为列表准备数据

本主题包含列表创建准备工作指南,包括如何为不同类型的列表准备数据产品。

准备创建列表

在创建列表之前,请执行以下操作:

  1. Decide how to offer your data product. See Listing availability options and Listing access options.

  2. Set up roles and privileges to simplify creating listings. See 为列表设置角色和权限.

  3. Identify the objects that you want to share. See 确定列表内容.

  4. Prepare the objects to be shared with others. See 为列表准备共享.

  5. 确定要如何管理对数据产品的访问:

    • 免费提供访问权限,并且无限制。
    • Charge for your listing by creating a paid listing. See 准备提供付费列表.
    • Offer limited access to your data product as a free trial, then offer unlimited access to your data product by request. See 准备提供受限试用列表.

  6. Choose which cloud region(s) you want to offer your listing in. See 为在其他区域共享准备列表.

The listing and data share must be in compliance with the Snowflake Provider Policies.

为列表设置角色和权限

When you create a listing, you create it from the account that has the data or application package in it. The role that attaches a data product to a listing and publishes the listing must be the same role that created, and therefore owns, the application package or share. You cannot transfer the OWNERSHIP privilege for a share.

If you use a different role to create and manage the listing, grant the MODIFY privilege on the listing to the role that owns the application package or share. For example:

Share or application package owner role:

OWNERSHIP privilege on the share or application package. MODIFY privilege on the listing.

Listing owner role:

OWNERSHIP privilege on the listing.

Global CREATE LISTING privilege.

Within the provider account, you can use one of the following to create and manage listings:

ACCOUNTADMIN:

If you use the ACCOUNTADMIN role to create and manage listings, the ORGADMIN role must first Delegate privileges to set up auto-fulfillment.

Custom role:

If you use a custom role, the ORGADMIN role must first Delegate privileges to set up auto-fulfillment to the ACCOUNTADMIN role, which can then be used to grant the relevant privileges to the custom role.

For more information about granting sharing privileges, see Granting Privileges to Other Roles:.

确定列表内容

准备使用列表共享您账户中的数据时,应确定要在列表中存放哪些内容。

First, make sure that the data you want to share is in Snowflake, and that you have the legal and contractual rights to share the data. If needed, load the data that you want to share into Snowflake. See Overview of data loading.

Note

如果您的列表或数据集中的任何数据受任何法定或合同义务约束,则必须确保拥有共享此类数据的法定和合同权利。例如,您只能通过个性化列表共享受保护的健康信息 (PHI),为此,您必须符合以下条件:(1) 与 Snowflake 和接收 PHI 的使用者签署了商业伙伴协议 (BAA);并且 (2) 确保使用者也与 Snowflake 签署了 BAA。此外,虽然您可以通过免费或个性化列表共享个人数据,但如果数据并非公开可用数据,您必须拥有适用的法定和合同权利。

Next, decide how to offer the data that you have as a listing. If you plan to offer listings on the Snowflake Marketplace or only as private listings directly with specific customers, you might make different decisions about what to place inside the listing.

  • 考虑数据可用性。
  • 考虑预计访问您的列表的使用者。
  • 考虑为共享选择的数据格式,例如表、视图、安全视图或其他数据库对象。

例如,如果想提供有关狗狗美容的列表,可以做出如下决定:

  • Offer a publicly available free listing on the Snowflake Marketplace with information about dog breeds and fur length.
  • Offer a limited trial listing on the Snowflake Marketplace with a sample data product that contains data about the time it takes to groom a standard poodle, with the option for consumers to request a full data product about grooming insights for more dog breeds.
  • Offer a limited trial listing on the Snowflake Marketplace with a data product that contains data about the time it takes to groom any breed of dog, with the option for consumers to request unlimited access to your data product.
  • Offer a private listing to a partner organization with insights about the length of time it takes to groom various dogs, and the typical frequency of grooming appointments for different dog breeds.

