US 12,411,863 B1
Privately sharing database data across provider network regions
Naresh Chainani, Mountain View, CA (US); Jingyi Qing, Newcastle, WA (US); Dengfeng Li, Sunnyvale, CA (US); John Thomas, Redwood City, CA (US); Ippokratis Pandis, Menlo Park, CA (US); Eric Ray Hotinger, Redmond, WA (US); William Michael McCreedy, Berlin (DE); Vivek Ramamoorthy, Sammamish, WA (US); Monish Gupta, Cupertino, CA (US); Naga Raju Bhanoori, Santa Clara, CA (US); Sushim Mitra, Sunnyvale, CA (US); Mohammad Foyzur Rahman, Newark, CA (US); and Pavel Sokolov, Menlo Park, CA (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Dec. 10, 2021, as Appl. No. 17/548,414.
Int. Cl. G06F 16/25 (2019.01); G06F 16/22 (2019.01); G06F 16/2452 (2019.01); G06F 16/2457 (2019.01)
CPC G06F 16/258 (2019.01) [G06F 16/2282 (2019.01); G06F 16/24524 (2019.01); G06F 16/24573 (2019.01); G06F 16/252 (2019.01)] 20 Claims
OG exemplary drawing
 
1. A system, comprising:
a plurality of computing devices, respectively comprising at least one processor and a memory, that implement a database service of a provider network;
wherein the database service comprises a control plane, a producer database engine, and a consumer database engine;
wherein the control plane is configured to:
receive a request to share read-only access to a database managed by a producer database engine hosted in a first region of the provider network with a consumer database engine hosted in a second region of the provider network; and
associate the database with the consumer database engine to confirm the shared read-only access;
wherein the consumer database engine, is configured to:
receive a request to create the database as an external database accessible via the consumer database engine;
create the database as the external database;
obtain, using private network communications through respective control plane proxies hosted separately from the producer database engine and the consumer database engine in different logically isolated networks from further logically isolated networks of the producer database engine and the consumer database engine in the first region and the second region of the provider network with cross-region access to provide indirect communication between the producer database engine and the consumer database engine in accordance with the association established in the control plane between the database and the consumer database engine, metadata from the producer database engine and an access credential to access the database, wherein the metadata comprises respective schemas of one or more database tables and respective statistics descriptive of content of the one or more database tables, and wherein the cross-region access between the first region and the second region is performed via a virtual traffic hub that connects the different logically isolated networks for communicating metadata across regions using the respective control plane proxies; and
use the metadata and the access credential to perform a query to the external database.