We've updated this article as of October 2025

Recently, we added more connectivity options to Omnata sync to help you connect to databases like SQL Server, Postgres, with more on the way. Databases, unlike SaaS endpoints, have may more deployment options at each customer site. In addition, databases are all structured differently for different use cases and as such, only certain sync strategies are available for replication.

With Omnata Sync we have core design principles:

• Leverage the power of the underlying platform (Snowflake)

• Do not handle data or credentials

• Flexibility and pragmatism

Omnata Sync’s databases connectors follow a pull-based architecture, where it reaches through from Snowflake to your database. This enables us to support the full range of replication strategies. For SQL Server, you can replicate data using CDC, Change Tracking, directly query tables using a high-watermark or full-refresh strategy.

Database connectivity options

Omnata now has complete database connectivity options for AWS, Azure, GCP and on-premise deployed databases.

• AWS Privatelink

• Azure Private Link

• GCP Private Service Connect

• Omnata-ngrok tunnels

• Direct

Snowflake Private Connectivity Endpoints

Commonly known as Private link from the main cloud vendors.

What are the prerequisites?

• A Snowflake Business Critical Account

• A matching cloud region; AWS to AWS, Azure to Azure, GCP-GCP.

• If on-premise, a network bridge from your cloud VPC to your on-prem network.

• Some help from the DevOps team

Snowflake private endpoints allow External Access Integrations to reach endpoints inside your cloud VPC. This can hit managed database services like AzureSQL directly, or can point to a load balancer and route connections to VM hosted databases, or to on-premise networks.

For databases connectors, this means you can connect directly from Omnata to databases without traversing the public internet. This saves you from data egress costs, increases performance and is the gold standard for security.

Secure tunnels powered by ngrok

We've partnered with ngrok, the best in-class provider of site-to-site connectivity. ngrok enabled us to deploy a trustless, secure tunnels between customers’ Snowflake accounts and their databases whether hosted in the cloud, or on-premise. ngrok is trusted by the biggest names in technology, is SOC 2 compliant and Omnata's architecture is endorsed by ngrok's engineers.

The main benefit of ngrok is that it supports any Snowflake edition, region and cloud and can connect to any type of database deployment you have. The ngrok subscription is included in your Omnata native app billing.

To learn more about how we use ngrok in our Snowflake Native App, read this post.

Direct

Finally, if you have a publicly accessible or are comfortable opening your firewall to the range of Snowflake IPs (which is very broad), you can opt for the direct connection method. Note that in our experience, this is only appropriate in a small number of use cases and less strict security postures.

How do I decide which is best?

In general, we recommend that if you have Privatelink available and meet the prerequisites, then use it.
If you cannot meet the pre-requisites, the catch all solution is ngrok. Then finally, direct connections can be used for testing and a limited number of production use cases.

You can follow this decision tree to help you decide which is best.

And for more detail, you can refer to our product documentation with step-by-step and diagrams for different database deployment scenarios; SQL Server and PostgreSQL.