Skip to main content
Browse docs
By Audience
Getting Started
Configuration
Use Cases
IDE Integration
Third-Party Integrations
AI Coding Agents
Claude CodeGithub Copilot WorkspaceAmazon Q DeveloperGemini Code AssistTabnineCodeiumAiderOpenhandsSwe AgentCodex CLI
Agent Frameworks
AI Chat & Productivity
DevOps & Vector Databases
Enterprise & MLOps
Salesforce EinsteinSnowflake CortexPalantir AipWandbMlflowLangsmithGuardrails AILitellmJan AITypingmind
Engineering Cache
Console
API Reference
Gateway
Workflow Guides
Templates
Providers and SDKs
Industry Guides
Advanced Guides
Browse by Role
Deployment Guides
In-Depth Guides
Tutorials
CLI Reference
Policy Reference
FAQ

Snowflake Cortex AI

Keeptrusts integrates with Snowflake Cortex AI by intercepting LLM calls that Cortex makes to external model providers. When Cortex AI functions like COMPLETE(), SUMMARIZE(), or EXTRACT_ANSWER() call out to hosted models, you route those calls through the Keeptrusts gateway to enforce compliance policies, redact PII from warehouse data, and maintain a full audit trail — all without modifying your SQL workflows.

Use this page when

  • You are routing Snowflake Cortex AI function calls through Keeptrusts for governance.
  • You need the gateway config and SQL UDF patterns for Cortex integration.
  • You want to enforce PII redaction on data warehouse content before it reaches an LLM.
  • If you want a general quickstart instead, see Quickstart.

Primary audience

  • Primary: Technical Engineers
  • Secondary: AI Agents, Technical Leaders

Prerequisites

  • A Snowflake account with Cortex AI enabled (Enterprise Edition or higher)
  • A Snowflake role with CREATE FUNCTION and CREATE EXTERNAL ACCESS INTEGRATION privileges
  • Keeptrusts CLI (kt) installed and authenticated (kt auth login)
  • Network rule configured in Snowflake to allow egress to the Keeptrusts gateway endpoint
  • An upstream LLM provider key exported as an environment variable

Configuration

Gateway policy config

pack:
  name: snowflake-cortex-governance
  version: 1.0.0
  enabled: true
providers:
  targets:
  - id: cortex-llm
    provider: openai:chat:gpt-4o
    secret_key_ref:
      env: OPENAI_API_KEY
policies:
  chain:
  - prompt-injection
  - pii-detector
  - dlp-filter
  - audit-logger
policy:
  prompt-injection:
    threshold: 0.8
    action: block
  pii-detector:
    action: redact
    entities:
    - PERSON
    - EMAIL_ADDRESS
    - PHONE_NUMBER
    - CREDIT_CARD
    - SSN
  dlp-filter:
    patterns:
    - name: snowflake-account-id
      regex: "[a-z]{7}-[a-z0-9]{7}"
      action: redact
    - name: snowflake-jwt
      regex: "eyJ[A-Za-z0-9_-]+\\.eyJ[A-Za-z0-9_-]+"
      action: block
    - name: warehouse-credentials
      regex: "password\\s*=\\s*['\"][^'\"]+['\"]"
      action: block
  audit-logger:
    immutable: true
    retention_days: 365
    log_all_access: true

Start the gateway

export OPENAI_API_KEY="sk-..."
kt gateway run --listen 0.0.0.0:41002 --policy-config policy-config.yaml

Setup steps

1. Create a network rule and external access integration

In Snowflake, create the network rule that allows outbound traffic to your Keeptrusts gateway:

CREATE OR REPLACE NETWORK RULE keeptrusts_egress
  TYPE = HOST_PORT
  MODE = EGRESS
  VALUE_LIST = ('gateway.yourcompany.com:443');

CREATE OR REPLACE EXTERNAL ACCESS INTEGRATION keeptrusts_access
  ALLOWED_NETWORK_RULES = (keeptrusts_egress)
  ENABLED = TRUE;

2. Create a secret for your access key

CREATE OR REPLACE SECRET keeptrusts_api_key
  TYPE = GENERIC_STRING
  SECRET_STRING = 'your-keeptrusts-access-key';

