US 11,899,685 B1
Dividing authorization between a control plane and a data plane for sharing database data
Ippokratis Pandis, Menlo Park, CA (US); Jingyi Qing, Newcastle, WA (US); Dengfeng Li, Sunnyvale, CA (US); Pavel Sokolov, Menlo Park, CA (US); Eric Ray Hotinger, Redmond, WA (US); Mohammad Foyzur Rahman, Newark, CA (US); William Michael McCreedy, Berlin (DE); Wenchuan An, Cherrybrook (AU); Vivek Ramamoorthy, Sammamish, WA (US); Chenqin Xu, Bellevue, WA (US); and Maximiliano Maccanti, Redmond, WA (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Dec. 10, 2021, as Appl. No. 17/548,406.
Int. Cl. G06F 16/00 (2019.01); G06F 16/27 (2019.01); G06F 16/21 (2019.01); G06F 16/25 (2019.01)
CPC G06F 16/27 (2019.01) [G06F 16/217 (2019.01); G06F 16/252 (2019.01)] 20 Claims
OG exemplary drawing
 
1. A system, comprising:
one or more computing devices, respectively comprising a processor and a memory, that implement a control plane for a database service, wherein the control plane is configured to:
authorize a database to be shared with a consumer database engine to perform queries to the database received at the consumer database engine via an interface of a data plane, wherein to authorize the database to be shared, the control plane is configured to:
perform a request from a producer database engine for the database in the database service to propose authorization of the database to be shared with a consumer;
perform a request received via a control plane interface to confirm the authorization of the database to be shared with the consumer, wherein the request provides the confirmation of the authorization of the database; and
perform a request received via the control plane interface to associate the consumer database engine in the data plane with the consumer to provide the consumer database engine with the authorization to access the database.