跨多个账户的复制和故障转移简介

This feature enables the replication of objects from a source account to one or more target accounts in the same organization. Replicated objects in each target account are referred to as secondary objects and are replicas of the primary objects in the source account. Replication is supported across regions and across cloud platforms.

对复制和故障转移/故障回复的区域支持

Amazon Web Services、Google Cloud Platform 和 Microsoft Azure 上的所有 Snowflake 区域都支持复制。

Customers can replicate across all regions within a region group. To replicate between regions in different region groups, (i.e. from a Snowflake commercial region to a Snowflake government or Virtual Private Snowflake region), please contact Snowflake Support.

复制组和故障转移组

复制组 是源账户中定义的对象集合，这些对象可作为复制到一个或多个目标账户的单元。复制组为复制对象提供只读访问权限。

故障转移组 是一个也能进行故障转移的复制组。目标账户中的辅助故障转移组提供为复制对象提供只读访问。当辅助故障转移组提升为主要故障转移组时，可提供读写访问。故障转移组中允许使用的账户列表中指定的任何目标账户都可以提升为主要故障转移组。

Replication and failover groups provide point-in-time consistency for the objects on the target account. The objects that can be included in a replication or failover group are listed below in 复制对象.

复制功能/版本矩阵

请注意，某些复制功能仅适用于 Business Critical Edition（或更高版本）。下表列出了每个 Snowflake 版本复制功能的可用性：

复制对象

This feature supports replicating the objects listed below. Database replication and share replication are available on all editions. Replication of all other objects is only available for Business Critical Edition (or higher). For details on feature availability, see the 复制功能/版本矩阵.

数据库复制

Snowflake account replication supports replicating databases. Replication for a database includes the objects contained in that database. The refresh operation for a database includes changes to the objects and data since the previous refresh for that database.

If roles are replicated (in the same or different replication or failover group), the database refresh also synchronizes the privilege grants on the secondary database and the objects in the database (schemas, tables, views, etc.) to roles in the account. Refer to 数据库对象的授权 for more details.

Replication of some databases is not supported or might fail the refresh operation. For more information, see 当前复制的局限性.

复制数据库对象

复制主数据库时，其数据库对象和数据的快照将传输到辅助数据库。但是，某些数据库对象不会被复制。下表列出了会复制到辅助数据库的数据库对象。

For specific usage information about these objects, see Replication considerations.

数据库复制和加密

Snowflake protects metadata and data sets at rest and in transit between the source and target accounts. The account master key (https://csrc.nist.gov/glossary/term/master_key) (AMK) encrypts the key hierarchy within the account as shown in the hierarchical key model. Snowflake encrypts replicated data in the target account using the account master key and the key hierarchy in the target account, regardless of whether you enable Tri-Secret Secure in the target account.

When you enable Tri-Secret Secure in the target account, Snowflake uses the composite master key and the corresponding key hierarchy in the target account to encrypt the data. Note that target accounts do not have Tri-Secret Secure enabled by default; you must enable this feature.

For more information about data encryption in Snowflake, see Understanding end-to-end encryption in Snowflake.

External volume replication¶

Iceberg tables rely on external volumes, which are account-level objects that require extra configuration to connect to your external cloud storage. Before you can replicate an Iceberg table, you must configure replication for external volumes. Account replication supports the replication of external volumes. For more information about replicating external volumes and Snowflake-managed Iceberg tables, see Configure replication for Snowflake-managed Apache Iceberg™ tables.

For more information about external volumes, see External volume.

集成复制

账户复制支持复制以下功能的集成：

• 以下类型的安全集成：

  • 联合身份验证和 SSO（即 SAML2）
  • SCIM
  • Snowflake OAuth
  • External OAuth

  For more information about security integrations, see Replication of security integrations & network policies across multiple accounts.

• API 集成。

  After replicating API integrations to a target account, you must grant access to the remote service to the replicated external functions. For more information, see Updating the remote service for API integrations.

• 以下类型的通知集成：

  • TYPE = EMAIL
  • TYPE = QUEUE 和 DIRECTION = OUTBOUND
  • TYPE = WEBHOOK

• 存储集成。

  When you replicate a storage integration, you must establish a new trust relationship for your cloud storage in the target accounts. To learn more, see Configure cloud storage access for secondary storage integrations.

• 外部访问集成。

  For more information about external access integrations, see External network access overview.

Listing replication¶

For listings that have auto-fulfillment enabled, this feature allows you to add the listings and (optionally) their shares to a failover group for replication and failover.

For more information, see Listing support in Business Continuity and Disaster Recovery.

