21:16 PM net.snowflake.client.jdbc.SnowflakeConnectionV1 initConnectionWithImpl
INFO: Connection initialized successfully in 134 ms. Session id: [REDACTED]

Jan 28, 2025 7:27:09 PM net.snowflake.client.jdbc.cloud.storage.SnowflakeAzureClient createSnowflakeAzureClient
INFO: Initializing Snowflake Azure client with encryption: false

airbyte ui

azure firewall logs

iandvt added area/connectors Connector related issues needs-triage type/bug Something isn't working labels Jan 27, 2025

octavia-squidington-iii added autoteam team/connectors-python community labels Jan 27, 2025

marcosmarxm added connectors/destination/snowflake team/destinations Destinations team's backlog and removed needs-triage team/connectors-python autoteam labels Jan 28, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[destination-snowflake] unexpected external connection attempt #52586

[destination-snowflake] unexpected external connection attempt #52586

iandvt commented Jan 27, 2025 •

edited

Loading

marcosmarxm commented Jan 28, 2025

iandvt commented Jan 28, 2025

[destination-snowflake] unexpected external connection attempt #52586

[destination-snowflake] unexpected external connection attempt #52586

Comments

iandvt commented Jan 27, 2025 • edited Loading

Connector Name

Connector Version

What step the error happened?

Relevant information

Environment

Observed Behavior

Open Questions

marcosmarxm commented Jan 28, 2025

iandvt commented Jan 28, 2025

iandvt commented Jan 27, 2025 •

edited

Loading