Snowflake v0.59.0, Sep 20 24

Snowflake v0.59.0 published on Friday, Sep 20, 2024 by Pulumi

snowflake.OauthIntegration

Explore with Pulumi AI

Snowflake v0.59.0 published on Friday, Sep 20, 2024 by Pulumi

Import

$ pulumi import snowflake:index/oauthIntegration:OauthIntegration example name

Create OauthIntegration Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new OauthIntegration(name: string, args: OauthIntegrationArgs, opts?: CustomResourceOptions);

@overload
def OauthIntegration(resource_name: str,
                     args: OauthIntegrationArgs,
                     opts: Optional[ResourceOptions] = None)

@overload
def OauthIntegration(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     oauth_client: Optional[str] = None,
                     blocked_roles_lists: Optional[Sequence[str]] = None,
                     comment: Optional[str] = None,
                     enabled: Optional[bool] = None,
                     name: Optional[str] = None,
                     oauth_client_type: Optional[str] = None,
                     oauth_issue_refresh_tokens: Optional[bool] = None,
                     oauth_redirect_uri: Optional[str] = None,
                     oauth_refresh_token_validity: Optional[int] = None,
                     oauth_use_secondary_roles: Optional[str] = None)

func NewOauthIntegration(ctx *Context, name string, args OauthIntegrationArgs, opts ...ResourceOption) (*OauthIntegration, error)

public OauthIntegration(string name, OauthIntegrationArgs args, CustomResourceOptions? opts = null)

public OauthIntegration(String name, OauthIntegrationArgs args)
public OauthIntegration(String name, OauthIntegrationArgs args, CustomResourceOptions options)

type: snowflake:OauthIntegration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args OauthIntegrationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args OauthIntegrationArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args OauthIntegrationArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args OauthIntegrationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args OauthIntegrationArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var oauthIntegrationResource = new Snowflake.OauthIntegration("oauthIntegrationResource", new()
{
    OauthClient = "string",
    BlockedRolesLists = new[]
    {
        "string",
    },
    Comment = "string",
    Enabled = false,
    Name = "string",
    OauthClientType = "string",
    OauthIssueRefreshTokens = false,
    OauthRedirectUri = "string",
    OauthRefreshTokenValidity = 0,
    OauthUseSecondaryRoles = "string",
});

example, err := snowflake.NewOauthIntegration(ctx, "oauthIntegrationResource", &snowflake.OauthIntegrationArgs{
	OauthClient: pulumi.String("string"),
	BlockedRolesLists: pulumi.StringArray{
		pulumi.String("string"),
	},
	Comment:                   pulumi.String("string"),
	Enabled:                   pulumi.Bool(false),
	Name:                      pulumi.String("string"),
	OauthClientType:           pulumi.String("string"),
	OauthIssueRefreshTokens:   pulumi.Bool(false),
	OauthRedirectUri:          pulumi.String("string"),
	OauthRefreshTokenValidity: pulumi.Int(0),
	OauthUseSecondaryRoles:    pulumi.String("string"),
})

var oauthIntegrationResource = new OauthIntegration("oauthIntegrationResource", OauthIntegrationArgs.builder()
    .oauthClient("string")
    .blockedRolesLists("string")
    .comment("string")
    .enabled(false)
    .name("string")
    .oauthClientType("string")
    .oauthIssueRefreshTokens(false)
    .oauthRedirectUri("string")
    .oauthRefreshTokenValidity(0)
    .oauthUseSecondaryRoles("string")
    .build());

oauth_integration_resource = snowflake.OauthIntegration("oauthIntegrationResource",
    oauth_client="string",
    blocked_roles_lists=["string"],
    comment="string",
    enabled=False,
    name="string",
    oauth_client_type="string",
    oauth_issue_refresh_tokens=False,
    oauth_redirect_uri="string",
    oauth_refresh_token_validity=0,
    oauth_use_secondary_roles="string")

const oauthIntegrationResource = new snowflake.OauthIntegration("oauthIntegrationResource", {
    oauthClient: "string",
    blockedRolesLists: ["string"],
    comment: "string",
    enabled: false,
    name: "string",
    oauthClientType: "string",
    oauthIssueRefreshTokens: false,
    oauthRedirectUri: "string",
    oauthRefreshTokenValidity: 0,
    oauthUseSecondaryRoles: "string",
});

type: snowflake:OauthIntegration
properties:
    blockedRolesLists:
        - string
    comment: string
    enabled: false
    name: string
    oauthClient: string
    oauthClientType: string
    oauthIssueRefreshTokens: false
    oauthRedirectUri: string
    oauthRefreshTokenValidity: 0
    oauthUseSecondaryRoles: string

