Advanced Data Sharing in Snowflake
Snowflake's data sharing capabilities enable secure, real-time data exchange across organizations without data movement or copying.
Data Sharing Models
Direct Sharing
Direct sharing allows providers to share data with specific consumers:
-- Create a share object
CREATE SHARE customer_share;
-- Grant usage on database objects
GRANT USAGE ON DATABASE analytics_db TO SHARE customer_share;
GRANT USAGE ON SCHEMA shared_schema TO SHARE customer_share;
GRANT SELECT ON TABLE customer_insights TO SHARE customer_share;
-- Add consumers to the share
ALTER SHARE customer_share ADD ACCOUNTS = ('consumer_account_1', 'consumer_account_2');
-- Consumers create database from share
CREATE DATABASE customer_data FROM SHARE provider_account.customer_share;
Reader Accounts
Reader accounts allow sharing with organizations that don't have Snowflake:
-- Create reader account for non-Snowflake consumers
CREATE READER ACCOUNT reader_org
COMMENT = 'Reader account for external partner';
-- Share data with reader account
ALTER SHARE partner_share ADD ACCOUNTS = ('reader_account_id');
Data Marketplace
The Snowflake Marketplace provides a platform for sharing data products:
-- Browse marketplace listings
LISTING DIRECTORY SNOWFLAKE.MARKETPLACE;
-- Access marketplace data
CREATE DATABASE weather_data FROM SHARE weather_provider.weather_daily;
-- Query marketplace data
SELECT * FROM weather_data.weather.daily_forecast
WHERE location = 'New York'
AND forecast_date >= CURRENT_DATE();
Creating Marketplace Listings
-- Create a listing for marketplace
CREATE OR REPLACE LISTING my_data_product
TITLE = 'Industry Analytics Dataset'
DESCRIPTION = 'Comprehensive industry analysis data'
PUBLIC = TRUE
BUSINESS_RADIUS = 'Region';
-- Grant access to listing
GRANT USAGE ON DATABASE my_db TO LISTING my_data_product;
GRANT USAGE ON SCHEMA my_schema TO LISTING my_data_product;
Private Data Exchange
Setting Up a Private Exchange
-- Create a private exchange
CREATE DATA EXCHANGE private_exchange
COMMENT = 'Internal data exchange for business units';
-- Add accounts to exchange
ALTER DATA EXCHANGE private_exchange ADD ACCOUNTS = (
'sales_account_id',
'marketing_account_id',
'finance_account_id'
);
-- Share data through exchange
CREATE SHARE cross_analytics_share;
GRANT USAGE ON DATABASE analytics_db TO SHARE cross_analytics_share;
ALTER DATA EXCHANGE private_exchange ADD SHARES = ('cross_analytics_share');
Exchange Governance
-- Monitor exchange activity
SELECT * FROM TABLE(INFORMATION_SCHEMA.SHARE_USAGE_HISTORY(
START_TIME => DATEADD('day', -7, CURRENT_TIMESTAMP())
));
-- Review shared objects
SELECT * FROM INFORMATION_SCHEMA.SHARES
WHERE CREATED_ON >= DATEADD('day', -30, CURRENT_TIMESTAMP());
Advanced Sharing Patterns
Cross-Region Sharing
-- Enable cross-region sharing
ALTER ACCOUNT SET ENABLE_CROSS_REGION_DATA_SHARING = TRUE;
-- Share across regions
CREATE SHARE global_metrics_share;
ALTER SHARE global_metrics_share ADD ACCOUNTS = ('us_east_account', 'eu_west_account');
Data Sharing with Tag-Based Access Control
-- Tag objects for sharing policies
ALTER TABLE customer_data SET TAG sharing_policy = 'external_share';
-- Use tags in share creation
CREATE SHARE tagged_share;
GRANT USAGE ON DATABASE analytics_db TO SHARE tagged_share;
GRANT SELECT ON ALL TABLES IN SCHEMA shared_schema TO SHARE tagged_share
WITH TAG (sharing_policy = 'external_share');
Dynamic Data Sharing
-- Share query results dynamically
CREATE SHARE dynamic_insights_share;
GRANT USAGE ON DATABASE analytics_db TO SHARE dynamic_insights_share;
-- Create shareable view with dynamic filtering
CREATE OR REPLACE SECURE VIEW shared_regional_data AS
SELECT *
FROM gold.sales_by_region
WHERE region = CURRENT_REGION();
GRANT SELECT ON VIEW shared_regional_data TO SHARE dynamic_insights_share;
Monitoring and Auditing
-- Monitor share usage
SELECT
share_name,
account_name,
query_count,
last_query_time
FROM TABLE(INFORMATION_SCHEMA.SHARE_USAGE_HISTORY(
START_TIME => DATEADD('day', -30, CURRENT_TIMESTAMP())
));
-- Audit data access
SELECT
query_id,
query_text,
user_name,
start_time
FROM SNOWFLAKE.ACCOUNT_USAGE.QUERY_HISTORY
WHERE query_text LIKE '%FROM SHARE%'
AND start_time >= DATEADD('day', -7, CURRENT_TIMESTAMP());
When sharing data across organizations, always implement column-level security and row-level policies to ensure data privacy. Use Secure Views to prevent consumers from accessing underlying table structures.
Best Practices
| Practice | Implementation | Benefit |
|---|---|---|
| Use Secure Views | Create SECURE VIEW objects | Prevent metadata leakage |
| Implement Tag-Based Policies | Apply tags to shared objects | Centralized governance |
| Monitor Usage | Query SHARE_USAGE_HISTORY | Optimize sharing patterns |
| Version Control | Track share changes | Maintain data lineage |
| Access Reviews | Regular share audits | Security compliance |
Key Takeaways:
- Direct sharing enables real-time, zero-copy data access
- Reader accounts extend sharing to non-Snowflake users
- Marketplace provides a platform for data monetization
- Private exchanges support governed multi-party data sharing
- Cross-region sharing enables global data distribution
- Always implement security policies for shared data