Docs Home
Snowflake v0.61.1 published on Thursday, Nov 14, 2024 by Pulumi
snowflake.Saml2Integration
Explore with Pulumi AI
Import
$ pulumi import snowflake:index/saml2Integration:Saml2Integration example "name"
Create Saml2Integration Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Saml2Integration(name: string, args: Saml2IntegrationArgs, opts?: CustomResourceOptions);@overload
def Saml2Integration(resource_name: str,
args: Saml2IntegrationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Saml2Integration(resource_name: str,
opts: Optional[ResourceOptions] = None,
saml2_issuer: Optional[str] = None,
saml2_x509_cert: Optional[str] = None,
saml2_sso_url: Optional[str] = None,
saml2_provider: Optional[str] = None,
saml2_post_logout_redirect_url: Optional[str] = None,
saml2_enable_sp_initiated: Optional[str] = None,
saml2_force_authn: Optional[str] = None,
name: Optional[str] = None,
allowed_email_patterns: Optional[Sequence[str]] = None,
enabled: Optional[str] = None,
saml2_requested_nameid_format: Optional[str] = None,
saml2_sign_request: Optional[str] = None,
saml2_snowflake_acs_url: Optional[str] = None,
saml2_snowflake_issuer_url: Optional[str] = None,
saml2_sp_initiated_login_page_label: Optional[str] = None,
comment: Optional[str] = None,
allowed_user_domains: Optional[Sequence[str]] = None)func NewSaml2Integration(ctx *Context, name string, args Saml2IntegrationArgs, opts ...ResourceOption) (*Saml2Integration, error)public Saml2Integration(string name, Saml2IntegrationArgs args, CustomResourceOptions? opts = null)
public Saml2Integration(String name, Saml2IntegrationArgs args)
public Saml2Integration(String name, Saml2IntegrationArgs args, CustomResourceOptions options)
type: snowflake:Saml2Integration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args Saml2IntegrationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args Saml2IntegrationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args Saml2IntegrationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args Saml2IntegrationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args Saml2IntegrationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var saml2IntegrationResource = new Snowflake.Saml2Integration("saml2IntegrationResource", new()
{
Saml2Issuer = "string",
Saml2X509Cert = "string",
Saml2SsoUrl = "string",
Saml2Provider = "string",
Saml2PostLogoutRedirectUrl = "string",
Saml2EnableSpInitiated = "string",
Saml2ForceAuthn = "string",
Name = "string",
AllowedEmailPatterns = new[]
{
"string",
},
Enabled = "string",
Saml2RequestedNameidFormat = "string",
Saml2SignRequest = "string",
Saml2SnowflakeAcsUrl = "string",
Saml2SnowflakeIssuerUrl = "string",
Saml2SpInitiatedLoginPageLabel = "string",
Comment = "string",
AllowedUserDomains = new[]
{
"string",
},
});
example, err := snowflake.NewSaml2Integration(ctx, "saml2IntegrationResource", &snowflake.Saml2IntegrationArgs{
Saml2Issuer: pulumi.String("string"),
Saml2X509Cert: pulumi.String("string"),
Saml2SsoUrl: pulumi.String("string"),
Saml2Provider: pulumi.String("string"),
Saml2PostLogoutRedirectUrl: pulumi.String("string"),
Saml2EnableSpInitiated: pulumi.String("string"),
Saml2ForceAuthn: pulumi.String("string"),
Name: pulumi.String("string"),
AllowedEmailPatterns: pulumi.StringArray{
pulumi.String("string"),
},
Enabled: pulumi.String("string"),
Saml2RequestedNameidFormat: pulumi.String("string"),
Saml2SignRequest: pulumi.String("string"),
Saml2SnowflakeAcsUrl: pulumi.String("string"),
Saml2SnowflakeIssuerUrl: pulumi.String("string"),
Saml2SpInitiatedLoginPageLabel: pulumi.String("string"),
Comment: pulumi.String("string"),
AllowedUserDomains: pulumi.StringArray{
pulumi.String("string"),
},
})
var saml2IntegrationResource = new Saml2Integration("saml2IntegrationResource", Saml2IntegrationArgs.builder()
.saml2Issuer("string")
.saml2X509Cert("string")
.saml2SsoUrl("string")
.saml2Provider("string")
.saml2PostLogoutRedirectUrl("string")
.saml2EnableSpInitiated("string")
.saml2ForceAuthn("string")
.name("string")
.allowedEmailPatterns("string")
.enabled("string")
.saml2RequestedNameidFormat("string")
.saml2SignRequest("string")
.saml2SnowflakeAcsUrl("string")
.saml2SnowflakeIssuerUrl("string")
.saml2SpInitiatedLoginPageLabel("string")
.comment("string")
.allowedUserDomains("string")
.build());
saml2_integration_resource = snowflake.Saml2Integration("saml2IntegrationResource",
saml2_issuer="string",
saml2_x509_cert="string",
saml2_sso_url="string",
saml2_provider="string",
saml2_post_logout_redirect_url="string",
saml2_enable_sp_initiated="string",
saml2_force_authn="string",