In this example, you offer valuable data on the Snowflake Marketplace, but offer more specific insights to an organization that you already have a trusted business relationship with.

为列表准备共享

You can create a share before creating a listing, or select the database, tables, and views to comprise your data product when you create the listing. See Create and configure shares.

如果您计划提供许多列表,请分别创建共享和列表,以便更轻松地管理数据产品。您不能从同一共享中提供多个列表。

考虑如何更新共享

考虑共享中数据的维护。随着时间的推移,您希望在列表中提供的信息会发生变化,此时您可能需要更改数据共享。

您还需要考虑如何更新共享中的数据,并确保共享的内容对使用者有用。

如果删除并在后续重新创建共享中的对象,则需要将重新创建的对象添加到共享中,这样使用者才能继续使用它们。例如,如果为了刷新共享中的某些数据,您删除并重新创建了数据库中的某个表,则需要更新共享以包含重新创建的表。

准备要共享的数据

准备要在列表中共享的数据,以便与他人共享。

  • Use unquoted object identifiers for tables, columns, and share names. Use only upper case and alphanumeric characters for object names to let listing consumers use the shared data objects without having to double-quote identifiers. See Identifier requirements.
  • Protect sensitive data in shared databases. Create secure views and use secure objects to control access to data. See Use secure objects to control data access
  • 您可以将已与使用者账户共享(例如通过直接共享)的共享添加到列表中。
  • A share can only be attached to one listing. If a share has already been attached to a listing, you cannot attach it to another listing, even if the listing has been deleted.
  • Do not use account-level roles to protect data, such as with a policy or a secure view definition. Auto-fulfillment does not replicate account-level roles. For more information about this restriction, see Auto-fulfillment for objects that depend on account roles. Instead, use database roles and the IS_DATABASE_ROLE_IN_SESSION system function. For more information, see Share data protected by a policy.

准备提供受限试用列表

A limited trial listing lets you offer either a sample of your data product as a free trial, giving consumers insight into what might be available from a full data product or limited time access to your full data product. Providers can set the availability period for limited trial listings from 1 to 90 days. For more information about limited trial listings, see Limited trial listings.

如您选择提供完整数据产品的样本,则样本数据产品最好提供完整数据产品中所含真实数据的子集,并通过以下方式代表完整数据产品:

  • 包含相同的列。
  • 包含数据中相同或相似的值范围和值分布。

受限试用列表包含一个数据词典,因此应能从您提供的样本数据产品中清晰地了解完整数据产品中数据的整体情况。

例如,如果贵公司是训犬和犬类美容公司,则可以考虑提供以下样本数据产品之一,并提供受限试用列表:

样本数据产品推荐样本数据产品示例完整数据产品示例
包含数据的特定完整属性的完整数据集。包含标准贵宾犬的最新美容见解。包含所有犬种的最新美容见解。
包含特定、已过时时间段的完整数据集。包含 2021 年 5 月起所有犬种的美容见解和价格。包含所有犬种的最新美容见解和价格。
包含代表完整数据产品的虚构数据。包含有关训练虚构的阿卡迪亚猎犬的最新见解和价格。包含有关训练所有犬种的最新见解和价格。

将完整数据产品的相关完整子集作为受限试用列表的样本数据产品提供,可帮助使用者了解您的完整数据产品的价值,也让他们更有可能申请完整数据产品。

限制试用使用者使用 Snowflake Native App 的功能

If you offer your Snowflake Native App on the Snowflake Marketplace as a limited trial listing and want to limit the functionality available to trial consumers, use the SYSTEM$IS_LISTING_TRIAL system function when creating secure views, secure UDFs, or Streamlit apps included in your Snowflake Native App.

