Skip to main content

Data connections

Data connections are secure configurations to supported data sources.

Supported data sources

MS SQL Server


More coming soon - let us know if there's one you want us to prioritize!

Add a new connection

Navigate to the Data sources tab within a project in the left sidebar.

When you click Add you will be prompted to select a data source. Fill in the relevant connection details and make sure that Hex is allowed to connect to your data source.

  • For PostgreSQL, MySQL, Redshift, MS SQL Server, ClickHouse, AlloyDB, & MariaDB, you'll need:

    • Database host url
    • Database port
    • Database name
    • Username & password
  • For BigQuery, you'll need:

    Note, by default the Use BigQuery Storage API option is enabled when creating a BQ connection. This connection method significantly improves BigQuery query performance in Hex, however it requires two additional permissions be granted to the service account: bigquery.readsessions.create and bigquery.readsessions.getData. Additionally, there may be some BiqQuery costs associated when using this method. Pricing details from Google is available here.

  • For Snowflake, you'll need:

    • Account name
    • Warehouse
    • Database
    • Username & password

    If connecting to Snowflake using Key Pair authentication, paste the entire multi-line key, including "-----BEGIN PRIVATE KEY-----" and "-----END PRIVATE KEY-----", in the Private Key box.

  • For Databricks, you'll need:

  • For Dremio, you'll need:

    • JDBC URL (retrieve this from the Project Settings page under General information in your Dremio account)
    • Access token (instructions to generate)
  • For Trino, you'll need;

    • Database host url
    • Database port
    • Username & password
  • For Presto, you'll need;

    • Database host url
    • Database port
    • Catalog name
    • Username & password
  • For Athena, you'll need:

    • AWS access key ID
    • AWS secret access key
    • S3 bucket to write query results to
    • The default port is 443 and the host is athena.[region] (if you're using a VPC to connect then the host address is [vpc-specific-url].athena.[region] Note: only AWS users who do not use MFA authentication are supported.

      AWS uses the AWSQuicksightAthenaAccess policy as an example policy for JDBC connections. The IAM user will also need permissions to utilize prepared statements.

You can establish multiple connections for a given project, which are then listed in the Data sources tab. These connections may be used in SQL cells by any user with Editor access to that project, but will not be available to query from any other project.

Add shared connections

Workspace Admins have the capability to create shared data connections, which can be shared among all users in the workspace, or groups of users. Setting up shared data connections is identical to the process of creating a data connection depicted above, except that only Admins can create them from Settings Data sources of the Settings panel.

Use data connections to query your database

Once you have configured a data connection, you can query it using a SQL cell. See the SQL cells section for more details.

Database security

For each data connection, it's possible to configure SSH or SSL/TLS for a more secure connection and encryption in transit.

Using Secure Socket Layer (SSL) or Transport Layer Security (TLS) provides an additional layer of security by encrypting data in transit that moves from Hex to your database instance. Some data connection types have SSL/TLS configured by default.

In the table below, Enabled by default indicates that creating a data connection with that database will have encryption in transit enabled by default, and no further action is required. If Configurable, please reference the documentation linked in the first column for instructions on how to configure SSL/TLS for that specific database.

Data ConnectionSSL/TLS
AthenaEnabled by default
BigQueryEnabled by default
DatabricksEnabled by default
RedshiftEnabled by default
SnowflakeEnabled by default
PrestoEnabled by default
MS SQL ServerConfigurable