Published

Vanna.ai Enterprise Integration with Google Cloud Platform

How to use Vanna.ai with Google Cloud Platform

Vanna.ai Integration with Google Cloud Platform: Natural Language Access to BigQuery Data

Executive Summary

Vanna.ai democratizes data access by enabling natural language queries of BigQuery data through Google Cloud Platform (GCP) services. This solution maintains enterprise security through end-user authentication, ensuring that existing BigQuery permissions and row-level security are preserved while providing an intuitive interface for business users to access their data.

Business Value and Benefits

Democratized Data Access

  1. Natural Language Interface

    • Ask questions in plain English, Spanish, Portuguese, etc.
    • No SQL knowledge required
    • Immediate access to insights
    • Examples:
      • "What were our total sales by region last quarter?"
      • "Show me customer churn rates over the past 12 months"
      • "Which products had the highest profit margin in Q4?"

  2. Increased Business User Productivity

    • Self-service analytics capabilities
    • Reduced dependency on data teams
    • Faster time to insight
    • Direct access to required data
    • Ability to explore data independently

  3. Better Decision Making

    • Real-time access to data insights
    • Quick validation of business hypotheses
    • Data-driven decision support
    • Reduced time from question to answer
    • Enhanced data exploration capabilities

Business Benefits

Enterprise Security and Compliance

Native Security Integration

Vanna.ai leverages Google Cloud's native security model through end-user authentication:

  • Users can only access data they already have permission to see in BigQuery
  • All existing BigQuery permissions are automatically enforced
  • Row-level security policies are automatically inherited
  • Queries execute under the end user's credentials

Security Benefits

  1. Inherited Access Controls

    • BigQuery permissions carry over automatically
    • No separate permission management required
    • Row-level security remains enforced
    • Column-level security is maintained

  2. Authentication and Authorization

    • Secure OAuth 2.0 integration
    • End-user credential validation
    • Automatic session management
    • Audit trail maintenance

  3. Compliance and Governance

    • Maintains existing data governance
    • Preserves audit capabilities
    • Ensures regulatory compliance
    • Supports data privacy requirements

Administrative Benefits

GCP Admin

  1. Centralized Management

    • Monitor query patterns
    • Track usage metrics
    • Manage user access
    • Optimize performance

  2. Training and Improvement

    • Review query history
    • Update training examples
    • Customize responses
    • Enhance accuracy

  3. Cost Control

    • Monitor resource usage
    • Optimize query performance
    • Control access patterns
    • Manage computational resources

GCP Monitoring

Technical Implementation

System Architecture

The integration leverages several GCP components to provide a secure and scalable solution:

  1. Core Components

    • Cloud Run for serverless deployment
    • BigQuery for data storage and querying
    • Firestore for session management
    • OAuth 2.0 for authentication

  2. Security Architecture Security Architecture

Implementation Requirements

  1. Prerequisites Prerequisites

  2. Service Configuration Service Configuration

Deployment Process

  1. Enable Required APIs 

    # Enable Cloud Run API
gcloud services enable run.googleapis.com

# Enable Firestore API
gcloud services enable firestore.googleapis.com

  2. Deploy to Cloud Run 

    gcloud run deploy vanna-ai \
--image=us-central1-docker.pkg.dev/{provided-by-vanna-ai}:latest \
--region=us-central1 \
--allow-unauthenticated

  3. Environment Configuration Required variables: 

    BASE_URL: Cloud Run service URL
PROJECT_ID: GCP project identifier
GEMINI_API_KEY: API key for Gemini
GOOGLE_OAUTH_CLIENT_CONFIG: OAuth client configuration
FLASK_SECRET_KEY: Session encryption key

Conclusion

Vanna.ai's integration with GCP provides a secure and user-friendly natural language interface to BigQuery data. By leveraging end-user authentication and existing security policies, organizations can democratize data access while maintaining strict security and governance controls.

Note: This white paper reflects configurations as of December 2024. Please consult current documentation for any updates or changes to services and features.

Vanna Logo Vanna.AI

The fastest way to get insights from your database just by asking questions

Get Help on Discord Star on GitHub