name="string",
allowed_email_patterns=["string"],
enabled="string",
saml2_requested_nameid_format="string",
saml2_sign_request="string",
saml2_snowflake_acs_url="string",
saml2_snowflake_issuer_url="string",
saml2_sp_initiated_login_page_label="string",
comment="string",
allowed_user_domains=["string"])
const saml2IntegrationResource = new snowflake.Saml2Integration("saml2IntegrationResource", {
saml2Issuer: "string",
saml2X509Cert: "string",
saml2SsoUrl: "string",
saml2Provider: "string",
saml2PostLogoutRedirectUrl: "string",
saml2EnableSpInitiated: "string",
saml2ForceAuthn: "string",
name: "string",
allowedEmailPatterns: ["string"],
enabled: "string",
saml2RequestedNameidFormat: "string",
saml2SignRequest: "string",
saml2SnowflakeAcsUrl: "string",
saml2SnowflakeIssuerUrl: "string",
saml2SpInitiatedLoginPageLabel: "string",
comment: "string",
allowedUserDomains: ["string"],
});
type: snowflake:Saml2Integration
properties:
allowedEmailPatterns:
- string
allowedUserDomains:
- string
comment: string
enabled: string
name: string
saml2EnableSpInitiated: string
saml2ForceAuthn: string
saml2Issuer: string
saml2PostLogoutRedirectUrl: string
saml2Provider: string
saml2RequestedNameidFormat: string
saml2SignRequest: string
saml2SnowflakeAcsUrl: string
saml2SnowflakeIssuerUrl: string
saml2SpInitiatedLoginPageLabel: string
saml2SsoUrl: string
saml2X509Cert: string
Saml2Integration Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Saml2Integration resource accepts the following input properties:
- Saml2Issuer string
- The string containing the IdP EntityID / Issuer.
- Saml2Provider string
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - Saml2Sso
Url string - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- Saml2X509Cert string
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- Allowed
Email List<string>Patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Allowed
User List<string>Domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Comment string
- Specifies a comment for the integration.
- Enabled string
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Name string
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - Saml2Enable
Sp stringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Force
Authn string - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Post
Logout stringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- Saml2Requested
Nameid stringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - Saml2Sign
Request string - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Snowflake
Acs stringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- Saml2Snowflake
Issuer stringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- Saml2Sp
Initiated stringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Saml2Issuer string
- The string containing the IdP EntityID / Issuer.
- Saml2Provider string
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - Saml2Sso
Url string - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- Saml2X509Cert string
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- Allowed
Email []stringPatterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Allowed
User []stringDomains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Comment string
- Specifies a comment for the integration.
- Enabled string
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Name string
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - Saml2Enable
Sp stringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Force
Authn string - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Post
Logout stringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- Saml2Requested
Nameid stringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - Saml2Sign
Request string - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Snowflake
Acs stringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- Saml2Snowflake
Issuer stringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- Saml2Sp
Initiated stringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- saml2Issuer String
- The string containing the IdP EntityID / Issuer.
- saml2Provider String
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - saml2Sso
Url String - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- saml2X509Cert String
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- allowed
Email List<String>Patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- allowed
User List<String>Domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- comment String
- Specifies a comment for the integration.