网络策略复制

此功能支持复制网络策略。

For more information, see Replication of security integrations & network policies across multiple accounts.

参数复制

This feature supports replicating account-level parameters and object parameters. Object parameters are replicated when the object is included in the replication group. For example, if WAREHOUSES are replicated, warehouse-specific parameters (e.g. STATEMENT_TIMEOUT_IN_SECONDS) are replicated. For a full list, see Object parameters.

Account-level parameter replication includes all Account parameters and parameters set on the account. Account-level parameters (e.g. DATA_RETENTION_TIME_IN_DAYS) are replicated when ACCOUNT PARAMETERS is included in the list of object types for a replication group.

Profile¶

This feature supports adding profiles to a failover group. For more information about provider profiles, see Manage your provider profile.

资源监视器复制

此功能支持将资源监视器和资源监视器上授予的权限复制到角色。辅助资源监视器遵循与其主资源监视器相同的配额重置计划。例如，如果主资源监视器上的配额在当月的 1 日重置，并且辅助资源监视器在当月的 15 日首次复制，则其配额将在下个月 1 日与主资源监视器一起重置。

复制资源监视器电子邮件通知设置

资源监视器复制中不包含资源监视器的电子邮件通知设置。非管理员用户的电子邮件通知可以使用资源监视器复制。但是，目前无法复制账户管理员通知设置：

• If users and resource monitors are included in the object_types list for the replication or failover group, notification settings for non-administrator users are replicated:

  • The notify_users list for a warehouse-level resource monitor is replicated to target accounts.
  • Email notifications for non-administrator users are sent on the target account.

• If resource monitors is included in the object_types list for the replication or failover group, but users is not included, the notify_users list for a secondary warehouse-level resource monitor is empty.

• 不 复制账户管理员通知设置：

  • An account administrator must enable email notifications in each account using the web interface.
  • Resource monitor notifications are sent to account administrators if they have enabled email notifications in the source and/or target accounts.

角色复制

This feature supports replicating roles, including role hierarchies. Role objects must be replicated to replicate access privileges. Replicated access privileges are listed in 角色和授权的复制 below.

共享复制

此功能支持复制共享对象以及授予数据库对象共享的访问权限。

Replication of inbound shares (shares from providers) is not supported.

Backup replication for database, schema, and table backups¶

The Snowflake backups feature lets you encapsulate a series of backups for a specific database, schema, or table inside an object known as a backup set. You can optionally control the schedule of automatic backups and automatic deletion of backups after an expiry period by applying a backup policy to the backup set. Backup sets and backup policies are database-level objects. Snowflake replicates those objects along with the databases and schemas that contain them.

For information about how Snowflake replicates backup sets and backup policies, see Replicate backup-related objects.

用户复制

此功能支持将用户及其属性复制到目标账户、以下用户身份验证方法，以及支持使用 SCIM 配置用户和组：

仓库复制

This feature supports replicating warehouses, including interactive warehouses. Snowflake also replaces privileges granted on warehouses to roles (if roles are replicated). The state of the primary warehouse is not replicated. Warehouses are replicated in the suspended state to each target account and can be resumed in the target account.

Workspaces replication¶

Shared workspaces are replicated when they are included in a database that is part of a replication or failover group. Private workspaces are replicated when their owning users are replicated. In secondary (target) accounts, replicated content is read-only; Workspace files (including SQL files, Notebook files, and so on) are executable but cannot be edited.

数据集复制

Account replication supports replicating Datasets. Datasets are materialized data objects that you use with Snowflake ML. For usage information, see Snowflake Datasets. Replication is supported for Datasets created starting with the General Availability of the Dataset replication feature. For the release announcement, see Mar 20, 2025: Snowflake Datasets (General availability).

共享复制

此功能支持复制网络策略。

For more information, see Replicate a Cortex Search Service.

角色和授权的复制

In order to replicate grants on objects to roles, roles must be replicated from the source account to the target account. To replicate roles in a replication or failover group, you must include roles in the object_types list. Roles can be in a separate replication or failover group from the data objects on which the privileges are granted.

When roles are replicated, grants on objects are only replicated to a target account if:

• The privilege was granted by the owner of the object or indirectly by a role that was granted the privilege with the WITH GRANT OPTION parameter by the owner of the object.
• 权限授予的被授予者和授予者角色都位于目标账户中。
• The object is replicated (i.e. the object type is included in the object_types list).

否则，系统不会复制对象的授权。

For information about replicating secondary roles and session policies, see Session policies with secondary roles.

