1. Packages
  2. Snowflake Provider
  3. API Docs
  4. SamlIntegration
Snowflake v0.61.1 published on Thursday, Nov 14, 2024 by Pulumi

snowflake.SamlIntegration

Explore with Pulumi AI

snowflake logo
Snowflake v0.61.1 published on Thursday, Nov 14, 2024 by Pulumi

    Import

    $ pulumi import snowflake:index/samlIntegration:SamlIntegration example name
    

    Create SamlIntegration Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SamlIntegration(name: string, args: SamlIntegrationArgs, opts?: CustomResourceOptions);
    @overload
    def SamlIntegration(resource_name: str,
                        args: SamlIntegrationArgs,
                        opts: Optional[ResourceOptions] = None)
    
    @overload
    def SamlIntegration(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        saml2_issuer: Optional[str] = None,
                        saml2_x509_cert: Optional[str] = None,
                        saml2_sso_url: Optional[str] = None,
                        saml2_provider: Optional[str] = None,
                        saml2_force_authn: Optional[bool] = None,
                        saml2_post_logout_redirect_url: Optional[str] = None,
                        enabled: Optional[bool] = None,
                        saml2_requested_nameid_format: Optional[str] = None,
                        saml2_sign_request: Optional[bool] = None,
                        saml2_snowflake_acs_url: Optional[str] = None,
                        saml2_snowflake_issuer_url: Optional[str] = None,
                        saml2_snowflake_x509_cert: Optional[str] = None,
                        saml2_sp_initiated_login_page_label: Optional[str] = None,
                        saml2_enable_sp_initiated: Optional[bool] = None,
                        name: Optional[str] = None)
    func NewSamlIntegration(ctx *Context, name string, args SamlIntegrationArgs, opts ...ResourceOption) (*SamlIntegration, error)
    public SamlIntegration(string name, SamlIntegrationArgs args, CustomResourceOptions? opts = null)
    public SamlIntegration(String name, SamlIntegrationArgs args)
    public SamlIntegration(String name, SamlIntegrationArgs args, CustomResourceOptions options)
    
    type: snowflake:SamlIntegration
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SamlIntegrationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SamlIntegrationArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SamlIntegrationArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SamlIntegrationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SamlIntegrationArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var samlIntegrationResource = new Snowflake.SamlIntegration("samlIntegrationResource", new()
    {
        Saml2Issuer = "string",
        Saml2X509Cert = "string",
        Saml2SsoUrl = "string",
        Saml2Provider = "string",
        Saml2ForceAuthn = false,
        Saml2PostLogoutRedirectUrl = "string",
        Enabled = false,
        Saml2RequestedNameidFormat = "string",
        Saml2SignRequest = false,
        Saml2SnowflakeAcsUrl = "string",
        Saml2SnowflakeIssuerUrl = "string",
        Saml2SnowflakeX509Cert = "string",
        Saml2SpInitiatedLoginPageLabel = "string",
        Saml2EnableSpInitiated = false,
        Name = "string",
    });
    
    example, err := snowflake.NewSamlIntegration(ctx, "samlIntegrationResource", &snowflake.SamlIntegrationArgs{
    	Saml2Issuer:                    pulumi.String("string"),
    	Saml2X509Cert:                  pulumi.String("string"),
    	Saml2SsoUrl:                    pulumi.String("string"),
    	Saml2Provider:                  pulumi.String("string"),
    	Saml2ForceAuthn:                pulumi.Bool(false),
    	Saml2PostLogoutRedirectUrl:     pulumi.String("string"),
    	Enabled:                        pulumi.Bool(false),
    	Saml2RequestedNameidFormat:     pulumi.String("string"),
    	Saml2SignRequest:               pulumi.Bool(false),
    	Saml2SnowflakeAcsUrl:           pulumi.String("string"),
    	Saml2SnowflakeIssuerUrl:        pulumi.String("string"),
    	Saml2SnowflakeX509Cert:         pulumi.String("string"),
    	Saml2SpInitiatedLoginPageLabel: pulumi.String("string"),
    	Saml2EnableSpInitiated:         pulumi.Bool(false),
    	Name:                           pulumi.String("string"),
    })
    
