Connect Your Database

Connect Slateo to your data warehouse or database to start analyzing your data. We support the most popular cloud data warehouses and databases with secure, read-only access.

Supported databases

Slateo supports the following data warehouses and databases:

BigQuery

Google Cloud's serverless data warehouse. Connect using a service account with read-only permissions.

Read the guide

Snowflake

Cloud data platform with fine-grained access control. Connect using a dedicated user and role with read-only permissions.

Read the guide

Redshift

Amazon's cloud data warehouse. Connect using AWS PrivateLink for secure, private access without exposing your cluster to the internet.

Read the guide

PostgreSQL

Open-source relational database. Connect using a read-only user with private connectivity (AWS PrivateLink or GCP Private Service Connect), SSH tunnel, or direct connection.

Read the guide

MySQL

Popular open-source relational database. Connect using a read-only user with private connectivity (AWS PrivateLink or GCP Private Service Connect), SSH tunnel, or direct connection.

Read the guide

Connection methods

Slateo supports multiple connection methods to fit your security requirements:

Cloud data warehouses

For cloud-native data warehouses like BigQuery, Snowflake, and Redshift, Slateo uses native authentication methods:

BigQuery: Service account with JSON key file
Snowflake: Username and password authentication with optional key-pair or OAuth
Redshift: AWS PrivateLink with VPC endpoint for secure private connectivity

Traditional databases

For PostgreSQL and MySQL, Slateo supports multiple connection methods:

Method	Security	Use Case	Setup Complexity
AWS PrivateLink	Highest	Production databases in AWS	Medium
GCP Private Service Connect	Highest	Production databases in GCP	Medium
SSH Tunnel	High	Any database behind a bastion host	Low
Direct Connection	Medium	Development or VPN-protected databases	Low

Recommendation: Use AWS PrivateLink for AWS-hosted databases, GCP Private Service Connect for GCP-hosted databases, or SSH tunnel for other environments. Direct connections should only be used for development or when the database is behind a VPN.

Security best practices

All Slateo database connections follow security best practices:

Read-only access

Slateo only requires SELECT permissions on your data
No write, update, or delete permissions are needed
Database users are configured with least-privilege access

Encrypted connections

All connections use SSL/TLS encryption
Credentials are encrypted at rest
Network traffic never leaves the cloud provider's network (when using PrivateLink or PSC)

Credential management

Credentials are stored securely in encrypted storage
Passwords can be rotated without service interruption
Service accounts and API keys can be revoked at any time

Network isolation

PrivateLink: Traffic stays within AWS network, never exposed to the internet
PSC: Traffic stays within Google Cloud private networking, never exposed to the internet
SSH Tunnel: Encrypted tunnel through a bastion host
Direct Connection: IP allowlisting restricts access to known Slateo addresses

Getting started

To connect your database to Slateo:

Choose your database: Select your data warehouse or database from the list above
Follow the setup guide: Each guide provides step-by-step instructions for creating a read-only user and configuring network access
Configure in Slateo: Add your database connection in the Slateo admin panel
Start querying: Once connected, Slateo automatically discovers your schema and you can start analyzing your data

Need help? Contact your Slateo account manager for assistance with database setup, network configuration, or security requirements.

Frequently asked questions

Can Slateo write to my database?

No. Slateo only requires read-only (SELECT) permissions. Our setup guides explicitly configure users with only SELECT grants, ensuring Slateo cannot modify, delete, or insert data.

How does Slateo discover my schema?

After you connect your database, Slateo automatically scans the accessible databases, schemas, and tables. This process typically completes within 5 minutes. You can manually trigger a schema refresh at any time from the admin panel.

Can I connect multiple databases?

Yes. You can connect multiple databases from the same or different providers. Each connection is configured independently in the Slateo admin panel.

What happens if I rotate credentials?

Simply update the credentials in the Slateo admin panel. Slateo will use the new credentials for all future connections. There is no service interruption—just update and test the connection.

Does Slateo cache my data?

Slateo caches query results for performance, but does not replicate your entire database. All queries run directly against your database, and cached results respect your data's freshness requirements.

Can I restrict access to specific schemas or tables?

Yes. When creating the read-only user, you can grant SELECT permissions only on specific schemas or tables. Slateo will only be able to access the data you explicitly grant access to.

How do I monitor Slateo's database activity?

Each database setup guide includes instructions for enabling audit logging. You can monitor all queries executed by the Slateo user in your database's query logs or audit logs.

What if my database is behind a firewall?

Use AWS PrivateLink (for AWS databases), GCP Private Service Connect (for GCP databases), or SSH tunnel (for any database) to securely connect without exposing your database to the public internet. See the individual database guides for detailed setup instructions.

Does Slateo support database proxies or connection poolers?

Yes. You can configure Slateo to connect through proxies like PgBouncer (PostgreSQL) or ProxySQL (MySQL). Use the proxy's hostname and port in the connection settings.

Additional resources

For additional support or questions, contact your Slateo account manager.