| CPC G06F 21/6218 (2013.01) | 20 Claims |
|
1. A method comprising:
receiving, from a client device at a control plane configured as a virtual private cloud accessible by multiple users of a data analytics system, a first query request to perform operations on data accessible by one or more data resources;
performing an authorization check on whether a user of the client device is authorized to access the one or more data resources;
responsive to the authorization check, generating, by the control plane, an access token based on the first query request, wherein the access token is a token that contains authorization information indicating the one or more data resources the user of the client device is allowed to access;
transmitting, by the control plane, the access token to the client device;
receiving, from the client device at a data plane associated with the user of the client device, a second query request to perform operations on the data, wherein the second query request comprises the access token and the data plane is configured as a separate virtual private cloud from the control plane virtual private cloud;
in response to validating the access token for the second query request, executing, by computing resources in the data plane, the second query request by at least accessing the one or more data resources to generate results for the second query request; and
transmitting the results for the second query request to the client device.
|