    var samlIntegrationResource = new SamlIntegration("samlIntegrationResource", SamlIntegrationArgs.builder()
        .saml2Issuer("string")
        .saml2X509Cert("string")
        .saml2SsoUrl("string")
        .saml2Provider("string")
        .saml2ForceAuthn(false)
        .saml2PostLogoutRedirectUrl("string")
        .enabled(false)
        .saml2RequestedNameidFormat("string")
        .saml2SignRequest(false)
        .saml2SnowflakeAcsUrl("string")
        .saml2SnowflakeIssuerUrl("string")
        .saml2SnowflakeX509Cert("string")
        .saml2SpInitiatedLoginPageLabel("string")
        .saml2EnableSpInitiated(false)
        .name("string")
        .build());
    
    saml_integration_resource = snowflake.SamlIntegration("samlIntegrationResource",
        saml2_issuer="string",
        saml2_x509_cert="string",
        saml2_sso_url="string",
        saml2_provider="string",
        saml2_force_authn=False,
        saml2_post_logout_redirect_url="string",
        enabled=False,
        saml2_requested_nameid_format="string",
        saml2_sign_request=False,
        saml2_snowflake_acs_url="string",
        saml2_snowflake_issuer_url="string",
        saml2_snowflake_x509_cert="string",
        saml2_sp_initiated_login_page_label="string",
        saml2_enable_sp_initiated=False,
        name="string")
    
    const samlIntegrationResource = new snowflake.SamlIntegration("samlIntegrationResource", {
        saml2Issuer: "string",
        saml2X509Cert: "string",
        saml2SsoUrl: "string",
        saml2Provider: "string",
        saml2ForceAuthn: false,
        saml2PostLogoutRedirectUrl: "string",
        enabled: false,
        saml2RequestedNameidFormat: "string",
        saml2SignRequest: false,
        saml2SnowflakeAcsUrl: "string",
        saml2SnowflakeIssuerUrl: "string",
        saml2SnowflakeX509Cert: "string",
        saml2SpInitiatedLoginPageLabel: "string",
        saml2EnableSpInitiated: false,
        name: "string",
    });
    
    type: snowflake:SamlIntegration
    properties:
        enabled: false
        name: string
        saml2EnableSpInitiated: false
        saml2ForceAuthn: false
        saml2Issuer: string
        saml2PostLogoutRedirectUrl: string
        saml2Provider: string
        saml2RequestedNameidFormat: string
        saml2SignRequest: false
        saml2SnowflakeAcsUrl: string
        saml2SnowflakeIssuerUrl: string
        saml2SnowflakeX509Cert: string
        saml2SpInitiatedLoginPageLabel: string
        saml2SsoUrl: string
        saml2X509Cert: string
    

    SamlIntegration Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The SamlIntegration resource accepts the following input properties:

