公开(公告)号：US11929986B1

公开(公告)日：2024-03-12

申请号：US18325388

申请日：2023-05-30

Applicant: Snowflake Inc.

Inventor： Khondokar Sami Igram ,  Laxman Mamidi ,  Sanjay Srivastava ,  Chieh-Sheng Wang ,  Di Wu

IPC: H04L9/40 ,  G06F21/62

CPC classification number: H04L63/0263 ,  G06F21/6218 ,  H04L63/0272 ,  H04L63/083

Abstract: Methods, systems, and computer programs are presented for enabling automated secure data sharing from a private cloud region to a public cloud region and vice versa. A cloud data platform confirms a relationship establishment procedure between a provider and a consumer is recorded with a cloud data platform, the provider being associated with a private cloud deployment and the consumer being associated with a public cloud deployment in a public region. The cloud data platform enables disabling of a firewall policy that is preventing data traffic between the private cloud deployment and the public cloud deployment and enables data sharing between the private cloud deployment and the public cloud deployment. The cloud data platform enables data sharing in a database of the cloud data platform.

公开(公告)号：US11748374B2

公开(公告)日：2023-09-05

申请号：US17457751

申请日：2021-12-06

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Nithin Mahesh ,  Laxman Mamidi ,  Subramanian Muralidhar ,  Vishnu Dutt Paladugu ,  Sahaj Saini

IPC: G06F16/00 ,  G06F16/27 ,  G06F11/14 ,  G06F16/25 ,  G06F11/20 ,  G06F16/182 ,  G06F16/13 ,  G06F16/178 ,  G06F16/11

CPC classification number: G06F16/27 ,  G06F11/1461 ,  G06F11/1464 ,  G06F11/2023 ,  G06F11/2097 ,  G06F16/128 ,  G06F16/137 ,  G06F16/1787 ,  G06F16/184 ,  G06F16/1827 ,  G06F16/1844 ,  G06F16/256

Abstract: Provided herein are systems and methods for configuring replication group objects. A system includes at least one hardware processor coupled to memory and configured to decode a replication request received from a client device of a data provider. The replication request indicates a plurality of account objects for replication. The plurality of account objects associated with a corresponding plurality of account object types. A replication group object is generated based on the replication request. The replication group object includes a manifest. The manifest lists the plurality of account objects. The replication of the plurality of account objects is performed from a source account of the data provider into at least one target account. The replication is based on the manifest of the replication group object.

公开(公告)号：US20230169090A1

公开(公告)日：2023-06-01

申请号：US17457751

申请日：2021-12-06

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Nithin Mahesh ,  Laxman Mamidi ,  Subramanian Muralidhar ,  Vishnu Dutt Paladugu ,  Sahaj Saini

IPC: G06F16/27 ,  G06F11/14 ,  G06F11/20 ,  G06F16/25

CPC classification number: G06F16/27 ,  G06F11/1464 ,  G06F11/1461 ,  G06F11/2023 ,  G06F16/256

Abstract: Provided herein are systems and methods for configuring replication group objects. A system includes at least one hardware processor coupled to memory and configured to decode a replication request received from a client device of a data provider. The replication request indicates a plurality of account objects for replication. The plurality of account objects associated with a corresponding plurality of account object types. A replication group object is generated based on the replication request. The replication group object includes a manifest. The manifest lists the plurality of account objects. The replication of the plurality of account objects is performed from a source account of the data provider into at least one target account. The replication is based on the manifest of the replication group object.

公开(公告)号：US20240259387A1

公开(公告)日：2024-08-01

申请号：US18160801

申请日：2023-01-27

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Jeremy Yujui Chen ,  Laxman Mamidi ,  Bowen Zhang

IPC: H04L9/40 ,  G06F21/62

CPC classification number: H04L63/105 ,  G06F21/6218

Abstract: Disclosed herein are systems and methods for managing database-level roles for data sharing. In an embodiment, a database system shares a database that resides in a data-provider account with a data-consumer account. The provider-side database includes a provider-side database-level role. The database system receives a request to grant the provider-side database-level role to a consumer-side account-level role in the data-consumer account. The database system responsively grants a hidden provider-side database-level role in the data-provider account to a hidden consumer-side database-level role in the data-consumer account, where the hidden provider-side database-level role had been granted to the provider-side database-level role, and grants the hidden consumer-side database-level role to the consumer-side account-level role in the data-consumer account.

公开(公告)号：US20230297590A1

公开(公告)日：2023-09-21

申请号：US18323155

申请日：2023-05-24

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Nithin Mahesh ,  Laxman Mamidi ,  Subramanian Muralidhar ,  Vishnu Dutt Paladugu ,  Sahaj Saini

IPC: G06F16/27 ,  G06F11/14 ,  G06F16/25 ,  G06F11/20 ,  G06F16/182 ,  G06F16/13 ,  G06F16/178 ,  G06F16/11

CPC classification number: G06F16/27 ,  G06F11/1464 ,  G06F16/256 ,  G06F11/2023 ,  G06F11/1461 ,  G06F16/184 ,  G06F16/1827 ,  G06F16/137 ,  G06F16/1787 ,  G06F16/1844 ,  G06F16/128 ,  G06F11/2097

Abstract: A method includes generating at a source account of a database system user, a replication group object (RGO). The RGO includes a manifest identifying one or more data object types and one or more databases. A replication of data objects of the one or more data object types is performed from the one or more databases to a target account of the database system user. The replication of the data objects is performed as a unit. The RGO is replicated as a failover group object (FGO) within the target account of the database system user. A network failure is detected at the source account of the database system user. The target account of the database system user is promoted as a new source account based on the detecting of the network failure.