OauthIntegration Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The OauthIntegration resource accepts the following input properties:

OauthClient string: Specifies the OAuth client type.
BlockedRolesLists List<string>: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
Comment string: Specifies a comment for the OAuth integration.
Enabled bool: Specifies whether this OAuth integration is enabled or disabled.
Name string: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
OauthClientType string: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
OauthIssueRefreshTokens bool: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
OauthRedirectUri string: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
OauthRefreshTokenValidity int: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
OauthUseSecondaryRoles string: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

OauthClient string: Specifies the OAuth client type.
BlockedRolesLists []string: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
Comment string: Specifies a comment for the OAuth integration.
Enabled bool: Specifies whether this OAuth integration is enabled or disabled.
Name string: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
OauthClientType string: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
OauthIssueRefreshTokens bool: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
OauthRedirectUri string: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
OauthRefreshTokenValidity int: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
OauthUseSecondaryRoles string: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

oauthClient String: Specifies the OAuth client type.
blockedRolesLists List<String>: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
comment String: Specifies a comment for the OAuth integration.
enabled Boolean: Specifies whether this OAuth integration is enabled or disabled.
name String: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
oauthClientType String: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
oauthIssueRefreshTokens Boolean: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
oauthRedirectUri String: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
oauthRefreshTokenValidity Integer: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
oauthUseSecondaryRoles String: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

oauthClient string: Specifies the OAuth client type.
blockedRolesLists string[]: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
comment string: Specifies a comment for the OAuth integration.
enabled boolean: Specifies whether this OAuth integration is enabled or disabled.
name string: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
oauthClientType string: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
oauthIssueRefreshTokens boolean: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
oauthRedirectUri string: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
oauthRefreshTokenValidity number: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
oauthUseSecondaryRoles string: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

oauth_client str: Specifies the OAuth client type.
blocked_roles_lists Sequence[str]: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
comment str: Specifies a comment for the OAuth integration.
enabled bool: Specifies whether this OAuth integration is enabled or disabled.
name str: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
oauth_client_type str: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
oauth_issue_refresh_tokens bool: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
oauth_redirect_uri str: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
oauth_refresh_token_validity int: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
oauth_use_secondary_roles str: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

oauthClient String: Specifies the OAuth client type.
blockedRolesLists List<String>: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
comment String: Specifies a comment for the OAuth integration.
enabled Boolean: Specifies whether this OAuth integration is enabled or disabled.
name String: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
oauthClientType String: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
oauthIssueRefreshTokens Boolean: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
oauthRedirectUri String: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
oauthRefreshTokenValidity Number: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
oauthUseSecondaryRoles String: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

Outputs

All input properties are implicitly available as output properties. Additionally, the OauthIntegration resource produces the following output properties:

CreatedOn string: Date and time when the OAuth integration was created.
Id string: The provider-assigned unique ID for this managed resource.

CreatedOn string: Date and time when the OAuth integration was created.
Id string: The provider-assigned unique ID for this managed resource.

createdOn String: Date and time when the OAuth integration was created.
id String: The provider-assigned unique ID for this managed resource.

createdOn string: Date and time when the OAuth integration was created.
id string: The provider-assigned unique ID for this managed resource.

created_on str: Date and time when the OAuth integration was created.
id str: The provider-assigned unique ID for this managed resource.

createdOn String: Date and time when the OAuth integration was created.
id String: The provider-assigned unique ID for this managed resource.

