Introduction to Data Sharing¶
The principle players in any Data Sharing relationship are the account who shares the data, known as the data provider, and the account who uses the share data, known as the data consumer:
- As a data provider, you share a database and selected objects (schemas, tables, and secure views) in the database with other Snowflake accounts. For each database you share, Snowflake supports using grants to provide granular access control to the objects in the database, i.e. you grant access privileges for specific objects within the database.
- As a data consumer, once you add a shared database to your account, you can view and query the objects in the database just as you would any other database in your account.
Snowflake enables the sharing of databases through shares created by data providers and used by data consumers.
In this Topic:
Currently, Data Sharing is only supported between accounts in the same Snowflake Region.
How Does Data Sharing Work?¶
With Data Sharing, no actual data is copied or transferred between accounts. All sharing is accomplished through Snowflake’s unique global services layer and metadata store. This is an important concept because it means that shared data does not take up any storage space in a consumer account and, therefore, does not contribute to the consumer’s monthly data storage charges. The only charges to consumers are for the compute resources (i.e. virtual warehouses) used to query the shared data.
In addition, because no data is copied or exchanged, setup of Data Sharing is quick and easy for providers and access to shared data is instantaneous for consumers:
- The provider creates a share of a database in their account and grants other accounts access to specific objects (i.e. tables and views) in the database. These accounts can view the objects and perform queries on the data in those objects.
- On the consumer side, a database is created from the share. Access to this database is configurable using the same, standard role-based access control that Snowflake provides for all objects in the system.
Through this architecture, Snowflake enables creating a network of providers who can share data with multiple consumers and consumers who can access shared data from multiple providers.
Who are Data Providers?¶
A data provider is any Snowflake account that creates shares and makes them available to other Snowflake accounts to consume. Snowflake does not place any hard limits on the number of shares you can create as a data provider or the number of accounts you can add to a share.
To support creating and managing shares, Snowflake provides the following set of special DDL commands:
- CREATE SHARE
- ALTER SHARE
- DROP SHARE
- DESC SHARE — describes all the objects in a share
- SHOW SHARES — lists all shares, as well as the consumer accounts specified for each share
In addition, providers can view, grant, or revoke access to database objects in a share using the following standard access control DDL:
- GRANT privilege
- REVOKE privilege
- SHOW GRANTS:
- SHOW GRANTS TO SHARE... — lists all object privileges that have been granted to a share
- SHOW GRANTS OF SHARE... — lists all accounts for the share and indicates the accounts that are using the share
Who are Data Consumers?¶
A data consumer is any account that chooses to create a database from a share made available by a data provider. Snowflake does not place any hard limits on the number of shares you can consume from data providers; however, you can only create one database in your account per share.
Because the only task required to use a share is to create a database from the share, the only DDL commands required for consumers are:
- SHOW SHARES (lists all available shares)
- DESC SHARE (describes all the objects in a share)
- CREATE DATABASE (creates a database from a share)