pulumi-snowflake 0.50.2a1709892015__py3-none-any.whl → 1.2.0a1736835738__py3-none-any.whl

pulumi_snowflake/network_policy.py

@@ -4,30 +4,46 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from . import _utilities
+from . import outputs
+from ._inputs import *
 
 __all__ = ['NetworkPolicyArgs', 'NetworkPolicy']
 
 @pulumi.input_type
 class NetworkPolicyArgs:
     def __init__(__self__, *,
-                 allowed_ip_lists: pulumi.Input[Sequence[pulumi.Input[str]]],
+                 allowed_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 allowed_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  blocked_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 blocked_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  comment: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None):
         """
         The set of arguments for constructing a NetworkPolicy resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account\\n\\n\\n\\n**Do not** add `0.0.0.0/0` to `blocked_ip_list`
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_network_rule_lists: Specifies a list of fully qualified network rules that contain the network identifiers that are allowed access to Snowflake. For more information about this resource, see docs.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account. **Do not** add `0.0.0.0/0` to `blocked_ip_list`, in order to block all IP addresses except a select list, you only need to add IP addresses to `allowed_ip_list`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_network_rule_lists: Specifies a list of fully qualified network rules that contain the network identifiers that are denied access to Snowflake. For more information about this resource, see docs.
         :param pulumi.Input[str] comment: Specifies a comment for the network policy.
-        :param pulumi.Input[str] name: Specifies the identifier for the network policy; must be unique for the account in which the network policy is created.
+        :param pulumi.Input[str] name: Specifies the identifier for the network policy; must be unique for the account in which the network policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
-        pulumi.set(__self__, "allowed_ip_lists", allowed_ip_lists)
+        if allowed_ip_lists is not None:
+            pulumi.set(__self__, "allowed_ip_lists", allowed_ip_lists)
+        if allowed_network_rule_lists is not None:
+            pulumi.set(__self__, "allowed_network_rule_lists", allowed_network_rule_lists)
         if blocked_ip_lists is not None:
             pulumi.set(__self__, "blocked_ip_lists", blocked_ip_lists)
+        if blocked_network_rule_lists is not None:
+            pulumi.set(__self__, "blocked_network_rule_lists", blocked_network_rule_lists)
         if comment is not None:
             pulumi.set(__self__, "comment", comment)
         if name is not None:
@@ -35,21 +51,33 @@ class NetworkPolicyArgs:
 
     @property
     @pulumi.getter(name="allowedIpLists")
-    def allowed_ip_lists(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
+    def allowed_ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account
+        Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account.
         """
         return pulumi.get(self, "allowed_ip_lists")
 
     @allowed_ip_lists.setter
-    def allowed_ip_lists(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]):
+    def allowed_ip_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
         pulumi.set(self, "allowed_ip_lists", value)
 
+    @property
+    @pulumi.getter(name="allowedNetworkRuleLists")
+    def allowed_network_rule_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        Specifies a list of fully qualified network rules that contain the network identifiers that are allowed access to Snowflake. For more information about this resource, see docs.
+        """
+        return pulumi.get(self, "allowed_network_rule_lists")
+
+    @allowed_network_rule_lists.setter
+    def allowed_network_rule_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "allowed_network_rule_lists", value)
+
     @property
     @pulumi.getter(name="blockedIpLists")
     def blocked_ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account\\n\\n\\n\\n**Do not** add `0.0.0.0/0` to `blocked_ip_list`
+        Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account. **Do not** add `0.0.0.0/0` to `blocked_ip_list`, in order to block all IP addresses except a select list, you only need to add IP addresses to `allowed_ip_list`.
         """
         return pulumi.get(self, "blocked_ip_lists")
 
@@ -57,6 +85,18 @@ class NetworkPolicyArgs:
     def blocked_ip_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
         pulumi.set(self, "blocked_ip_lists", value)
 