数据库对象的授权

If roles and databases are replicated to a target account (in the same or different replication or failover group), refreshing a secondary database synchronizes the privilege grants on the database and the objects in the database (schemas, tables, views, etc.) to existing roles in the target account (i.e. roles that have been replicated to the target account). Note that only privilege grants on objects supported by database replication are synchronized. For the list of supported objects, see 复制数据库对象.

目前不支持外部表复制。因此，外部表的授权也不会被复制。

对象的未来授权

If roles are replicated to the target account, future grants that are granted at the database or schema level are replicated to the target account. This also includes future grants on non-replication supported objects. For example, external table replication is not yet supported, however future grants on external tables are replicated. When you create an external table in a target account, the privileges granted on future external tables materialize as intended.

对象创建和所有权

If new objects are created in a target account during a refresh from the source account, and roles are not replicated to the target account, the OWNERSHIP privilege for the new objects is granted to the GLOBALORGADMIN role.

如果将角色复制到目标账户，则下一次复制角色时，目标账户上的 OWNERSHIP 权限将授予与源账户中拥有 OWNERSHIP 权限的角色相同的角色。如果对象和角色在同一个复制（或故障转移）组中，则可以在目标账户中创建新对象的同时复制角色。

共享的授权

In order to enable secure data sharing, grants on objects to shares are replicated even if roles are not replicated to target accounts. This section provides information on how grants on objects to shares are replicated.

If roles are replicated from the source account to the target account, grants to objects on shares are replicated if:

• The grantor role exists in the target account or
• 源账户中的授予者角色具有主对象的 OWNERSHIP 权限。

If roles are not replicated from the source account to the target account, then:

• 将对象授权复制到共享。
• 复制到共享的对象上的授予者角色是对该对象拥有 OWNERSHIP 权限的角色。

刷新目标账户中对象的用户

A user who executes the ALTER FAILOVER GROUP … REFRESH command to refresh objects in a target account from the source account must use a role with the REPLICATE privilege on the failover group. Snowflake protects this user in the target account by failing in the following scenarios:

• 如果源账户中不存在该用户，则刷新操作失败。
• 如果源账户中存在该用户，但未向该用户授予具有 REPLICATE 权限的角色，则刷新操作失败。

复制计划

As a best practice, Snowflake recommends scheduling automatic refreshes using the REPLICATION_SCHEDULE parameter. The schedule can be defined when creating a new replication or failover group with CREATE <object> or later (using ALTER <object>).

当您创建辅助复制或故障转移组时，Snowflake 会自动执行初始刷新。下一次刷新是根据上一次刷新的开始时间和调度间隔或基于 cron 表达式的下一次有效时间来调度的。例如，如果刷新计划间隔为 10 分钟，且上一次的刷新操作（计划刷新或手动触发刷新）开始时间为 12:01，则下一次刷新的计划时间为 12:11。

Snowflake 会确保在任何给定时间仅执行一次刷新。如果在计划下一次刷新时，刷新仍在执行，则下一次刷新将延迟到当前执行的刷新完成时开始。例如，如果计划每小时后 15 分钟执行一次刷新，而之前的刷新在 12:16 完成，则下一次刷新将在之前执行的刷新完成后执行。

暂停和恢复计划的复制

A secondary failover group cannot be promoted to the primary group while a refresh is executing. To fail over gracefully, suspend scheduled replication in the target account. After the failover is completed, resume the scheduled replication. For more information, see ALTER FAILOVER GROUP.

复制到较低版本的账户

如果满足以下任一条件，Snowflake 将会显示错误消息：

• A primary replication group with only database and/or share objects is in a Business Critical (or higher) account but one or more of the accounts approved for replication are on lower editions. Business Critical Edition is intended for Snowflake accounts with extremely sensitive data.
• A primary replication or failover group with any object types is in a Business Critical (or higher) account and a signed business associate agreement is in place to store PHI data in the account per HIPAA and HITRUST CSF regulations. However, no such agreement is in place for one or more of the accounts enabled for replication, regardless if they are Business Critical (or higher) accounts.

实施此行为是为了防止 Business Critical（或更高版本）账户的账户管理员无意中将敏感数据复制到较低版本的账户。

An account administrator (a user with the ACCOUNTADMIN role) or a user with a role with the CREATE REPLICATION GROUP/CREATE FAILOVER GROUP or OWNERSHIP privilege can override this default behavior by including the IGNORE EDITION CHECK clause when executing the CREATE <object> or ALTER <object> statement. If IGNORE EDITION CHECK is set, the primary replication or failover group may be replicated to the specified accounts on lower Snowflake editions in these specific scenarios.

当前复制的局限性