Snowflake Concepts
How to Achieve Data Sharing in Snowflake Using Secure Data Sharing

How to Achieve Data Sharing in Snowflake Using Secure Data Sharing

Omkar Mozar's photo
Omkar Mozar
·

4 min read

Snowflake’s Secure Data Sharing feature is a game-changer for organizations looking to share live, up-to-date data securely and efficiently. Unlike traditional data-sharing methods, it eliminates the need for copying or moving data, offering a seamless experience for both providers and consumers. In this article, we’ll explore the ins and outs of Secure Data Sharing, demonstrate how to set it up with code examples, and discuss its best practices and limitations.

What is Secure Data Sharing in Snowflake?

Secure Data Sharing in Snowflake allows you to share live data with external or internal stakeholders without creating duplicates. It provides:

  • Live Data Access: Consumers always see the latest version of shared data.

  • No Data Movement: Data stays in the provider’s account, reducing storage and ETL overhead.

  • Granular Control: Providers can control access at the database, schema, or table level.

  • Support for Reader Accounts: Share data with consumers who don’t have Snowflake accounts.

Use Cases for Secure Data Sharing

  1. Collaborations Across Organizations:

    • Share product analytics with business partners.

    • Provide regulatory bodies access to compliance reports.

  2. Data Monetization:

    • Offer live data products to customers via Snowflake’s Data Marketplace.

  3. Internal Data Sharing:

    • Centralize data management by sharing between departments or subsidiaries.

Step-by-Step Guide to Setting Up Secure Data Sharing

Step 1: Create a Share

Shares are objects in Snowflake that enable data sharing. The first step is to create a share and grant access to the required database objects.

-- Create a share
CREATE SHARE my_data_share;

-- Grant access to a specific database or schema
GRANT USAGE ON DATABASE my_database TO SHARE my_data_share;
GRANT USAGE ON SCHEMA my_database.my_schema TO SHARE my_data_share;
GRANT SELECT ON ALL TABLES IN SCHEMA my_database.my_schema TO SHARE my_data_share;

Step 2: Add Consumer Accounts

Once the share is created, add the accounts of the data consumers who will access the shared data.

-- Add consumer accounts
ALTER SHARE my_data_share ADD ACCOUNTS = 'consumer_account1', 'consumer_account2';

If the consumers don’t have Snowflake accounts, you can create Reader Accounts (discussed later).

Step 3: Verify the Share

Consumers can now access the shared data by importing the share into their accounts.

-- In the consumer account
CREATE DATABASE shared_database FROM SHARE provider_account.my_data_share;

-- Query the shared data
SELECT * FROM shared_database.my_schema.my_table;

Using Reader Accounts

Reader Accounts allow providers to share data with consumers who don’t have Snowflake accounts. Snowflake manages the infrastructure and billing for these accounts, making it an ideal solution for non-Snowflake users.

Steps to Set Up Reader Accounts

  1. Create a Reader Account:

     CREATE READER ACCOUNT reader_account_name ADMIN_NAME = 'admin_username' ADMIN_PASSWORD = 'secure_password';

  2. Grant Access to the Reader Account:

     ALTER SHARE my_data_share ADD READER ACCOUNT = 'reader_account_name';

  3. Provide Connection Details: Share the connection details with the reader account admin so they can log in and access the shared data.

Best Practices for Secure Data Sharing

  1. Granular Access Control:

    • Share only the necessary objects.

    • Use masking policies to anonymize sensitive data.

  2. Monitor Usage:

    • Track shared data access using Snowflake’s query history and usage metrics.

  3. Update Shares Dynamically:

    • Use the ALTER SHARE command to add or revoke access as needed.

  4. Optimize Performance:

    • Regularly review and optimize queries run by consumers.

Limitations of Secure Data Sharing

While Secure Data Sharing is highly efficient, it has some limitations:

  1. Read-Only Access:

    • Consumers can only query shared data; they cannot modify it.

  2. No Support for Non-Relational Data:

    • Data sharing is limited to structured data in tables; it does not support files like Parquet or JSON stored in stages.

  3. Dependency on Snowflake Infrastructure:

    • Both provider and consumer must rely on Snowflake’s infrastructure for data access.

Conclusion

Snowflake’s Secure Data Sharing feature revolutionizes how organizations share data by eliminating duplication, simplifying management, and providing real-time access. By following the best practices outlined in this guide, you can ensure secure, efficient, and scalable data-sharing implementations.

While it’s a robust solution, understanding its limitations and designing appropriately can help you unlock its full potential. Start leveraging Secure Data Sharing today to foster collaboration and drive data-driven decisions across your organization.

snowflakesnowflake tutorialSnowflake performanceSnowflake CourseSnowFlake Online Training