Network Boundaries
External access
Section titled “External access”AIQu VEIL has no external network access.
| Control | Status |
|---|---|
| External access integrations | None configured |
| Egress rules | None configured |
| Public endpoints | None. Both services use internal SPCS endpoints only. |
| Inbound connections | None. Services are not reachable from outside the Snowflake account. |
Inter-service communication
Section titled “Inter-service communication”The app runs two SPCS services: an encoding service and a training service. They communicate over Snowflake’s internal SPCS DNS within the app_runtime schema.
| Path | Protocol | Authentication |
|---|---|---|
| Query → encoding service | HTTP via service-bound function | Snowflake session context (masking policy execution) |
| Training dispatch | HTTP via service-bound function | Snowflake session context (procedure execution) |
| Model reload signal | HTTP POST /reload | Bearer token (VEIL_RELOAD_TOKEN environment variable) |
| Training data read | Snowpark SQL | SPCS OAuth token |
Authentication and authorization
Section titled “Authentication and authorization”| Control | Detail |
|---|---|
| Consumer access | Two application roles: app_user (query views, call encode) and app_admin (all procedures) |
| Inter-service auth | Bearer token on /reload endpoint, injected via environment variable |
| Training service auth | SPCS OAuth token at /snowflake/session/token |
| Procedure execution | All stored procedures: explicit EXECUTE AS OWNER |
| Consumer credentials | Never requested or accepted |
Container security
Section titled “Container security”Three container images, all running as non-root users.
| Container | Purpose |
|---|---|
| Encoding service | ONNX Runtime inference |
| Training service (CPU) | Autoencoder training, default mode |
| Training service (GPU) | Autoencoder training, GPU mode |
Provider access
Section titled “Provider access”The provider (Integrated Quantum Technologies) has no runtime access to consumer accounts. No provider credentials are embedded in the application. No data flows from consumer accounts to the provider account. The provider publishes the application package; all execution happens in the consumer’s environment.