01 / Technical Stack

Keep identity, catalog, and storage inside your boundary.

Lanikaia does not replace the data platform you already operate. It separates enterprise identity, Polaris catalog, Iceberg tables, semantic assets, compute, agent runtime, and publishing surfaces so the ownership line is visible before implementation starts.

02 / Stack Map

The role and technology of each layer.

LayerTechnologyRoleBoundary

Identity

OIDC / Google Workspace / Microsoft Entra ID

Users, groups, and roles are inherited from enterprise identity.

Customer

Catalog

Apache Polaris

Namespaces, table visibility, and grants are handled as the catalog of record.

Customer or hosted

Storage / Table

S3 / GCS / Azure Blob + Apache Iceberg

Snapshots, schema evolution, time travel, and read / write isolation stay in open table format.

Customer

Semantics

dbt assets / ontology / metrics / policies

Asks resolve to trusted metrics and business vocabulary before execution.

Shared

Compute

Trino / Spark / Python runtime

Existing query engines and Python execution stay tied to catalog grants and snapshots.

Customer or Lanikaia

Agent runtime

Lanikaia Data Agent

An ask becomes generated code, execution, review, approval, and commit history.

Lanikaia

Publishing

API / MCP / BI / Excel / Airflow / Dagster

Verified artifacts are published to existing work surfaces with fixed versions.

Shared

03 / Execution Control

Requests are controlled before compute starts.

Pre-flight authorization
User identity, group, Polaris grants, and policy are checked before compute. Unreadable tables and metrics are denied before execution.
Bounded execution
Generated SQL, Python, and workflow logic are fixed to source snapshots, semantic assets, and executing user ID.
Human review
The answer, generated code, source data, approval state, and rerun conditions are reviewed together.
Audit and lineage
Sign-in, grant changes, chat invocations, table writes, and API requests remain auditable. Lineage is stored in the commit, not guessed from logs.

04 / Interfaces

Artifacts are published where teams already work.

APIVersioned HTTPDatasets, functions, and workflows are exposed as stable endpoints.
MCPModel Context ProtocolClaude, Cursor, or internal copilots call typed, authorized tools.
BIIceberg via Trino / SparkExisting BI reads Iceberg tables directly, while Lanikaia commits pin catalog references.
OpsAirflow / Dagster / IDESchedulers and development environments can trigger workflows and read or write commits.

05 / Boundary

Responsibility boundaries decided during implementation.

EvaluationStarter evaluates one workload with hosted catalog, hosted storage, and shared runtime.
Production storageProduction defaults to BYO S3 / GCS / Azure Blob so the data plane stays in the customer boundary.
CatalogUse BYO Polaris or hosted Polaris. Grants and namespaces are assigned to a clear owner during contracting.
Commercial boundaryIceberg, Polaris, dbt, Trino, and Spark are OSS. Agent runtime and publishing surfaces are Lanikaia commercial scope.

06 / Next Step

Start technical evaluation from the integration boundary.

Book Technical Deep Dive Back to Product Detail