- enabled String
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- name String
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - saml2Enable
Sp StringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Force
Authn String - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Post
Logout StringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- saml2Requested
Nameid StringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - saml2Sign
Request String - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Snowflake
Acs StringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Snowflake
Issuer StringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Sp
Initiated StringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- saml2Issuer string
- The string containing the IdP EntityID / Issuer.
- saml2Provider string
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - saml2Sso
Url string - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- saml2X509Cert string
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- allowed
Email string[]Patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- allowed
User string[]Domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- comment string
- Specifies a comment for the integration.
- enabled string
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- name string
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - saml2Enable
Sp stringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Force
Authn string - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Post
Logout stringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- saml2Requested
Nameid stringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - saml2Sign
Request string - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Snowflake
Acs stringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Snowflake
Issuer stringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Sp
Initiated stringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- saml2_
issuer str - The string containing the IdP EntityID / Issuer.
- saml2_
provider str - The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - saml2_
sso_ strurl - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- saml2_
x509_ strcert - The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- allowed_
email_ Sequence[str]patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- allowed_
user_ Sequence[str]domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- comment str
- Specifies a comment for the integration.
- enabled str
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- name str
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - saml2_
enable_ strsp_ initiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2_
force_ strauthn - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2_
post_ strlogout_ redirect_ url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- saml2_
requested_ strnameid_ format - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - saml2_
sign_ strrequest - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2_
snowflake_ stracs_ url - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2_
snowflake_ strissuer_ url - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2_
sp_ strinitiated_ login_ page_ label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- saml2Issuer String
- The string containing the IdP EntityID / Issuer.
- saml2Provider String
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - saml2Sso
Url String - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- saml2X509Cert String
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- allowed
Email List<String>Patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- allowed
User List<String>Domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- comment String
- Specifies a comment for the integration.
- enabled String
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- name String
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - saml2Enable
Sp StringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Force
Authn String - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Post
Logout StringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- saml2Requested
Nameid StringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - saml2Sign
Request String - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Snowflake
Acs StringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Snowflake
Issuer StringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Sp
Initiated StringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
Outputs
All input properties are implicitly available as output properties. Additionally, the Saml2Integration resource produces the following output properties:
- Describe
Outputs List<Saml2IntegrationDescribe Output> - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - Fully
Qualified stringName - Fully qualified name of the resource. For more information, see object name resolution.
- Id string
- The provider-assigned unique ID for this managed resource.
- Show
Outputs List<Saml2IntegrationShow Output> - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- Describe
Outputs []Saml2IntegrationDescribe Output - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - Fully
Qualified stringName - Fully qualified name of the resource. For more information, see object name resolution.
- Id string
- The provider-assigned unique ID for this managed resource.
- Show
Outputs []Saml2IntegrationShow Output - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- describe
Outputs List<Saml2IntegrationDescribe Output> - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - fully
Qualified StringName - Fully qualified name of the resource. For more information, see object name resolution.
- id String
- The provider-assigned unique ID for this managed resource.
- show
Outputs List<Saml2IntegrationShow Output> - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- describe
Outputs Saml2IntegrationDescribe Output[] - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - fully
Qualified stringName - Fully qualified name of the resource. For more information, see object name resolution.
- id string
- The provider-assigned unique ID for this managed resource.
- show
Outputs Saml2IntegrationShow Output[] - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- describe_
outputs Sequence[Saml2IntegrationDescribe Output] - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - fully_
qualified_ strname - Fully qualified name of the resource. For more information, see object name resolution.
- id str
- The provider-assigned unique ID for this managed resource.
- show_
outputs Sequence[Saml2IntegrationShow Output] - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- describe
Outputs List<Property Map> - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - fully
Qualified StringName - Fully qualified name of the resource. For more information, see object name resolution.
- id String
- The provider-assigned unique ID for this managed resource.
