snowflake.OauthIntegration
Explore with Pulumi AI
Import
$ pulumi import snowflake:index/oauthIntegration:OauthIntegration example name
Create OauthIntegration Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new OauthIntegration(name: string, args: OauthIntegrationArgs, opts?: CustomResourceOptions);
@overload
def OauthIntegration(resource_name: str,
args: OauthIntegrationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def OauthIntegration(resource_name: str,
opts: Optional[ResourceOptions] = None,
oauth_client: Optional[str] = None,
blocked_roles_lists: Optional[Sequence[str]] = None,
comment: Optional[str] = None,
enabled: Optional[bool] = None,
name: Optional[str] = None,
oauth_client_type: Optional[str] = None,
oauth_issue_refresh_tokens: Optional[bool] = None,
oauth_redirect_uri: Optional[str] = None,
oauth_refresh_token_validity: Optional[int] = None,
oauth_use_secondary_roles: Optional[str] = None)
func NewOauthIntegration(ctx *Context, name string, args OauthIntegrationArgs, opts ...ResourceOption) (*OauthIntegration, error)
public OauthIntegration(string name, OauthIntegrationArgs args, CustomResourceOptions? opts = null)
public OauthIntegration(String name, OauthIntegrationArgs args)
public OauthIntegration(String name, OauthIntegrationArgs args, CustomResourceOptions options)
type: snowflake:OauthIntegration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args OauthIntegrationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OauthIntegrationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OauthIntegrationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OauthIntegrationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OauthIntegrationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var oauthIntegrationResource = new Snowflake.OauthIntegration("oauthIntegrationResource", new()
{
OauthClient = "string",
BlockedRolesLists = new[]
{
"string",
},
Comment = "string",
Enabled = false,
Name = "string",
OauthClientType = "string",
OauthIssueRefreshTokens = false,
OauthRedirectUri = "string",
OauthRefreshTokenValidity = 0,
OauthUseSecondaryRoles = "string",
});
example, err := snowflake.NewOauthIntegration(ctx, "oauthIntegrationResource", &snowflake.OauthIntegrationArgs{
OauthClient: pulumi.String("string"),
BlockedRolesLists: pulumi.StringArray{
pulumi.String("string"),
},
Comment: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Name: pulumi.String("string"),
OauthClientType: pulumi.String("string"),
OauthIssueRefreshTokens: pulumi.Bool(false),
OauthRedirectUri: pulumi.String("string"),
OauthRefreshTokenValidity: pulumi.Int(0),
OauthUseSecondaryRoles: pulumi.String("string"),
})
var oauthIntegrationResource = new OauthIntegration("oauthIntegrationResource", OauthIntegrationArgs.builder()
.oauthClient("string")
.blockedRolesLists("string")
.comment("string")
.enabled(false)
.name("string")
.oauthClientType("string")
.oauthIssueRefreshTokens(false)
.oauthRedirectUri("string")
.oauthRefreshTokenValidity(0)
.oauthUseSecondaryRoles("string")
.build());
oauth_integration_resource = snowflake.OauthIntegration("oauthIntegrationResource",
oauth_client="string",
blocked_roles_lists=["string"],
comment="string",
enabled=False,
name="string",
oauth_client_type="string",
oauth_issue_refresh_tokens=False,
oauth_redirect_uri="string",
oauth_refresh_token_validity=0,
oauth_use_secondary_roles="string")
const oauthIntegrationResource = new snowflake.OauthIntegration("oauthIntegrationResource", {
oauthClient: "string",
blockedRolesLists: ["string"],
comment: "string",
enabled: false,
name: "string",
oauthClientType: "string",
oauthIssueRefreshTokens: false,
oauthRedirectUri: "string",
oauthRefreshTokenValidity: 0,
oauthUseSecondaryRoles: "string",
});
type: snowflake:OauthIntegration
properties:
blockedRolesLists:
- string
comment: string
enabled: false
name: string
oauthClient: string
oauthClientType: string
oauthIssueRefreshTokens: false
oauthRedirectUri: string
oauthRefreshTokenValidity: 0
oauthUseSecondaryRoles: string
OauthIntegration Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The OauthIntegration resource accepts the following input properties:
- Oauth
Client string - Specifies the OAuth client type.
- Blocked
Roles List<string>Lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- Comment string
- Specifies a comment for the OAuth integration.
- Enabled bool
- Specifies whether this OAuth integration is enabled or disabled.
- Name string
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- Oauth
Client stringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- Oauth
Issue boolRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- Oauth
Redirect stringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- Oauth
Refresh intToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- Oauth
Use stringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- Oauth
Client string - Specifies the OAuth client type.
- Blocked
Roles []stringLists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- Comment string
- Specifies a comment for the OAuth integration.
- Enabled bool
- Specifies whether this OAuth integration is enabled or disabled.
- Name string
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- Oauth
Client stringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- Oauth
Issue boolRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- Oauth
Redirect stringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- Oauth
Refresh intToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- Oauth
Use stringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- oauth
Client String - Specifies the OAuth client type.
- blocked
Roles List<String>Lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- comment String
- Specifies a comment for the OAuth integration.
- enabled Boolean
- Specifies whether this OAuth integration is enabled or disabled.
- name String
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- oauth
Client StringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- oauth
Issue BooleanRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- oauth
Redirect StringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- oauth
Refresh IntegerToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- oauth
Use StringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- oauth
Client string - Specifies the OAuth client type.
- blocked
Roles string[]Lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- comment string
- Specifies a comment for the OAuth integration.
- enabled boolean
- Specifies whether this OAuth integration is enabled or disabled.