使用系统函数来控制数据和 UDF 输出的可见性意味着您不必维护单独的应用程序包来将功能限制给试用使用者。

您可以限制以下各项的功能:

  • 安全视图
  • 安全的用户定义函数 (UDF)
  • 应用程序逻辑,例如安装脚本或 Streamlit 应用程序。

有关将数据内容或 UDFs 添加到应用程序包的更多信息,请参阅:

示例 1:在试用中将视图中的不同数据返回给使用者

To define a secure view that returns data only to consumers with access to the full version of your Snowflake Native App, you could use the following example code:

CREATE OR REPLACE SECURE VIEW limited_functionality_view
  AS
  SELECT *
    FROM db_name.schema_name.table_name
    WHERE SYSTEM$IS_LISTING_TRIAL() = false;

If a consumer that is trialing your Snowflake Native App attempts to query the view, they see no results.

示例 2:仅向非试用使用者显示安全 SQL UDF 的输出

To define a secure SQL UDF shared_function() that returns results only to consumers with access to the full version of your Snowflake Native App, you could use the following example code:

CREATE OR REPLACE SECURE FUNCTION schema_name.shared_function()
  RETURNS VARCHAR
  AS
  $$
    CASE
      WHEN SYSTEM$IS_LISTING_TRIAL() = FALSE
        THEN 'full product'
      ELSE 'trial'
    END
  $$;

In this example, if a consumer is trialing your Snowflake Native App, when they call the secure UDF they see the output trial.

示例 3:向试用使用者展示不同的 Streamlit UI

You can also call the system function inside of a Streamlit app to limit the functionality of your Streamlit app in a Snowflake Native App. For example, you can display one title in the UI to consumers that trial your Snowflake Native App, and another title to consumers with full access to your Snowflake Native App.

# Import python packages
import streamlit as st
from snowflake.snowpark.context import get_active_session

session = get_active_session()
# Here we assign result of our function to a variable
result = session.sql("SELECT SYSTEM$IS_LISTING__TRIAL()")

# Write directly to the app
if result:
  st.title("Enjoy your limited trial of this application!")
else:
  st.title("Welcome to the full version of this application!")

准备提供付费列表

Supported regions for feature

This feature is not available in the People’s Republic of China.

如果您想为列表收费,必须执行以下操作:

  1. Determine if you can offer paid listings. See Who can provide paid listings.
  2. Prepare the data to offer a trial of the data. See 为付费列表准备共享.
  3. Decide on the pricing plan that best fits your listing. See Paid listings pricing models to review the available pricing plans.

可以在何处发布付费列表

Only providers in certain regions can publish paid listings. See Who can provide paid listings.

In addition, paid listings can only be published to certain regions. See Supported consumer locations to see to which regions you can publish paid listings.

为付费列表准备共享

When you offer a paid listing on the Snowflake Marketplace, you must offer consumers the ability to trial the listing before they purchase it. Trials are optional for paid private listings. As part of the trial, you can limit consumers to specific data and functionality, a specific time period, or a combination.

If you choose to limit trial consumers to specific data and functionality, create a single share for your paid listing and use secure views and a system function provided by Snowflake, SYSTEM$IS_LISTING_PURCHASED, to control which data is visible to trial consumers and which data is available only to paying consumers.

Note

如果您的列表包含安全的用户定义函数 (UDF),则无法限制 UDF 的可见性。列表的付费客户和试用客户均可安全查看 UDF。

请参阅以下示例,创建自己的安全视图,以便向付费使用者和试用使用者显示不同的数据。

如果您想允许试用使用者在限定时长内使用列表中的所有数据,请勿在共享的视图定义中使用 SYSTEM$IS_LISTING_PURCHASED 函数。

示例 1:基于账户购买状态返回数据

创建选择表中全部列的安全视图。只有在已购买付费列表的使用者账户中执行查询时,该视图才会返回行。

CREATE SECURE VIEW paid_v
  AS
  SELECT
    *
  FROM
    paid_t
  WHERE
    SYSTEM$IS_LISTING_PURCHASED() = TRUE;

示例 2:基于账户购买状态返回部分行

Create a secure view that returns a subset of rows based on the boolean value of a specific column in the data. In this example, the underlying table contains a column named is_free that is used to determine which data to show to which consumers.