    Saml2Issuer string
    The string containing the IdP EntityID / Issuer.
    Saml2Provider string
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    Saml2SsoUrl string
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    Saml2X509Cert string
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    Enabled bool
    Specifies whether this security integration is enabled or disabled.
    Name string
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    Saml2EnableSpInitiated bool
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    Saml2ForceAuthn bool
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    Saml2PostLogoutRedirectUrl string
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    Saml2RequestedNameidFormat string
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    Saml2SignRequest bool
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    Saml2SnowflakeAcsUrl string
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    Saml2SnowflakeIssuerUrl string
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    Saml2SnowflakeX509Cert string
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    Saml2SpInitiatedLoginPageLabel string
    The string containing the label to display after the Log In With button on the login page.
    Saml2Issuer string
    The string containing the IdP EntityID / Issuer.
    Saml2Provider string
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    Saml2SsoUrl string
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    Saml2X509Cert string
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    Enabled bool
    Specifies whether this security integration is enabled or disabled.
    Name string
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    Saml2EnableSpInitiated bool
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    Saml2ForceAuthn bool
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    Saml2PostLogoutRedirectUrl string
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    Saml2RequestedNameidFormat string
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    Saml2SignRequest bool
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    Saml2SnowflakeAcsUrl string
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    Saml2SnowflakeIssuerUrl string
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    Saml2SnowflakeX509Cert string
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    Saml2SpInitiatedLoginPageLabel string
    The string containing the label to display after the Log In With button on the login page.
    saml2Issuer String
    The string containing the IdP EntityID / Issuer.
    saml2Provider String
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    saml2SsoUrl String
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    saml2X509Cert String
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    enabled Boolean
    Specifies whether this security integration is enabled or disabled.
    name String
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    saml2EnableSpInitiated Boolean
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    saml2ForceAuthn Boolean
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    saml2PostLogoutRedirectUrl String
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    saml2RequestedNameidFormat String
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    saml2SignRequest Boolean
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    saml2SnowflakeAcsUrl String
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    saml2SnowflakeIssuerUrl String
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    saml2SnowflakeX509Cert String
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    saml2SpInitiatedLoginPageLabel String
    The string containing the label to display after the Log In With button on the login page.
    saml2Issuer string
    The string containing the IdP EntityID / Issuer.
    saml2Provider string
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    saml2SsoUrl string
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    saml2X509Cert string
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    enabled boolean
    Specifies whether this security integration is enabled or disabled.
    name string
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    saml2EnableSpInitiated boolean
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    saml2ForceAuthn boolean
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    saml2PostLogoutRedirectUrl string
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    saml2RequestedNameidFormat string
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    saml2SignRequest boolean
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    saml2SnowflakeAcsUrl string
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    saml2SnowflakeIssuerUrl string
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    saml2SnowflakeX509Cert string
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    saml2SpInitiatedLoginPageLabel string
    The string containing the label to display after the Log In With button on the login page.
    saml2_issuer str
    The string containing the IdP EntityID / Issuer.
    saml2_provider str
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    saml2_sso_url str
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    saml2_x509_cert str
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    enabled bool
    Specifies whether this security integration is enabled or disabled.
    name str
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    saml2_enable_sp_initiated bool
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    saml2_force_authn bool
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    saml2_post_logout_redirect_url str
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    saml2_requested_nameid_format str
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    saml2_sign_request bool
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    saml2_snowflake_acs_url str
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    saml2_snowflake_issuer_url str
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    saml2_snowflake_x509_cert str
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    saml2_sp_initiated_login_page_label str
    The string containing the label to display after the Log In With button on the login page.
    saml2Issuer String
    The string containing the IdP EntityID / Issuer.
    saml2Provider String
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    saml2SsoUrl String
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    saml2X509Cert String
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    enabled Boolean
    Specifies whether this security integration is enabled or disabled.
    name String
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    saml2EnableSpInitiated Boolean
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    saml2ForceAuthn Boolean
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    saml2PostLogoutRedirectUrl String
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    saml2RequestedNameidFormat String
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    saml2SignRequest Boolean
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    saml2SnowflakeAcsUrl String
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    saml2SnowflakeIssuerUrl String
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    saml2SnowflakeX509Cert String
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    saml2SpInitiatedLoginPageLabel String
    The string containing the label to display after the Log In With button on the login page.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SamlIntegration resource produces the following output properties:

    CreatedOn string
    Date and time when the SAML integration was created.
    Id string
    The provider-assigned unique ID for this managed resource.
    Saml2DigestMethodsUsed string
    Saml2SignatureMethodsUsed string
    Saml2SnowflakeMetadata string
    Metadata created by Snowflake to provide to SAML2 provider.
    CreatedOn string
    Date and time when the SAML integration was created.
    Id string
    The provider-assigned unique ID for this managed resource.
    Saml2DigestMethodsUsed string
    Saml2SignatureMethodsUsed string
    Saml2SnowflakeMetadata string
    Metadata created by Snowflake to provide to SAML2 provider.
    createdOn String
    Date and time when the SAML integration was created.
    id String
    The provider-assigned unique ID for this managed resource.
    saml2DigestMethodsUsed String
    saml2SignatureMethodsUsed String
    saml2SnowflakeMetadata String
    Metadata created by Snowflake to provide to SAML2 provider.
    createdOn string
    Date and time when the SAML integration was created.
    id string
    The provider-assigned unique ID for this managed resource.
    saml2DigestMethodsUsed string
    saml2SignatureMethodsUsed string
    saml2SnowflakeMetadata string
    Metadata created by Snowflake to provide to SAML2 provider.
    created_on str
    Date and time when the SAML integration was created.
    id str
    The provider-assigned unique ID for this managed resource.
    saml2_digest_methods_used str
    saml2_signature_methods_used str
    saml2_snowflake_metadata str
    Metadata created by Snowflake to provide to SAML2 provider.
    createdOn String
    Date and time when the SAML integration was created.
    id String
    The provider-assigned unique ID for this managed resource.
    saml2DigestMethodsUsed String
    saml2SignatureMethodsUsed String
    saml2SnowflakeMetadata String
    Metadata created by Snowflake to provide to SAML2 provider.

