US 12,411,932 B2
Providing access control for policies
Srilakshmi Chintala, Seattle, WA (US); Albert L. Hu, Seattle, WA (US); Ziliang Zhang, San Mateo, CA (US); and Igor Zinkovsky, Redmond, WA (US)
Assigned to Snowflake Inc., Bozeman, MT (US)
Filed by Snowflake Inc., Bozeman, MT (US)
Filed on Aug. 1, 2023, as Appl. No. 18/363,322.
Application 18/363,322 is a continuation of application No. 18/194,407, filed on Mar. 31, 2023, granted, now 11,762,978.
Prior Publication US 2024/0330430 A1, Oct. 3, 2024
Int. Cl. H04L 29/06 (2006.01); G06F 21/44 (2013.01); G06F 21/53 (2013.01)
CPC G06F 21/44 (2013.01) [G06F 21/53 (2013.01); G06F 2221/2141 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, by at least one hardware processor, code from a user to perform an operation in a sandbox environment;
receiving a packages policy including allowed items and restricted items, the packages policy providing an access control list;
comparing the allowed items and the restricted items to a specification that comprises metadata about packages available in a package repository;
determining one or more differences based on the comparing, the determining of the one or more differences comprising filtering the metadata according to the packages policy;
determining whether to permit the code to perform the operation based on the one or more differences by instantiating a sandbox process to execute the operation in the sandbox environment; and
transmitting, to a user device associated with the user, a message identifying the one or more differences, the message comprising an explanation associated with whether to permit the code to perform the operation based on the one or more differences.