+    @property
+    @pulumi.getter(name="blockedNetworkRuleLists")
+    def blocked_network_rule_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        Specifies a list of fully qualified network rules that contain the network identifiers that are denied access to Snowflake. For more information about this resource, see docs.
+        """
+        return pulumi.get(self, "blocked_network_rule_lists")
+
+    @blocked_network_rule_lists.setter
+    def blocked_network_rule_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "blocked_network_rule_lists", value)
+
     @property
     @pulumi.getter
     def comment(self) -> Optional[pulumi.Input[str]]:
@@ -73,7 +113,7 @@ class NetworkPolicyArgs:
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies the identifier for the network policy; must be unique for the account in which the network policy is created.
+        Specifies the identifier for the network policy; must be unique for the account in which the network policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
@@ -86,30 +126,50 @@ class NetworkPolicyArgs:
 class _NetworkPolicyState:
     def __init__(__self__, *,
                  allowed_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 allowed_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  blocked_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 blocked_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  comment: Optional[pulumi.Input[str]] = None,
-                 name: Optional[pulumi.Input[str]] = None):
+                 describe_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['NetworkPolicyDescribeOutputArgs']]]] = None,
+                 fully_qualified_name: Optional[pulumi.Input[str]] = None,
+                 name: Optional[pulumi.Input[str]] = None,
+                 show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['NetworkPolicyShowOutputArgs']]]] = None):
         """
         Input properties used for looking up and filtering NetworkPolicy resources.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account\\n\\n\\n\\n**Do not** add `0.0.0.0/0` to `blocked_ip_list`
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_network_rule_lists: Specifies a list of fully qualified network rules that contain the network identifiers that are allowed access to Snowflake. For more information about this resource, see docs.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account. **Do not** add `0.0.0.0/0` to `blocked_ip_list`, in order to block all IP addresses except a select list, you only need to add IP addresses to `allowed_ip_list`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_network_rule_lists: Specifies a list of fully qualified network rules that contain the network identifiers that are denied access to Snowflake. For more information about this resource, see docs.
         :param pulumi.Input[str] comment: Specifies a comment for the network policy.
-        :param pulumi.Input[str] name: Specifies the identifier for the network policy; must be unique for the account in which the network policy is created.
+        :param pulumi.Input[Sequence[pulumi.Input['NetworkPolicyDescribeOutputArgs']]] describe_outputs: Outputs the result of `DESCRIBE NETWORK POLICY` for the given network policy.
+        :param pulumi.Input[str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        :param pulumi.Input[str] name: Specifies the identifier for the network policy; must be unique for the account in which the network policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[Sequence[pulumi.Input['NetworkPolicyShowOutputArgs']]] show_outputs: Outputs the result of `SHOW NETWORK POLICIES` for the given network policy.
         """
         if allowed_ip_lists is not None:
             pulumi.set(__self__, "allowed_ip_lists", allowed_ip_lists)
+        if allowed_network_rule_lists is not None:
+            pulumi.set(__self__, "allowed_network_rule_lists", allowed_network_rule_lists)
         if blocked_ip_lists is not None:
             pulumi.set(__self__, "blocked_ip_lists", blocked_ip_lists)
+        if blocked_network_rule_lists is not None:
+            pulumi.set(__self__, "blocked_network_rule_lists", blocked_network_rule_lists)
         if comment is not None:
             pulumi.set(__self__, "comment", comment)
+        if describe_outputs is not None:
+            pulumi.set(__self__, "describe_outputs", describe_outputs)
+        if fully_qualified_name is not None:
+            pulumi.set(__self__, "fully_qualified_name", fully_qualified_name)
         if name is not None:
             pulumi.set(__self__, "name", name)
+        if show_outputs is not None:
+            pulumi.set(__self__, "show_outputs", show_outputs)
 
     @property
     @pulumi.getter(name="allowedIpLists")
     def allowed_ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account
+        Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account.
         """
         return pulumi.get(self, "allowed_ip_lists")
 
@@ -117,11 +177,23 @@ class _NetworkPolicyState:
     def allowed_ip_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
         pulumi.set(self, "allowed_ip_lists", value)
 
+    @property
+    @pulumi.getter(name="allowedNetworkRuleLists")
+    def allowed_network_rule_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        Specifies a list of fully qualified network rules that contain the network identifiers that are allowed access to Snowflake. For more information about this resource, see docs.
+        """
+        return pulumi.get(self, "allowed_network_rule_lists")
+
+    @allowed_network_rule_lists.setter
+    def allowed_network_rule_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "allowed_network_rule_lists", value)
+
     @property
     @pulumi.getter(name="blockedIpLists")
     def blocked_ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account\\n\\n\\n\\n**Do not** add `0.0.0.0/0` to `blocked_ip_list`
+        Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account. **Do not** add `0.0.0.0/0` to `blocked_ip_list`, in order to block all IP addresses except a select list, you only need to add IP addresses to `allowed_ip_list`.
         """
         return pulumi.get(self, "blocked_ip_lists")
 
@@ -129,6 +201,18 @@ class _NetworkPolicyState:
     def blocked_ip_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
         pulumi.set(self, "blocked_ip_lists", value)
 
