US 11,057,491 B1
Remote execution using a global identity
Khalid Zaman Bijon, Santa Cruz, CA (US); Damien Carru, New York, NY (US); Christopher Peter Child, Tiburon, CA (US); Eric Karlson, Alameda, CA (US); and Zheng Mi, Palo Alto, CA (US)
Assigned to Snowflake Inc., San Mateo, CA (US)
Filed by Snowflake Inc., San Mateo, CA (US)
Filed on Jul. 17, 2020, as Appl. No. 16/931,808.
Int. Cl. H04L 29/08 (2006.01); G06F 9/54 (2006.01); H04L 29/06 (2006.01); G06F 21/31 (2013.01); H04L 12/24 (2006.01)
CPC H04L 67/306 (2013.01) [G06F 9/547 (2013.01); G06F 21/31 (2013.01); H04L 41/50 (2013.01); H04L 41/5041 (2013.01); H04L 63/08 (2013.01); H04L 63/0815 (2013.01); H04L 63/102 (2013.01); H04L 63/20 (2013.01); H04L 67/02 (2013.01); H04L 67/10 (2013.01); H04L 67/1097 (2013.01); H04L 67/2861 (2013.01); H04L 67/32 (2013.01)] 27 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, by one or more processors, login information for a global identity;
based on the login information, authenticating the global identity by creating a one-way trust relationship within an organization;
establishing a login session providing access to a plurality of accounts associated with the organization based on the one-way relationship;
receiving a command to execute an operation;
determining that the command involves performing a plurality of tasks using the plurality of accounts;
from the login session associated with the global identity, performing a first task of the plurality of tasks using a first account from the plurality of accounts by establishing a first remote session having a first remote session ID with a deployment associated with the first account using a first proxy user associated with the global identity;
from the login session associated with the global identity, performing a second task of the plurality of tasks using a second account from the plurality of accounts by establishing a second remote session having a second remote session ID with a deployment associated with the second account using a second proxy user associated with the global identity;
receiving results from the first and second remote sessions; and
combining the results received from the first and second remote sessions to provide a final result for executing the operation.