- show
Outputs List<Property Map> - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
Look up Existing Saml2Integration Resource
Get an existing Saml2Integration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: Saml2IntegrationState, opts?: CustomResourceOptions): Saml2Integration@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allowed_email_patterns: Optional[Sequence[str]] = None,
allowed_user_domains: Optional[Sequence[str]] = None,
comment: Optional[str] = None,
describe_outputs: Optional[Sequence[Saml2IntegrationDescribeOutputArgs]] = None,
enabled: Optional[str] = None,
fully_qualified_name: Optional[str] = None,
name: Optional[str] = None,
saml2_enable_sp_initiated: Optional[str] = None,
saml2_force_authn: Optional[str] = None,
saml2_issuer: Optional[str] = None,
saml2_post_logout_redirect_url: Optional[str] = None,
saml2_provider: Optional[str] = None,
saml2_requested_nameid_format: Optional[str] = None,
saml2_sign_request: Optional[str] = None,
saml2_snowflake_acs_url: Optional[str] = None,
saml2_snowflake_issuer_url: Optional[str] = None,
saml2_sp_initiated_login_page_label: Optional[str] = None,
saml2_sso_url: Optional[str] = None,
saml2_x509_cert: Optional[str] = None,
show_outputs: Optional[Sequence[Saml2IntegrationShowOutputArgs]] = None) -> Saml2Integrationfunc GetSaml2Integration(ctx *Context, name string, id IDInput, state *Saml2IntegrationState, opts ...ResourceOption) (*Saml2Integration, error)public static Saml2Integration Get(string name, Input<string> id, Saml2IntegrationState? state, CustomResourceOptions? opts = null)public static Saml2Integration get(String name, Output<String> id, Saml2IntegrationState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allowed
Email List<string>Patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Allowed
User List<string>Domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Comment string
- Specifies a comment for the integration.
- Describe
Outputs List<Saml2IntegrationDescribe Output> - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - Enabled string
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Fully
Qualified stringName - Fully qualified name of the resource. For more information, see object name resolution.
- Name string
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - Saml2Enable
Sp stringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Force
Authn string - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Issuer string
- The string containing the IdP EntityID / Issuer.
- Saml2Post
Logout stringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- Saml2Provider string
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - Saml2Requested
Nameid stringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - Saml2Sign
Request string - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Snowflake
Acs stringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- Saml2Snowflake
Issuer stringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- Saml2Sp
Initiated stringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Saml2Sso
Url string - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- Saml2X509Cert string
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- Show
Outputs List<Saml2IntegrationShow Output> - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- Allowed
Email []stringPatterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Allowed
User []stringDomains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Comment string
- Specifies a comment for the integration.
- Describe
Outputs []Saml2IntegrationDescribe Output Args - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - Enabled string
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Fully
Qualified stringName - Fully qualified name of the resource. For more information, see object name resolution.
- Name string
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - Saml2Enable
Sp stringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Force
Authn string - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Issuer string
- The string containing the IdP EntityID / Issuer.
- Saml2Post
Logout stringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- Saml2Provider string
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - Saml2Requested
Nameid stringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - Saml2Sign
Request string - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- Saml2Snowflake
Acs stringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- Saml2Snowflake
Issuer stringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- Saml2Sp
Initiated stringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- Saml2Sso
Url string - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- Saml2X509Cert string
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- Show
Outputs []Saml2IntegrationShow Output Args - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- allowed
Email List<String>Patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- allowed
User List<String>Domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- comment String
- Specifies a comment for the integration.
- describe
Outputs List<Saml2IntegrationDescribe Output> - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - enabled String
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- fully
Qualified StringName - Fully qualified name of the resource. For more information, see object name resolution.
- name String
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - saml2Enable
Sp StringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Force
Authn String - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Issuer String
- The string containing the IdP EntityID / Issuer.
- saml2Post
Logout StringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- saml2Provider String
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - saml2Requested
Nameid StringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - saml2Sign
Request String - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Snowflake
Acs StringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Snowflake
Issuer StringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Sp
Initiated StringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- saml2Sso
Url String - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- saml2X509Cert String
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- show
Outputs List<Saml2IntegrationShow Output> - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- allowed
Email string[]Patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- allowed
User string[]Domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- comment string
- Specifies a comment for the integration.
- describe
Outputs Saml2IntegrationDescribe Output[] - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - enabled string
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- fully
Qualified stringName - Fully qualified name of the resource. For more information, see object name resolution.
- name string
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - saml2Enable
Sp stringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Force
Authn string - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Issuer string
- The string containing the IdP EntityID / Issuer.