Look up Existing OauthIntegration Resource

Get an existing OauthIntegration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: OauthIntegrationState, opts?: CustomResourceOptions): OauthIntegration

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        blocked_roles_lists: Optional[Sequence[str]] = None,
        comment: Optional[str] = None,
        created_on: Optional[str] = None,
        enabled: Optional[bool] = None,
        name: Optional[str] = None,
        oauth_client: Optional[str] = None,
        oauth_client_type: Optional[str] = None,
        oauth_issue_refresh_tokens: Optional[bool] = None,
        oauth_redirect_uri: Optional[str] = None,
        oauth_refresh_token_validity: Optional[int] = None,
        oauth_use_secondary_roles: Optional[str] = None) -> OauthIntegration

func GetOauthIntegration(ctx *Context, name string, id IDInput, state *OauthIntegrationState, opts ...ResourceOption) (*OauthIntegration, error)

public static OauthIntegration Get(string name, Input<string> id, OauthIntegrationState? state, CustomResourceOptions? opts = null)

public static OauthIntegration get(String name, Output<String> id, OauthIntegrationState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

BlockedRolesLists List<string>: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
Comment string: Specifies a comment for the OAuth integration.
CreatedOn string: Date and time when the OAuth integration was created.
Enabled bool: Specifies whether this OAuth integration is enabled or disabled.
Name string: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
OauthClient string: Specifies the OAuth client type.
OauthClientType string: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
OauthIssueRefreshTokens bool: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
OauthRedirectUri string: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
OauthRefreshTokenValidity int: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
OauthUseSecondaryRoles string: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

BlockedRolesLists []string: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
Comment string: Specifies a comment for the OAuth integration.
CreatedOn string: Date and time when the OAuth integration was created.
Enabled bool: Specifies whether this OAuth integration is enabled or disabled.
Name string: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
OauthClient string: Specifies the OAuth client type.
OauthClientType string: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
OauthIssueRefreshTokens bool: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
OauthRedirectUri string: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
OauthRefreshTokenValidity int: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
OauthUseSecondaryRoles string: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

blockedRolesLists List<String>: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
comment String: Specifies a comment for the OAuth integration.
createdOn String: Date and time when the OAuth integration was created.
enabled Boolean: Specifies whether this OAuth integration is enabled or disabled.
name String: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
oauthClient String: Specifies the OAuth client type.
oauthClientType String: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
oauthIssueRefreshTokens Boolean: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
oauthRedirectUri String: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
oauthRefreshTokenValidity Integer: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
oauthUseSecondaryRoles String: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

blockedRolesLists string[]: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
comment string: Specifies a comment for the OAuth integration.
createdOn string: Date and time when the OAuth integration was created.
enabled boolean: Specifies whether this OAuth integration is enabled or disabled.
name string: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
oauthClient string: Specifies the OAuth client type.
oauthClientType string: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
oauthIssueRefreshTokens boolean: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
oauthRedirectUri string: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
oauthRefreshTokenValidity number: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
oauthUseSecondaryRoles string: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

blocked_roles_lists Sequence[str]: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
comment str: Specifies a comment for the OAuth integration.
created_on str: Date and time when the OAuth integration was created.
enabled bool: Specifies whether this OAuth integration is enabled or disabled.
name str: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
oauth_client str: Specifies the OAuth client type.
oauth_client_type str: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
oauth_issue_refresh_tokens bool: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
oauth_redirect_uri str: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
oauth_refresh_token_validity int: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
oauth_use_secondary_roles str: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

blockedRolesLists List<String>: List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
comment String: Specifies a comment for the OAuth integration.
createdOn String: Date and time when the OAuth integration was created.
enabled Boolean: Specifies whether this OAuth integration is enabled or disabled.
name String: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
oauthClient String: Specifies the OAuth client type.
oauthClientType String: Specifies the type of client being registered. Snowflake supports both confidential and public clients.
oauthIssueRefreshTokens Boolean: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
oauthRedirectUri String: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
oauthRefreshTokenValidity Number: Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
oauthUseSecondaryRoles String: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.

Package Details

Repository: Snowflake pulumi/pulumi-snowflake
License: Apache-2.0
Notes: This Pulumi package is based on the snowflake Terraform Provider.

Snowflake v0.59.0 published on Friday, Sep 20, 2024 by Pulumi

pulumi/pulumi-snowflake

snowflake.OauthIntegration

On this page

On this page

Import

Create OauthIntegration Resource

Constructor syntax

Parameters

Constructor example

OauthIntegration Resource Properties

Inputs

Outputs

Look up Existing OauthIntegration Resource

Package Details

On this page

On this page