- name string
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- oauth
Client stringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- oauth
Issue booleanRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- oauth
Redirect stringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- oauth
Refresh numberToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- oauth
Use stringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- oauth_
client str - Specifies the OAuth client type.
- blocked_
roles_ Sequence[str]lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- comment str
- Specifies a comment for the OAuth integration.
- enabled bool
- Specifies whether this OAuth integration is enabled or disabled.
- name str
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- oauth_
client_ strtype - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- oauth_
issue_ boolrefresh_ tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- oauth_
redirect_ struri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- oauth_
refresh_ inttoken_ validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- oauth_
use_ strsecondary_ roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- oauth
Client String - Specifies the OAuth client type.
- blocked
Roles List<String>Lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- comment String
- Specifies a comment for the OAuth integration.
- enabled Boolean
- Specifies whether this OAuth integration is enabled or disabled.
- name String
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- oauth
Client StringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- oauth
Issue BooleanRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- oauth
Redirect StringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- oauth
Refresh NumberToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- oauth
Use StringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
Outputs
All input properties are implicitly available as output properties. Additionally, the OauthIntegration resource produces the following output properties:
- created_
on str - Date and time when the OAuth integration was created.
- id str
- The provider-assigned unique ID for this managed resource.
Look up Existing OauthIntegration Resource
Get an existing OauthIntegration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OauthIntegrationState, opts?: CustomResourceOptions): OauthIntegration
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
blocked_roles_lists: Optional[Sequence[str]] = None,
comment: Optional[str] = None,
created_on: Optional[str] = None,
enabled: Optional[bool] = None,
name: Optional[str] = None,
oauth_client: Optional[str] = None,
oauth_client_type: Optional[str] = None,
oauth_issue_refresh_tokens: Optional[bool] = None,
oauth_redirect_uri: Optional[str] = None,
oauth_refresh_token_validity: Optional[int] = None,
oauth_use_secondary_roles: Optional[str] = None) -> OauthIntegration
func GetOauthIntegration(ctx *Context, name string, id IDInput, state *OauthIntegrationState, opts ...ResourceOption) (*OauthIntegration, error)
public static OauthIntegration Get(string name, Input<string> id, OauthIntegrationState? state, CustomResourceOptions? opts = null)
public static OauthIntegration get(String name, Output<String> id, OauthIntegrationState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Blocked
Roles List<string>Lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- Comment string
- Specifies a comment for the OAuth integration.
- Created
On string - Date and time when the OAuth integration was created.
- Enabled bool
- Specifies whether this OAuth integration is enabled or disabled.
- Name string
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- Oauth
Client string - Specifies the OAuth client type.
- Oauth
Client stringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- Oauth
Issue boolRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- Oauth
Redirect stringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- Oauth
Refresh intToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- Oauth
Use stringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- Blocked
Roles []stringLists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- Comment string
- Specifies a comment for the OAuth integration.
- Created
On string - Date and time when the OAuth integration was created.
- Enabled bool
- Specifies whether this OAuth integration is enabled or disabled.
- Name string
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- Oauth
Client string - Specifies the OAuth client type.
- Oauth
Client stringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- Oauth
Issue boolRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- Oauth
Redirect stringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- Oauth
Refresh intToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- Oauth
Use stringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- blocked
Roles List<String>Lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- comment String
- Specifies a comment for the OAuth integration.
- created
On String - Date and time when the OAuth integration was created.
- enabled Boolean
- Specifies whether this OAuth integration is enabled or disabled.
- name String
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- oauth
Client String - Specifies the OAuth client type.
- oauth
Client StringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- oauth
Issue BooleanRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- oauth
Redirect StringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- oauth
Refresh IntegerToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- oauth
Use StringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- blocked
Roles string[]Lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- comment string
- Specifies a comment for the OAuth integration.
- created
On string - Date and time when the OAuth integration was created.
- enabled boolean
- Specifies whether this OAuth integration is enabled or disabled.
- name string
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- oauth
Client string - Specifies the OAuth client type.
- oauth
Client stringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- oauth
Issue booleanRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- oauth
Redirect stringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- oauth
Refresh numberToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- oauth
Use stringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- blocked_
roles_ Sequence[str]lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- comment str
- Specifies a comment for the OAuth integration.
- created_
on str - Date and time when the OAuth integration was created.
- enabled bool
- Specifies whether this OAuth integration is enabled or disabled.
- name str
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- oauth_
client str - Specifies the OAuth client type.
- oauth_
client_ strtype - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- oauth_
issue_ boolrefresh_ tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- oauth_
redirect_ struri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- oauth_
refresh_ inttoken_ validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- oauth_
use_ strsecondary_ roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
- blocked
Roles List<String>Lists - List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
- comment String
- Specifies a comment for the OAuth integration.
- created
On String - Date and time when the OAuth integration was created.
- enabled Boolean
- Specifies whether this OAuth integration is enabled or disabled.
- name String
- Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
- oauth
Client String - Specifies the OAuth client type.
- oauth
Client StringType - Specifies the type of client being registered. Snowflake supports both confidential and public clients.
- oauth
Issue BooleanRefresh Tokens - Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.
- oauth
Redirect StringUri - Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
- oauth
Refresh NumberToken Validity - Specifies how long refresh tokens should be valid (in seconds). OAUTHISSUEREFRESH_TOKENS must be set to TRUE.
- oauth
Use StringSecondary Roles - Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.
Package Details
- Repository
- Snowflake pulumi/pulumi-snowflake
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
snowflake
Terraform Provider.