公开(公告)号：US12184610B2

公开(公告)日：2024-12-31

申请号：US18429215

申请日：2024-01-31

Applicant: Snowflake Inc.

Inventor： Khondokar Sami Iqram ,  Laxman Mamidi ,  Sanjay Srivastava ,  Chieh-Sheng Wang ,  Di Wu

IPC: H04L9/40 ,  G06F21/62

Abstract: A method for secure data synchronization and sharing between distinct cloud environments is disclosed. The method involves establishing a trust relationship between a data provider's private cloud deployment and a data consumer's public cloud deployment. Utilizing hardware processors, a cross-region group sharing token is generated and validated to facilitate secure communication and data traffic between the two cloud deployments. Upon validation, a firewall policy that previously restricted data exchange is disabled, allowing for the replication of a target database from the private cloud to a secure share area accessible by the public cloud deployment. The data consumer is then enabled to access and utilize the replicated database within this secure area. The method ensures consistent data management across both deployments by managing the synchronization of the replicated database with the data provider's original database, thereby maintaining data consistency and integrity.

公开(公告)号：US20240171544A1

公开(公告)日：2024-05-23

申请号：US18429215

申请日：2024-01-31

Applicant: Snowflake Inc.

Inventor： Khondokar Sami Iqram ,  Laxman Mamidi ,  Sanjay Srivastava ,  Chieh-Sheng Wang ,  Di Wu

IPC: H04L9/40 ,  G06F21/62

CPC classification number: H04L63/0263 ,  G06F21/6218 ,  H04L63/0272 ,  H04L63/083

Abstract: A method for secure data synchronization and sharing between distinct cloud environments is disclosed. The method involves establishing a trust relationship between a data provider's private cloud deployment and a data consumer's public cloud deployment. Utilizing hardware processors, a cross-region group sharing token is generated and validated to facilitate secure communication and data traffic between the two cloud deployments. Upon validation, a firewall policy that previously restricted data exchange is disabled, allowing for the replication of a target database from the private cloud to a secure share area accessible by the public cloud deployment. The data consumer is then enabled to access and utilize the replicated database within this secure area. The method ensures consistent data management across both deployments by managing the synchronization of the replicated database with the data provider's original database, thereby maintaining data consistency and integrity.

公开(公告)号：US20240095232A1

公开(公告)日：2024-03-21

申请号：US18521790

申请日：2023-11-28

Applicant: Snowflake Inc.

Inventor： Durga Mahesh Arikatla ,  Laxman Mamidi ,  Subramanian Muralidhar ,  Chieh-Sheng Wang ,  Di Wu

IPC: G06F16/23 ,  G06F16/27

CPC classification number: G06F16/2365 ,  G06F16/27

Abstract: A process of fulfilling a database deployment request for a data platform. A compute service manager of the data platform scans one or more accounts of a consumer region of the data platform for a pending listing fulfillment request, where the pending listing request includes a request for deployment of a consumer database and an associated share of grant metadata of the consumer database within the consumer region. When the compute service manager determines that an account of the one or more accounts has a pending listing fulfillment request, the compute service manager determines a listing for the pending listing fulfillment request based on listing data of the account. The compute service manager determines that no other fulfillment task is scheduled for the pending listing fulfillment request and schedules a background fulfillment task to perform the fulfillment process for the pending listing fulfillment request.

公开(公告)号：US20250088486A1

公开(公告)日：2025-03-13

申请号：US18958641

申请日：2024-11-25

Applicant: Snowflake Inc.

Inventor： Khondokar Sami Iqram ,  Laxman Mamidi ,  Sanjay Srivastava ,  Chieh-Sheng Wang ,  Di Wu

IPC: H04L9/40 ,  G06F21/62

Abstract: A method for data sharing between cloud deployments is disclosed. A provider in a virtual private cloud (VPC) deployment generates a listing of data for sharing with a consumer in a public multi-tenant deployment. After creating a public account and transmitting a link associated with the listing to the consumer, the method responds to the consumer's selection of the link by automatically creating a secure shared area in the VPC deployment. The method includes replicating both a database and share object associated with the listing into the secure shared area as respective replicas. The replicated objects are then shared with the consumer account as data share objects, enabling the consumer to launch them in a consumer mounted database. The method concludes by enabling the consumer to perform database operations on the provider's data within the VPC deployment, ensuring secure and efficient data sharing between the cloud environments.

公开(公告)号：US12235868B2

公开(公告)日：2025-02-25

申请号：US18323155

申请日：2023-05-24

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Nithin Mahesh ,  Laxman Mamidi ,  Subramanian Muralidhar ,  Vishnu Dutt Paladugu ,  Sahaj Saini

IPC: G06F16/00 ,  G06F11/14 ,  G06F11/20 ,  G06F16/11 ,  G06F16/13 ,  G06F16/178 ,  G06F16/182 ,  G06F16/25 ,  G06F16/27

Abstract: A method includes generating at a source account of a database system user, a replication group object (RGO). The RGO includes a manifest identifying one or more data object types and one or more databases. A replication of data objects of the one or more data object types is performed from the one or more databases to a target account of the database system user. The replication of the data objects is performed as a unit. The RGO is replicated as a failover group object (FGO) within the target account of the database system user. A network failure is detected at the source account of the database system user. The target account of the database system user is promoted as a new source account based on the detecting of the network failure.