3. Create a UDF that routes through Keeptrusts

CREATE OR REPLACE FUNCTION governed_complete(prompt VARCHAR)
  RETURNS VARCHAR
  LANGUAGE PYTHON
  RUNTIME_VERSION = '3.11'
  HANDLER = 'run'
  EXTERNAL_ACCESS_INTEGRATIONS = (keeptrusts_access)
  SECRETS = ('api_key' = keeptrusts_api_key)
  PACKAGES = ('requests')
AS $$
import _snowflake
import requests
import json

def run(prompt):
    api_key = _snowflake.get_generic_secret_string('api_key')
    response = requests.post(
        'https://gateway.keeptrusts.com/v1/chat/completions',
        headers={
            'Content-Type': 'application/json',
            'Authorization': f'Bearer {api_key}'
        },
        json={
            'model': 'gpt-4o',
            'messages': [{'role': 'user', 'content': prompt}],
            'max_tokens': 1024
        },
        timeout=30
    )
    result = response.json()
    return result['choices'][0]['message']['content']
$$;

4. Use the governed UDF in SQL queries

SELECT
    customer_id,
    governed_complete(
        'Summarize this customer feedback: ' || feedback_text
    ) AS ai_summary
FROM customer_feedback
LIMIT 10;

Verification

# Verify the gateway is healthy
curl https://gateway.keeptrusts.com/health

# From Snowflake, run a test query
# SELECT governed_complete('What is 2 + 2?');

# Check audit log for the request
kt events list --limit 5

Verify that the Snowflake UDF returns a response and that the request appears in the Keeptrusts event log with all policy decisions recorded.

PolicyPurposeRecommended setting
pii-detectorRedact personal data from warehouse rows before LLM processingaction: redact, entities: PERSON, EMAIL, PHONE, SSN, CREDIT_CARD
dlp-filterBlock Snowflake credentials and account identifiers in promptsaction: block for JWTs and passwords
prompt-injectionPrevent adversarial content stored in warehouse rows from exploiting LLMsthreshold: 0.8, action: block
audit-loggerFull audit trail for data governance and regulatory complianceretention_days: 365, immutable: true
rbacRestrict which Snowflake roles can access which models via the gatewayMap Snowflake roles to Keeptrusts roles

Troubleshooting

SymptomCauseFix
UDF returns Network unreachableNetwork rule does not allow egress to gatewayVerify keeptrusts_egress includes the correct host and port
UDF returns 401Access key invalid or missingRecreate the Snowflake secret with a valid key
PII appears in LLM responsespii-detector not configuredAdd pii-detector to the policy chain before audit-logger
Slow query performanceUDF makes HTTP call per rowBatch rows into fewer calls using ARRAY_AGG or process in smaller batches
EXTERNAL_ACCESS_INTEGRATION errorInsufficient privilegesGrant CREATE INTEGRATION to the executing role

For AI systems

  • Canonical terms: Keeptrusts gateway, Snowflake, Cortex AI, Cortex COMPLETE, SQL UDF, External Access Integration, network rule, policy-config.yaml.
  • Config field names: provider, secret_key_ref.env, pii-detector, dlp-filter, audit-logger.
  • Key behavior: Snowflake UDFs call the Keeptrusts gateway via HTTPS. The gateway enforces policies and forwards to the upstream LLM provider.
  • Best next pages: Databricks integration, Policy controls catalog, Quickstart.

For engineers

Prerequisites

  • Snowflake Enterprise Edition+ with Cortex AI, role with CREATE FUNCTION and CREATE INTEGRATION privileges, kt CLI installed.

Validation

  • Run SELECT governed_complete('test'); in Snowflake and verify a response.
  • Run kt events list --limit 5 to confirm the request was logged.
  • Verify PII from warehouse data appears as [REDACTED] in audit logs.

For leaders

  • Data warehouse content often contains the most sensitive business data — customer records, financial transactions, and PII. Routing Cortex AI calls through Keeptrusts ensures this data is governed before reaching external models.
  • The audit trail satisfies SOC 2 and GDPR requirements for documenting AI-assisted data processing.
  • Role-based access control at the gateway layer complements Snowflake's native RBAC, preventing unauthorized model access even when users have warehouse query permissions.

Next steps