+    @property
+    @pulumi.getter(name="blockedNetworkRuleLists")
+    def blocked_network_rule_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        Specifies a list of fully qualified network rules that contain the network identifiers that are denied access to Snowflake. For more information about this resource, see docs.
+        """
+        return pulumi.get(self, "blocked_network_rule_lists")
+
+    @blocked_network_rule_lists.setter
+    def blocked_network_rule_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "blocked_network_rule_lists", value)
+
     @property
     @pulumi.getter
     def comment(self) -> Optional[pulumi.Input[str]]:
@@ -141,11 +225,35 @@ class _NetworkPolicyState:
     def comment(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "comment", value)
 
+    @property
+    @pulumi.getter(name="describeOutputs")
+    def describe_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['NetworkPolicyDescribeOutputArgs']]]]:
+        """
+        Outputs the result of `DESCRIBE NETWORK POLICY` for the given network policy.
+        """
+        return pulumi.get(self, "describe_outputs")
+
+    @describe_outputs.setter
+    def describe_outputs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['NetworkPolicyDescribeOutputArgs']]]]):
+        pulumi.set(self, "describe_outputs", value)
+
+    @property
+    @pulumi.getter(name="fullyQualifiedName")
+    def fully_qualified_name(self) -> Optional[pulumi.Input[str]]:
+        """
+        Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        """
+        return pulumi.get(self, "fully_qualified_name")
+
+    @fully_qualified_name.setter
+    def fully_qualified_name(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "fully_qualified_name", value)
+
     @property
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies the identifier for the network policy; must be unique for the account in which the network policy is created.
+        Specifies the identifier for the network policy; must be unique for the account in which the network policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
@@ -153,6 +261,18 @@ class _NetworkPolicyState:
     def name(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "name", value)
 
+    @property
+    @pulumi.getter(name="showOutputs")
+    def show_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['NetworkPolicyShowOutputArgs']]]]:
+        """
+        Outputs the result of `SHOW NETWORK POLICIES` for the given network policy.
+        """
+        return pulumi.get(self, "show_outputs")
+
+    @show_outputs.setter
+    def show_outputs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['NetworkPolicyShowOutputArgs']]]]):
+        pulumi.set(self, "show_outputs", value)
+
 
 class NetworkPolicy(pulumi.CustomResource):
     @overload
@@ -160,59 +280,39 @@ class NetworkPolicy(pulumi.CustomResource):
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  allowed_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 allowed_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  blocked_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 blocked_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  comment: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
-        ## Example Usage
-
-        ```python
-        import pulumi
-        import pulumi_snowflake as snowflake
-
-        policy = snowflake.NetworkPolicy("policy",
-            allowed_ip_lists=["192.168.0.100/24"],
-            blocked_ip_lists=["192.168.0.101"],
-            comment="A policy.")
-        ```
-
         ## Import
 
         ```sh
-         $ pulumi import snowflake:index/networkPolicy:NetworkPolicy example policyname
+        $ pulumi import snowflake:index/networkPolicy:NetworkPolicy example '"<network_policy_name>"'
         ```
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account\\n\\n\\n\\n**Do not** add `0.0.0.0/0` to `blocked_ip_list`
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_network_rule_lists: Specifies a list of fully qualified network rules that contain the network identifiers that are allowed access to Snowflake. For more information about this resource, see docs.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account. **Do not** add `0.0.0.0/0` to `blocked_ip_list`, in order to block all IP addresses except a select list, you only need to add IP addresses to `allowed_ip_list`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_network_rule_lists: Specifies a list of fully qualified network rules that contain the network identifiers that are denied access to Snowflake. For more information about this resource, see docs.
         :param pulumi.Input[str] comment: Specifies a comment for the network policy.
-        :param pulumi.Input[str] name: Specifies the identifier for the network policy; must be unique for the account in which the network policy is created.
+        :param pulumi.Input[str] name: Specifies the identifier for the network policy; must be unique for the account in which the network policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         ...
     @overload
     def __init__(__self__,
                  resource_name: str,
-                 args: NetworkPolicyArgs,
+                 args: Optional[NetworkPolicyArgs] = None,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
-        ## Example Usage
-
-        ```python
-        import pulumi
-        import pulumi_snowflake as snowflake
-
-        policy = snowflake.NetworkPolicy("policy",
-            allowed_ip_lists=["192.168.0.100/24"],
-            blocked_ip_lists=["192.168.0.101"],
-            comment="A policy.")
-        ```
-
         ## Import
 
         ```sh
-         $ pulumi import snowflake:index/networkPolicy:NetworkPolicy example policyname
+        $ pulumi import snowflake:index/networkPolicy:NetworkPolicy example '"<network_policy_name>"'
         ```
 