- saml2Post
Logout stringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- saml2Provider string
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - saml2Requested
Nameid stringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - saml2Sign
Request string - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Snowflake
Acs stringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Snowflake
Issuer stringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Sp
Initiated stringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- saml2Sso
Url string - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- saml2X509Cert string
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- show
Outputs Saml2IntegrationShow Output[] - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- allowed_
email_ Sequence[str]patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- allowed_
user_ Sequence[str]domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- comment str
- Specifies a comment for the integration.
- describe_
outputs Sequence[Saml2IntegrationDescribe Output Args] - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - enabled str
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- fully_
qualified_ strname - Fully qualified name of the resource. For more information, see object name resolution.
- name str
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - saml2_
enable_ strsp_ initiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2_
force_ strauthn - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2_
issuer str - The string containing the IdP EntityID / Issuer.
- saml2_
post_ strlogout_ redirect_ url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- saml2_
provider str - The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - saml2_
requested_ strnameid_ format - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - saml2_
sign_ strrequest - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2_
snowflake_ stracs_ url - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2_
snowflake_ strissuer_ url - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2_
sp_ strinitiated_ login_ page_ label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- saml2_
sso_ strurl - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- saml2_
x509_ strcert - The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- show_
outputs Sequence[Saml2IntegrationShow Output Args] - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
- allowed
Email List<String>Patterns - A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- allowed
User List<String>Domains - A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- comment String
- Specifies a comment for the integration.
- describe
Outputs List<Property Map> - Outputs the result of
DESCRIBE SECURITY INTEGRATIONfor the given integration. - enabled String
- Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- fully
Qualified StringName - Fully qualified name of the resource. For more information, see object name resolution.
- name String
- Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters:
|,.,(,)," - saml2Enable
Sp StringInitiated - The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Force
Authn String - The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Issuer String
- The string containing the IdP EntityID / Issuer.
- saml2Post
Logout StringRedirect Url - The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
- saml2Provider String
- The string describing the IdP. Valid options are:
OKTA|ADFS|CUSTOM. - saml2Requested
Nameid StringFormat - The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified|urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName|urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName|urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos|urn:oasis:names:tc:SAML:2.0:nameid-format:persistent|urn:oasis:names:tc:SAML:2.0:nameid-format:transient. - saml2Sign