Some rows have is_free set to TRUE, indicating that the data in those rows can be shown to trial consumers. Other rows have is_free set to FALSE, indicating that the data in those rows should be shown only to paying consumers.

This example view is set up to return all rows only when it is queried by a consumer account that has purchased the paid listing, otherwise it returns only the rows where is_free is set to TRUE.

CREATE SECURE VIEW paid_v
  AS
  SELECT
    *
  FROM
    paid_t
  WHERE
    is_free
    OR
    SYSTEM$IS_LISTING_PURCHASED() = TRUE;

示例 3:基于账户购买状态仅返回最新行

创建一个安全视图,仅将过去 7 天的行返回给处于试用期但尚未购买付费列表的使用者账户。

此示例使用具有时间戳数据类型的列来筛选数据,但可以在安全视图定义中使用其他列数据类型。

CREATE SECURE VIEW paid_v
  AS
  SELECT *
  FROM
    paid_t
  WHERE
    (timestamp > current_timestamp() - interval '7 days')
    OR
    SYSTEM$IS_LISTING_PURCHASED() = TRUE;

验证付费数据和试用数据的安全视图

准备好安全视图后,模拟付费和试用使用者账户的体验,验证您的设置是否正确。对安全视图运行查询,以确认每种类型的使用者访问的数据均符合预期。

Important

这种方法无法验证使用者能否安全地访问数据。此方法仅验证对于使用者而言,共享能否按预期运作。

To validate your shares, execute a query against a secure view using SHARE_CONTEXT(SYSTEM$IS_LISTING_PURCHASED):

EXECUTE USING SHARE_CONTEXT(SYSTEM$IS_LISTING_PURCHASED=>{ 'TRUE' | 'FALSE' })
  AS <query>

其中:

  • SYSTEM$IS_LISTING_PURCHASED specifies whether you want to validate as a paid consumer, or as a trial or unpaid consumer. The valid values are:

    • TRUE, to validate the share as a paid consumer.
    • FALSE, to validate the share as a trial or unpaid consumer.

  • <query> is the SQL query that you want to run against the secure view.

使用该命令运行查询时,将以使用者身份对共享执行查询。

For example, suppose you have a share that you want to validate. Your share includes a secure view named PURCHASED_VIEW, which protects all data from a table named SHARE_TABLE. You want to validate that the data can be accessed only by a consumer that purchased the listing.

要确认试用使用者无法访问安全视图中的任何数据,请运行以下查询:

EXECUTE USING share_context(system$is_listing_purchased=>'FALSE')
  AS
    SELECT
      *
    FROM
      example_database.example_schema.PURCHASED_VIEW

如果安全视图按预期运行,并且试用使用者无法访问任何数据,此查询将返回以下响应:

Query produced no results

要确认付费使用者有权访问数据,请运行以下查询:

EXECUTE USING share_context(system$is_listing_purchased=>'TRUE')
  AS
    SELECT
      *
    FROM
      example_database.example_schema.PURCHASED_VIEW

If the secure view works as expected, your query returns all of the columns and rows in SHARE_TABLE, the desired outcome for paid consumers.

为在其他区域共享准备列表

配置列表时,您可以选择在不同的区域提供列表。要在其他区域提供列表,需要复制数据。

考虑复制数据所需的时间和相关费用。

  • For a listing in the Snowflake Marketplace, you can choose which regions to make your listing available in. When you do, you can manually replicate the data or use auto-fulfillment to make your product available to consumers that get your listing. See Manually replicate data to fulfill a listing request or Auto-fulfillment for listings for more details.
  • For a private listing, you need to share your listing to the regions where your consumer’s accounts are. You use auto-fulfillment to replicate the product to the consumers that get your listing. See Auto-fulfillment for listings for more details.

All cross-region data sharing at Snowflake uses Snowflake’s data replication functionality. See Share data securely across regions and cloud platforms.