         :param str resource_name: The name of the resource.
@@ -231,7 +331,9 @@ class NetworkPolicy(pulumi.CustomResource):
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  allowed_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 allowed_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  blocked_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 blocked_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  comment: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  __props__=None):
@@ -243,12 +345,15 @@ class NetworkPolicy(pulumi.CustomResource):
                 raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
             __props__ = NetworkPolicyArgs.__new__(NetworkPolicyArgs)
 
-            if allowed_ip_lists is None and not opts.urn:
-                raise TypeError("Missing required property 'allowed_ip_lists'")
             __props__.__dict__["allowed_ip_lists"] = allowed_ip_lists
+            __props__.__dict__["allowed_network_rule_lists"] = allowed_network_rule_lists
             __props__.__dict__["blocked_ip_lists"] = blocked_ip_lists
+            __props__.__dict__["blocked_network_rule_lists"] = blocked_network_rule_lists
             __props__.__dict__["comment"] = comment
             __props__.__dict__["name"] = name
+            __props__.__dict__["describe_outputs"] = None
+            __props__.__dict__["fully_qualified_name"] = None
+            __props__.__dict__["show_outputs"] = None
         super(NetworkPolicy, __self__).__init__(
             'snowflake:index/networkPolicy:NetworkPolicy',
             resource_name,
@@ -260,9 +365,14 @@ class NetworkPolicy(pulumi.CustomResource):
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
             allowed_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+            allowed_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
             blocked_ip_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+            blocked_network_rule_lists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
             comment: Optional[pulumi.Input[str]] = None,
-            name: Optional[pulumi.Input[str]] = None) -> 'NetworkPolicy':
+            describe_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['NetworkPolicyDescribeOutputArgs', 'NetworkPolicyDescribeOutputArgsDict']]]]] = None,
+            fully_qualified_name: Optional[pulumi.Input[str]] = None,
+            name: Optional[pulumi.Input[str]] = None,
+            show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['NetworkPolicyShowOutputArgs', 'NetworkPolicyShowOutputArgsDict']]]]] = None) -> 'NetworkPolicy':
         """
         Get an existing NetworkPolicy resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -270,37 +380,63 @@ class NetworkPolicy(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account\\n\\n\\n\\n**Do not** add `0.0.0.0/0` to `blocked_ip_list`
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_network_rule_lists: Specifies a list of fully qualified network rules that contain the network identifiers that are allowed access to Snowflake. For more information about this resource, see docs.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_ip_lists: Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account. **Do not** add `0.0.0.0/0` to `blocked_ip_list`, in order to block all IP addresses except a select list, you only need to add IP addresses to `allowed_ip_list`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] blocked_network_rule_lists: Specifies a list of fully qualified network rules that contain the network identifiers that are denied access to Snowflake. For more information about this resource, see docs.
         :param pulumi.Input[str] comment: Specifies a comment for the network policy.
-        :param pulumi.Input[str] name: Specifies the identifier for the network policy; must be unique for the account in which the network policy is created.
+        :param pulumi.Input[Sequence[pulumi.Input[Union['NetworkPolicyDescribeOutputArgs', 'NetworkPolicyDescribeOutputArgsDict']]]] describe_outputs: Outputs the result of `DESCRIBE NETWORK POLICY` for the given network policy.
+        :param pulumi.Input[str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        :param pulumi.Input[str] name: Specifies the identifier for the network policy; must be unique for the account in which the network policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[Sequence[pulumi.Input[Union['NetworkPolicyShowOutputArgs', 'NetworkPolicyShowOutputArgsDict']]]] show_outputs: Outputs the result of `SHOW NETWORK POLICIES` for the given network policy.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
         __props__ = _NetworkPolicyState.__new__(_NetworkPolicyState)
 
         __props__.__dict__["allowed_ip_lists"] = allowed_ip_lists
+        __props__.__dict__["allowed_network_rule_lists"] = allowed_network_rule_lists
         __props__.__dict__["blocked_ip_lists"] = blocked_ip_lists
+        __props__.__dict__["blocked_network_rule_lists"] = blocked_network_rule_lists
         __props__.__dict__["comment"] = comment
+        __props__.__dict__["describe_outputs"] = describe_outputs
+        __props__.__dict__["fully_qualified_name"] = fully_qualified_name
         __props__.__dict__["name"] = name
+        __props__.__dict__["show_outputs"] = show_outputs
         return NetworkPolicy(resource_name, opts=opts, __props__=__props__)
 
     @property
     @pulumi.getter(name="allowedIpLists")
-    def allowed_ip_lists(self) -> pulumi.Output[Sequence[str]]:
+    def allowed_ip_lists(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account
+        Specifies one or more IPv4 addresses (CIDR notation) that are allowed access to your Snowflake account.
         """
         return pulumi.get(self, "allowed_ip_lists")
 