Request String - The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
- saml2Snowflake
Acs StringUrl - The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Snowflake
Issuer StringUrl - The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See docs.
- saml2Sp
Initiated StringLogin Page Label - The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
- saml2Sso
Url String - The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
- saml2X509Cert String
- The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
- show
Outputs List<Property Map> - Outputs the result of
SHOW SECURITY INTEGRATIONfor the given integration.
Supporting Types
Saml2IntegrationDescribeOutput, Saml2IntegrationDescribeOutputArgs
- Allowed
Email List<Saml2IntegrationPatterns Describe Output Allowed Email Pattern> - Allowed
User List<Saml2IntegrationDomains Describe Output Allowed User Domain> - Comments
List<Saml2Integration
Describe Output Comment> - Saml2Digest
Methods List<Saml2IntegrationUseds Describe Output Saml2Digest Methods Used> - Saml2Enable
Sp List<Saml2IntegrationInitiateds Describe Output Saml2Enable Sp Initiated> - Saml2Force
Authns List<Saml2IntegrationDescribe Output Saml2Force Authn> - Saml2Issuers
List<Saml2Integration
Describe Output Saml2Issuer> - Saml2Post
Logout List<Saml2IntegrationRedirect Urls Describe Output Saml2Post Logout Redirect Url> - Saml2Providers
List<Saml2Integration
Describe Output Saml2Provider> - Saml2Requested
Nameid List<Saml2IntegrationFormats Describe Output Saml2Requested Nameid Format> - Saml2Sign
Requests List<Saml2IntegrationDescribe Output Saml2Sign Request> - Saml2Signature
Methods List<Saml2IntegrationUseds Describe Output Saml2Signature Methods Used> - Saml2Snowflake
Acs List<Saml2IntegrationUrls Describe Output Saml2Snowflake Acs Url> - Saml2Snowflake
Issuer List<Saml2IntegrationUrls Describe Output Saml2Snowflake Issuer Url> - Saml2Snowflake
Metadatas List<Saml2IntegrationDescribe Output Saml2Snowflake Metadata> - Saml2Snowflake
X509Certs List<Saml2IntegrationDescribe Output Saml2Snowflake X509Cert> - Saml2Sp
Initiated List<Saml2IntegrationLogin Page Labels Describe Output Saml2Sp Initiated Login Page Label> - Saml2Sso
Urls List<Saml2IntegrationDescribe Output Saml2Sso Url> - Saml2X509Certs
List<Saml2Integration
Describe Output Saml2X509Cert>
- Allowed
Email []Saml2IntegrationPatterns Describe Output Allowed Email Pattern - Allowed
User []Saml2IntegrationDomains Describe Output Allowed User Domain - Comments
[]Saml2Integration
Describe Output Comment - Saml2Digest
Methods []Saml2IntegrationUseds Describe Output Saml2Digest Methods Used - Saml2Enable
Sp []Saml2IntegrationInitiateds Describe Output Saml2Enable Sp Initiated - Saml2Force
Authns []Saml2IntegrationDescribe Output Saml2Force Authn - Saml2Issuers
[]Saml2Integration
Describe Output Saml2Issuer - Saml2Post
Logout []Saml2IntegrationRedirect Urls Describe Output Saml2Post Logout Redirect Url - Saml2Providers
[]Saml2Integration
Describe Output Saml2Provider - Saml2Requested
Nameid []Saml2IntegrationFormats Describe Output Saml2Requested Nameid Format - Saml2Sign
Requests []Saml2IntegrationDescribe Output Saml2Sign Request - Saml2Signature
Methods []Saml2IntegrationUseds Describe Output Saml2Signature Methods Used - Saml2Snowflake
Acs []Saml2IntegrationUrls Describe Output Saml2Snowflake Acs Url - Saml2Snowflake
Issuer []Saml2IntegrationUrls Describe Output Saml2Snowflake Issuer Url - Saml2Snowflake
Metadatas []Saml2IntegrationDescribe Output Saml2Snowflake Metadata - Saml2Snowflake
X509Certs []Saml2IntegrationDescribe Output Saml2Snowflake X509Cert - Saml2Sp
Initiated []Saml2IntegrationLogin Page Labels Describe Output Saml2Sp Initiated Login Page Label - Saml2Sso
Urls []Saml2IntegrationDescribe Output Saml2Sso Url - Saml2X509Certs
[]Saml2Integration
Describe Output Saml2X509Cert
- allowed
Email List<Saml2IntegrationPatterns Describe Output Allowed Email Pattern> - allowed
