Introduction to Data Sharing

The principle players in any Data Sharing relationship are the account who shares the data, known as the data provider, and the account who uses the share data, known as the data consumer:

  • As a data provider, you share a database and selected objects (schemas, tables, and secure views) in the database with other Snowflake accounts. For each database you share, Snowflake supports using grants to provide granular access control to the objects in the database, i.e. you grant access privileges for specific objects within the database.
  • As a data consumer, once you add a shared database to your account, you can view and query the objects in the database just as you would any other database in your account.

Snowflake enables the sharing of databases through shares created by data providers and used by data consumers.

In this Topic:

Note

Currently, Data Sharing is only supported between accounts in the same Snowflake Region.

How Does Data Sharing Work?

With Data Sharing, no actual data is copied or transferred between accounts. All sharing is accomplished through Snowflake’s unique global services layer and metadata store. This is an important concept because it means that shared data does not take up any storage space in a consumer account and, therefore, does not contribute to the consumer’s monthly data storage charges. The only charges to consumers are for the compute resources (i.e. virtual warehouses) used to query the shared data.

In addition, because no data is copied or exchanged, setup of Data Sharing is quick and easy for providers and access to shared data is instantaneous for consumers:

  • The provider creates a share of a database in their account and grants other accounts access to specific objects (i.e. tables and views) in the database. These accounts can view the objects and perform queries on the data in those objects.
  • On the consumer side, a database is created from the share. Access to this database is configurable using the same, standard role-based access control that Snowflake provides for all objects in the system.

Through this architecture, Snowflake enables creating a network of providers who can share data with multiple consumers and consumers who can access shared data from multiple providers.

What is a Share?

Shares are named, first-class Snowflake objects that encapsulate all of the information required to share a database, including:

  • The privileges that grants access to the database and the schema containing the objects to share.
  • The privileges that grant access to the specific objects (tables and secure views).
  • The accounts with which the database and its objects are shared.

Shares are secure, configurable, and controlled 100% by the provider account:

  • New objects added to a share become immediately available to all consumers, providing real-time access to share data.
  • Access to a share (or any of the objects in a share) can be revoked at any time.

Note

Each share is associated with a single database. You cannot add multiple databases, or objects from different databases, to the same share.

If you wish to allow a consumer account to access data across multiple databases in your account, create a share for each database and add the consumer account to each share.

Who are Data Providers?

A data provider is any Snowflake account that creates shares and makes them available to other Snowflake accounts to consume. Snowflake does not place any hard limits on the number of shares you can create as a data provider or the number of accounts you can add to a share.

To support creating and managing shares, Snowflake provides the following set of special DDL commands:

In addition, providers can view, grant, or revoke access to database objects in a share using the following standard access control DDL:

  • GRANT privilege
  • REVOKE privilege
  • SHOW GRANTS:
    • SHOW GRANTS TO SHARE... — lists all object privileges that have been granted to a share
    • SHOW GRANTS OF SHARE... — lists all accounts for the share and indicates the accounts that are using the share

For a quick guide to sharing data as a provider, see Getting Started with Data Sharing. For more detailed information, see Providers — Sharing Databases.

Who are Data Consumers?

A data consumer is any account that chooses to create a database from a share made available by a data provider. Snowflake does not place any hard limits on the number of shares you can consume from data providers; however, you can only create one database in your account per share.

Because the only task required to use a share is to create a database from the share, the only DDL commands required for consumers are:

For a quick guide to consuming data shared by a provider, see Getting Started with Data Sharing. For more detailed information, see Consumers — Using Shared Databases.