    Look up Existing SamlIntegration Resource

    Get an existing SamlIntegration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SamlIntegrationState, opts?: CustomResourceOptions): SamlIntegration
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            created_on: Optional[str] = None,
            enabled: Optional[bool] = None,
            name: Optional[str] = None,
            saml2_digest_methods_used: Optional[str] = None,
            saml2_enable_sp_initiated: Optional[bool] = None,
            saml2_force_authn: Optional[bool] = None,
            saml2_issuer: Optional[str] = None,
            saml2_post_logout_redirect_url: Optional[str] = None,
            saml2_provider: Optional[str] = None,
            saml2_requested_nameid_format: Optional[str] = None,
            saml2_sign_request: Optional[bool] = None,
            saml2_signature_methods_used: Optional[str] = None,
            saml2_snowflake_acs_url: Optional[str] = None,
            saml2_snowflake_issuer_url: Optional[str] = None,
            saml2_snowflake_metadata: Optional[str] = None,
            saml2_snowflake_x509_cert: Optional[str] = None,
            saml2_sp_initiated_login_page_label: Optional[str] = None,
            saml2_sso_url: Optional[str] = None,
            saml2_x509_cert: Optional[str] = None) -> SamlIntegration
    func GetSamlIntegration(ctx *Context, name string, id IDInput, state *SamlIntegrationState, opts ...ResourceOption) (*SamlIntegration, error)
    public static SamlIntegration Get(string name, Input<string> id, SamlIntegrationState? state, CustomResourceOptions? opts = null)
    public static SamlIntegration get(String name, Output<String> id, SamlIntegrationState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    CreatedOn string
    Date and time when the SAML integration was created.
    Enabled bool
    Specifies whether this security integration is enabled or disabled.
    Name string
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    Saml2DigestMethodsUsed string
    Saml2EnableSpInitiated bool
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    Saml2ForceAuthn bool
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    Saml2Issuer string
    The string containing the IdP EntityID / Issuer.
    Saml2PostLogoutRedirectUrl string
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    Saml2Provider string
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    Saml2RequestedNameidFormat string
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    Saml2SignRequest bool
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    Saml2SignatureMethodsUsed string
    Saml2SnowflakeAcsUrl string
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    Saml2SnowflakeIssuerUrl string
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    Saml2SnowflakeMetadata string
    Metadata created by Snowflake to provide to SAML2 provider.
    Saml2SnowflakeX509Cert string
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    Saml2SpInitiatedLoginPageLabel string
    The string containing the label to display after the Log In With button on the login page.
    Saml2SsoUrl string
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    Saml2X509Cert string
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    CreatedOn string
    Date and time when the SAML integration was created.
    Enabled bool
    Specifies whether this security integration is enabled or disabled.
    Name string
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    Saml2DigestMethodsUsed string
    Saml2EnableSpInitiated bool
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    Saml2ForceAuthn bool
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    Saml2Issuer string
    The string containing the IdP EntityID / Issuer.
    Saml2PostLogoutRedirectUrl string
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    Saml2Provider string
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    Saml2RequestedNameidFormat string
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    Saml2SignRequest bool
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    Saml2SignatureMethodsUsed string
    Saml2SnowflakeAcsUrl string
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    Saml2SnowflakeIssuerUrl string
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    Saml2SnowflakeMetadata string
    Metadata created by Snowflake to provide to SAML2 provider.
    Saml2SnowflakeX509Cert string
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    Saml2SpInitiatedLoginPageLabel string
    The string containing the label to display after the Log In With button on the login page.
    Saml2SsoUrl string
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    Saml2X509Cert string
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    createdOn String
    Date and time when the SAML integration was created.
    enabled Boolean
    Specifies whether this security integration is enabled or disabled.
    name String
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    saml2DigestMethodsUsed String
    saml2EnableSpInitiated Boolean
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    saml2ForceAuthn Boolean
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    saml2Issuer String
    The string containing the IdP EntityID / Issuer.
    saml2PostLogoutRedirectUrl String
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    saml2Provider String
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    saml2RequestedNameidFormat String
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    saml2SignRequest Boolean
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    saml2SignatureMethodsUsed String
    saml2SnowflakeAcsUrl String
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    saml2SnowflakeIssuerUrl String
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    saml2SnowflakeMetadata String
    Metadata created by Snowflake to provide to SAML2 provider.
    saml2SnowflakeX509Cert String
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    saml2SpInitiatedLoginPageLabel String