User List<Saml2IntegrationDomains Describe Output Allowed User Domain> - comments
List<Saml2Integration
Describe Output Comment> - saml2Digest
Methods List<Saml2IntegrationUseds Describe Output Saml2Digest Methods Used> - saml2Enable
Sp List<Saml2IntegrationInitiateds Describe Output Saml2Enable Sp Initiated> - saml2Force
Authns List<Saml2IntegrationDescribe Output Saml2Force Authn> - saml2Issuers
List<Saml2Integration
Describe Output Saml2Issuer> - saml2Post
Logout List<Saml2IntegrationRedirect Urls Describe Output Saml2Post Logout Redirect Url> - saml2Providers
List<Saml2Integration
Describe Output Saml2Provider> - saml2Requested
Nameid List<Saml2IntegrationFormats Describe Output Saml2Requested Nameid Format> - saml2Sign
Requests List<Saml2IntegrationDescribe Output Saml2Sign Request> - saml2Signature
Methods List<Saml2IntegrationUseds Describe Output Saml2Signature Methods Used> - saml2Snowflake
Acs List<Saml2IntegrationUrls Describe Output Saml2Snowflake Acs Url> - saml2Snowflake
Issuer List<Saml2IntegrationUrls Describe Output Saml2Snowflake Issuer Url> - saml2Snowflake
Metadatas List<Saml2IntegrationDescribe Output Saml2Snowflake Metadata> - saml2Snowflake
X509Certs List<Saml2IntegrationDescribe Output Saml2Snowflake X509Cert> - saml2Sp
Initiated List<Saml2IntegrationLogin Page Labels Describe Output Saml2Sp Initiated Login Page Label> - saml2Sso
Urls List<Saml2IntegrationDescribe Output Saml2Sso Url> - saml2X509Certs
List<Saml2Integration
Describe Output Saml2X509Cert>
- allowed
Email Saml2IntegrationPatterns Describe Output Allowed Email Pattern[] - allowed
User Saml2IntegrationDomains Describe Output Allowed User Domain[] - comments
Saml2Integration
Describe Output Comment[] - saml2Digest
Methods Saml2IntegrationUseds Describe Output Saml2Digest Methods Used[] - saml2Enable
Sp Saml2IntegrationInitiateds Describe Output Saml2Enable Sp Initiated[] - saml2Force
Authns Saml2IntegrationDescribe Output Saml2Force Authn[] - saml2Issuers
Saml2Integration
Describe Output Saml2Issuer[] - saml2Post
Logout Saml2IntegrationRedirect Urls Describe Output Saml2Post Logout Redirect Url[] - saml2Providers
Saml2Integration
Describe Output Saml2Provider[] - saml2Requested
Nameid Saml2IntegrationFormats Describe Output Saml2Requested Nameid Format[] - saml2Sign
Requests Saml2IntegrationDescribe Output Saml2Sign Request[] - saml2Signature
Methods Saml2IntegrationUseds Describe Output Saml2Signature Methods Used[] - saml2Snowflake
Acs Saml2IntegrationUrls Describe Output Saml2Snowflake Acs Url[] - saml2Snowflake
Issuer Saml2IntegrationUrls Describe Output Saml2Snowflake Issuer Url[] - saml2Snowflake
Metadatas Saml2IntegrationDescribe Output Saml2Snowflake Metadata[] - saml2Snowflake
X509Certs Saml2IntegrationDescribe Output Saml2Snowflake X509Cert[] - saml2Sp
Initiated Saml2IntegrationLogin Page Labels Describe Output Saml2Sp Initiated Login Page Label[] - saml2Sso
Urls Saml2IntegrationDescribe Output Saml2Sso Url[] - saml2X509Certs
Saml2Integration
Describe Output Saml2X509Cert[]
- allowed_
email_ Sequence[Saml2Integrationpatterns Describe Output Allowed Email Pattern] - allowed_
user_ Sequence[Saml2Integrationdomains Describe Output Allowed User Domain] - comments
Sequence[Saml2Integration
Describe Output Comment] - saml2_
digest_ Sequence[Saml2Integrationmethods_ useds Describe Output Saml2Digest Methods Used] - saml2_
enable_ Sequence[Saml2Integrationsp_ initiateds Describe Output Saml2Enable Sp Initiated] - saml2_
force_ Sequence[Saml2Integrationauthns Describe Output Saml2Force Authn] - saml2_
issuers Sequence[Saml2IntegrationDescribe Output Saml2Issuer] - saml2_
post_ Sequence[Saml2Integrationlogout_ redirect_ urls Describe Output Saml2Post Logout Redirect Url] - saml2_
providers Sequence[Saml2IntegrationDescribe Output Saml2Provider] - saml2_
requested_ Sequence[Saml2Integrationnameid_ formats Describe Output Saml2Requested Nameid Format] - saml2_