+    @property
+    @pulumi.getter(name="allowedNetworkRuleLists")
+    def allowed_network_rule_lists(self) -> pulumi.Output[Optional[Sequence[str]]]:
+        """
+        Specifies a list of fully qualified network rules that contain the network identifiers that are allowed access to Snowflake. For more information about this resource, see docs.
+        """
+        return pulumi.get(self, "allowed_network_rule_lists")
+
     @property
     @pulumi.getter(name="blockedIpLists")
     def blocked_ip_lists(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account\\n\\n\\n\\n**Do not** add `0.0.0.0/0` to `blocked_ip_list`
+        Specifies one or more IPv4 addresses (CIDR notation) that are denied access to your Snowflake account. **Do not** add `0.0.0.0/0` to `blocked_ip_list`, in order to block all IP addresses except a select list, you only need to add IP addresses to `allowed_ip_list`.
         """
         return pulumi.get(self, "blocked_ip_lists")
 
+    @property
+    @pulumi.getter(name="blockedNetworkRuleLists")
+    def blocked_network_rule_lists(self) -> pulumi.Output[Optional[Sequence[str]]]:
+        """
+        Specifies a list of fully qualified network rules that contain the network identifiers that are denied access to Snowflake. For more information about this resource, see docs.
+        """
+        return pulumi.get(self, "blocked_network_rule_lists")
+
     @property
     @pulumi.getter
     def comment(self) -> pulumi.Output[Optional[str]]:
@@ -309,11 +445,35 @@ class NetworkPolicy(pulumi.CustomResource):
         """
         return pulumi.get(self, "comment")
 
+    @property
+    @pulumi.getter(name="describeOutputs")
+    def describe_outputs(self) -> pulumi.Output[Sequence['outputs.NetworkPolicyDescribeOutput']]:
+        """
+        Outputs the result of `DESCRIBE NETWORK POLICY` for the given network policy.
+        """
+        return pulumi.get(self, "describe_outputs")
+
+    @property
+    @pulumi.getter(name="fullyQualifiedName")
+    def fully_qualified_name(self) -> pulumi.Output[str]:
+        """
+        Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        """
+        return pulumi.get(self, "fully_qualified_name")
+
     @property
     @pulumi.getter
     def name(self) -> pulumi.Output[str]:
         """
-        Specifies the identifier for the network policy; must be unique for the account in which the network policy is created.
+        Specifies the identifier for the network policy; must be unique for the account in which the network policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
+    @property
+    @pulumi.getter(name="showOutputs")
+    def show_outputs(self) -> pulumi.Output[Sequence['outputs.NetworkPolicyShowOutput']]:
+        """
+        Outputs the result of `SHOW NETWORK POLICIES` for the given network policy.
+        """
+        return pulumi.get(self, "show_outputs")
+

pulumi_snowflake/network_policy_attachment.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from . import _utilities
 
 __all__ = ['NetworkPolicyAttachmentArgs', 'NetworkPolicyAttachment']
@@ -132,25 +137,10 @@ class NetworkPolicyAttachment(pulumi.CustomResource):
                  users: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  __props__=None):
         """
-        ## Example Usage
-
-        ```python
-        import pulumi
-        import pulumi_snowflake as snowflake
-
-        attach = snowflake.NetworkPolicyAttachment("attach",
-            network_policy_name="policy",
-            set_for_account=False,
-            users=[
-                "user1",
-                "user2",
-            ])
-        ```
-
         ## Import
 
         ```sh
-         $ pulumi import snowflake:index/networkPolicyAttachment:NetworkPolicyAttachment example attachment_policyname
+        $ pulumi import snowflake:index/networkPolicyAttachment:NetworkPolicyAttachment example attachment_policyname
         ```
 
         :param str resource_name: The name of the resource.
@@ -166,25 +156,10 @@ class NetworkPolicyAttachment(pulumi.CustomResource):
                  args: NetworkPolicyAttachmentArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
-        ## Example Usage
-
-        ```python
-        import pulumi
-        import pulumi_snowflake as snowflake
-
-        attach = snowflake.NetworkPolicyAttachment("attach",
-            network_policy_name="policy",
-            set_for_account=False,
-            users=[
-                "user1",
-                "user2",
-            ])
-        ```
-
         ## Import
 
         ```sh
-         $ pulumi import snowflake:index/networkPolicyAttachment:NetworkPolicyAttachment example attachment_policyname
+        $ pulumi import snowflake:index/networkPolicyAttachment:NetworkPolicyAttachment example attachment_policyname
         ```
 
         :param str resource_name: The name of the resource.