    The string containing the label to display after the Log In With button on the login page.
    saml2SsoUrl String
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    saml2X509Cert String
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    createdOn string
    Date and time when the SAML integration was created.
    enabled boolean
    Specifies whether this security integration is enabled or disabled.
    name string
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    saml2DigestMethodsUsed string
    saml2EnableSpInitiated boolean
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    saml2ForceAuthn boolean
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    saml2Issuer string
    The string containing the IdP EntityID / Issuer.
    saml2PostLogoutRedirectUrl string
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    saml2Provider string
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    saml2RequestedNameidFormat string
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    saml2SignRequest boolean
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    saml2SignatureMethodsUsed string
    saml2SnowflakeAcsUrl string
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    saml2SnowflakeIssuerUrl string
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    saml2SnowflakeMetadata string
    Metadata created by Snowflake to provide to SAML2 provider.
    saml2SnowflakeX509Cert string
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    saml2SpInitiatedLoginPageLabel string
    The string containing the label to display after the Log In With button on the login page.
    saml2SsoUrl string
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    saml2X509Cert string
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    created_on str
    Date and time when the SAML integration was created.
    enabled bool
    Specifies whether this security integration is enabled or disabled.
    name str
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    saml2_digest_methods_used str
    saml2_enable_sp_initiated bool
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    saml2_force_authn bool
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    saml2_issuer str
    The string containing the IdP EntityID / Issuer.
    saml2_post_logout_redirect_url str
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    saml2_provider str
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    saml2_requested_nameid_format str
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    saml2_sign_request bool
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    saml2_signature_methods_used str
    saml2_snowflake_acs_url str
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    saml2_snowflake_issuer_url str
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    saml2_snowflake_metadata str
    Metadata created by Snowflake to provide to SAML2 provider.
    saml2_snowflake_x509_cert str
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    saml2_sp_initiated_login_page_label str
    The string containing the label to display after the Log In With button on the login page.
    saml2_sso_url str
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    saml2_x509_cert str
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
    createdOn String
    Date and time when the SAML integration was created.
    enabled Boolean
    Specifies whether this security integration is enabled or disabled.
    name String
    Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
    saml2DigestMethodsUsed String
    saml2EnableSpInitiated Boolean
    The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in WIth button on the login page. FALSE: does not display the Log in With button on the login page.
    saml2ForceAuthn Boolean
    The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake.
    saml2Issuer String
    The string containing the IdP EntityID / Issuer.
    saml2PostLogoutRedirectUrl String
    The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
    saml2Provider String
    The string describing the IdP. One of the following: OKTA, ADFS, Custom.
    saml2RequestedNameidFormat String
    The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. If a value is not specified, Snowflake sends the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress value in the authentication request to the IdP. NameID must be one of the following values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName, urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName, urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos, urn:oasis:names:tc:SAML:2.0:nameid-format:persistent, urn:oasis:names:tc:SAML:2.0:nameid-format:transient .
    saml2SignRequest Boolean
    The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed.
    saml2SignatureMethodsUsed String
    saml2SnowflakeAcsUrl String
    The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Default: https://\n\n.\n\n.snowflakecomputing.com/fed/login
    saml2SnowflakeIssuerUrl String
    The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
    saml2SnowflakeMetadata String
    Metadata created by Snowflake to provide to SAML2 provider.
    saml2SnowflakeX509Cert String
    The Base64 encoded self-signed certificate generated by Snowflake for use with Encrypting SAML Assertions and Signed SAML Requests. You must have at least one of these features (encrypted SAML assertions or signed SAML responses) enabled in your Snowflake account to access the certificate value.
    saml2SpInitiatedLoginPageLabel String
    The string containing the label to display after the Log In With button on the login page.
    saml2SsoUrl String
    The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
    saml2X509Cert String
    The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.

    Package Details

    Repository
    Snowflake pulumi/pulumi-snowflake
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the snowflake Terraform Provider.
    snowflake logo
    Snowflake v0.61.1 published on Thursday, Nov 14, 2024 by Pulumi