Codd AI Logo
Codd AI ®
Technical Architecture

Deploying Codd on Snowpark Container Services: Bringing SaaS and Data Together

Deploying Codd on Snowpark Container Services: Bringing SaaS and Data Together

Enterprises today are facing a dual challenge:

Data Gravity → Business-critical data increasingly lives in Snowflake. Moving it around adds latency, cost, and risk.

Analytics Demand → Teams want faster, AI-powered insights delivered seamlessly across tools and workflows.

Most analytics SaaS products solve one problem by creating another: they pull your data out of Snowflake into their environment. This adds operational overhead, compliance concerns, and governance gaps.

At Codd, we believe there's a better way.

Instead of moving your data to us, we bring our solution to your data.

That's why Codd runs in a hybrid model:

  • Codd SaaS (in AWS, GCP, Azure) powers orchestration, management, and global scale.
  • Codd Extension Services run inside Snowpark Container Services (SPCS), within your Snowflake environment, for workloads that need direct data or LLM access.

This model combines the best of both worlds: the reach of SaaS and the security and performance of Snowflake-native execution.

The Hybrid Architecture

Codd AI Hybrid Architecture with Snowpark Container Services Codd's hybrid architecture: SaaS orchestration meets Snowflake-native execution

Codd SaaS (AWS, GCP, Azure)

  • Manages control plane functions: orchestration, configuration, monitoring, scaling
  • Provides APIs and UI for administration
  • Runs across multiple clouds to support global users

Codd Extension Services (Snowpark Container Services)

  • Deployed directly inside your Snowflake account
  • Execute workloads that require direct access to Snowflake data or Snowflake-hosted LLMs
  • Benefit from Snowflake's elasticity and containerized execution

Snowflake Native Services

  • Databases, governance, and Snowflake-hosted LLMs
  • Invoked directly by Codd extension services, ensuring minimal latency and data residency

Why Run Extension Services in Snowpark Container Services?

Many SaaS platforms rely on extracting data from Snowflake into their own cloud environments. This creates three issues:

  • Latency → Queries and results must travel across networks
  • Compliance challenges → Sensitive data may cross organizational or regulatory boundaries
  • Operational complexity → Pipelines, replication, and synchronization become overhead

By contrast, Codd deploys its extension services inside Snowflake via SPCS:

  • Direct Data Interaction → Services query Snowflake data natively, without replication
  • LLM Proximity → Snowflake-hosted LLMs are accessed directly from inside Snowflake, reducing query-to-answer times
  • Data Security → Since data never leaves the Snowflake Data Cloud, enterprises maintain maximum protection and compliance with data residency and security requirements
  • Operational Efficiency → No extra pipelines or data duplication — execution happens exactly where the data already resides

This approach allows Snowflake customers to gain the speed and accuracy of AI-driven analytics while maintaining the security and simplicity of their existing data platform.

Secure Cross-Cloud Communication

Running in both SaaS and SPCS requires secure, auditable service-to-service communication. For example:

  • A Codd SaaS service (running in AWS, GCP, or Azure) may need to call a Codd extension service in SPCS
  • The SPCS service may, in turn, call Snowflake-native services like hosted LLMs or databases

This is enabled by a JWT + OAuth token exchange pattern:

  1. JWT Creation → Codd SaaS generates a JWT signed with a Snowflake-registered key pair
  2. OAuth Exchange → Snowflake OAuth service exchanges the JWT for a short-lived token
  3. Token Enforcement → The token scopes access to the SPCS service, ensuring secure, time-limited calls
  4. Execution Inside Snowflake → The Codd service in SPCS validates the token and executes within Snowflake's security boundary

Secure OAuth Token Exchange Pattern JWT + OAuth token exchange enables secure cross-cloud communication

Benefits of this model:

  • No static secrets → Tokens expire quickly, reducing risk
  • End-to-end traceability → All calls are logged and auditable within Snowflake
  • Cross-cloud interoperability → SaaS ↔ Snowflake services connect securely regardless of which public cloud SaaS runs on

The Best of Both Worlds

This hybrid architecture delivers three major benefits:

Global SaaS Orchestration

  • Multi-cloud reach across AWS, GCP, and Azure
  • Centralized control plane for monitoring, scaling, and administration

Snowflake-Native Execution

  • Services run inside Snowflake for low-latency, governed workloads
  • Securely access Snowflake data and LLMs without leaving the Snowflake environment

Data Security First

  • Sensitive data never moves outside of the Snowflake Data Cloud
  • Customers maintain control and compliance, while still gaining Codd's AI-powered capabilities

What Codd as a Solution Can Do

Architecture aside, what matters most is the value Codd delivers to your business. With SaaS + SPCS working together, Codd enables:

Semantic Data Models

  • Automatically generate business-ready semantic data models
  • Enrich raw technical schemas with business definitions, hierarchies, and relationships
  • Keep models up to date as your data evolves

Autonomous Business Metrics

  • Define and govern KPIs once, then use them everywhere
  • Automatically generate metrics aligned with business goals
  • Eliminate inconsistent definitions across BI tools

Conversational Analytics

  • Ask questions in plain English
  • Codd translates them into Snowflake-native queries
  • Business users get answers instantly, without SQL

LLM Integration

  • Leverage Snowflake-hosted LLMs for contextual reasoning, explanations, and insights
  • Keep sensitive data securely within Snowflake
  • Combine semantics + generative AI for more accurate answers

BI & Tool Integration

  • Connect seamlessly with Tableau, Power BI, Looker, or Model Context Protocol (MCP) clients
  • Ensure metrics and models are consistent across all consumption layers

Trust & Data Security

  • All execution happens inside the Snowflake Data Cloud
  • Data never leaves Snowflake, maintaining security and compliance
  • Every action is logged, auditable, and tied to Snowflake's governance model

Conclusion

By deploying Codd SaaS globally and Codd extension services inside Snowpark Container Services, we offer Snowflake customers a unique model:

  • The scalability of SaaS (AWS, GCP, Azure)
  • The security and performance of Snowflake-native execution
  • The intelligence of GenAI-powered semantic modeling and metrics

The result is a semantic intelligence layer that transforms your raw data into governed, business-ready knowledge, delivered through natural language, BI tools, or AI-powered applications.

Don't take your data to the solution. Take the solution to your data — and let Codd turn it into knowledge.

Ready to explore Codd AI on Snowflake? Schedule your session now.