sign_ Sequence[Saml2Integrationrequests Describe Output Saml2Sign Request] - saml2_
signature_ Sequence[Saml2Integrationmethods_ useds Describe Output Saml2Signature Methods Used] - saml2_
snowflake_ Sequence[Saml2Integrationacs_ urls Describe Output Saml2Snowflake Acs Url] - saml2_
snowflake_ Sequence[Saml2Integrationissuer_ urls Describe Output Saml2Snowflake Issuer Url] - saml2_
snowflake_ Sequence[Saml2Integrationmetadatas Describe Output Saml2Snowflake Metadata] - saml2_
snowflake_ Sequence[Saml2Integrationx509_ certs Describe Output Saml2Snowflake X509Cert] - saml2_
sp_ Sequence[Saml2Integrationinitiated_ login_ page_ labels Describe Output Saml2Sp Initiated Login Page Label] - saml2_
sso_ Sequence[Saml2Integrationurls Describe Output Saml2Sso Url] - saml2_
x509_ Sequence[Saml2Integrationcerts Describe Output Saml2X509Cert]
- allowed
Email List<Property Map>Patterns - allowed
User List<Property Map>Domains - comments List<Property Map>
- saml2Digest
Methods List<Property Map>Useds - saml2Enable
Sp List<Property Map>Initiateds - saml2Force
Authns List<Property Map> - saml2Issuers List<Property Map>
- saml2Post
Logout List<Property Map>Redirect Urls - saml2Providers List<Property Map>
- saml2Requested
Nameid List<Property Map>Formats - saml2Sign
Requests List<Property Map> - saml2Signature
Methods List<Property Map>Useds - saml2Snowflake
Acs List<Property Map>Urls - saml2Snowflake
Issuer List<Property Map>Urls - saml2Snowflake
Metadatas List<Property Map> - saml2Snowflake
X509Certs List<Property Map> - saml2Sp
Initiated List<Property Map>Login Page Labels - saml2Sso
Urls List<Property Map> - saml2X509Certs List<Property Map>
Saml2IntegrationDescribeOutputAllowedEmailPattern, Saml2IntegrationDescribeOutputAllowedEmailPatternArgs
Saml2IntegrationDescribeOutputAllowedUserDomain, Saml2IntegrationDescribeOutputAllowedUserDomainArgs
Saml2IntegrationDescribeOutputComment, Saml2IntegrationDescribeOutputCommentArgs
Saml2IntegrationDescribeOutputSaml2DigestMethodsUsed, Saml2IntegrationDescribeOutputSaml2DigestMethodsUsedArgs
Saml2IntegrationDescribeOutputSaml2EnableSpInitiated, Saml2IntegrationDescribeOutputSaml2EnableSpInitiatedArgs
Saml2IntegrationDescribeOutputSaml2ForceAuthn, Saml2IntegrationDescribeOutputSaml2ForceAuthnArgs
Saml2IntegrationDescribeOutputSaml2Issuer, Saml2IntegrationDescribeOutputSaml2IssuerArgs
Saml2IntegrationDescribeOutputSaml2PostLogoutRedirectUrl, Saml2IntegrationDescribeOutputSaml2PostLogoutRedirectUrlArgs
Saml2IntegrationDescribeOutputSaml2Provider, Saml2IntegrationDescribeOutputSaml2ProviderArgs
Saml2IntegrationDescribeOutputSaml2RequestedNameidFormat, Saml2IntegrationDescribeOutputSaml2RequestedNameidFormatArgs
Saml2IntegrationDescribeOutputSaml2SignRequest, Saml2IntegrationDescribeOutputSaml2SignRequestArgs
Saml2IntegrationDescribeOutputSaml2SignatureMethodsUsed, Saml2IntegrationDescribeOutputSaml2SignatureMethodsUsedArgs
Saml2IntegrationDescribeOutputSaml2SnowflakeAcsUrl, Saml2IntegrationDescribeOutputSaml2SnowflakeAcsUrlArgs
Saml2IntegrationDescribeOutputSaml2SnowflakeIssuerUrl, Saml2IntegrationDescribeOutputSaml2SnowflakeIssuerUrlArgs
Saml2IntegrationDescribeOutputSaml2SnowflakeMetadata, Saml2IntegrationDescribeOutputSaml2SnowflakeMetadataArgs
Saml2IntegrationDescribeOutputSaml2SnowflakeX509Cert, Saml2IntegrationDescribeOutputSaml2SnowflakeX509CertArgs
Saml2IntegrationDescribeOutputSaml2SpInitiatedLoginPageLabel, Saml2IntegrationDescribeOutputSaml2SpInitiatedLoginPageLabelArgs
Saml2IntegrationDescribeOutputSaml2SsoUrl, Saml2IntegrationDescribeOutputSaml2SsoUrlArgs
Saml2IntegrationDescribeOutputSaml2X509Cert, Saml2IntegrationDescribeOutputSaml2X509CertArgs
Saml2IntegrationShowOutput, Saml2IntegrationShowOutputArgs
- category str
- comment str
- created_
on str - enabled bool
- integration_
type str - name str
Package Details
- Repository
- Snowflake pulumi/pulumi-snowflake
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
snowflakeTerraform Provider.