PyPI - pulumi-snowflake - Versions diffs - 0.57.0a1722063098__py3-none-any.whl → 0.57.1__py3-none-any.whl - Mend

pulumi-snowflake 0.57.0a1722063098py3-none-any.whl → 0.57.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

pulumi_snowflake/__init__.py +20 -0
pulumi_snowflake/_inputs.py +2475 -237
pulumi_snowflake/account_role.py +226 -0
pulumi_snowflake/api_authentication_integration_with_authorization_code_grant.py +4 -0
pulumi_snowflake/api_authentication_integration_with_client_credentials.py +4 -0
pulumi_snowflake/api_authentication_integration_with_jwt_bearer.py +4 -0
pulumi_snowflake/database.py +63 -63
pulumi_snowflake/external_oauth_integration.py +2 -2
pulumi_snowflake/get_databases.py +2 -2
pulumi_snowflake/get_network_policies.py +122 -0
pulumi_snowflake/get_roles.py +37 -31
pulumi_snowflake/get_schemas.py +117 -36
pulumi_snowflake/get_security_integrations.py +2 -2
pulumi_snowflake/get_streamlits.py +159 -0
pulumi_snowflake/get_warehouses.py +2 -2
pulumi_snowflake/network_policy.py +103 -19
pulumi_snowflake/oauth_integration_for_custom_clients.py +18 -14
pulumi_snowflake/oauth_integration_for_partner_applications.py +18 -14
pulumi_snowflake/outputs.py +5849 -2728
pulumi_snowflake/pulumi-plugin.json +1 -1
pulumi_snowflake/role.py +44 -72
pulumi_snowflake/saml2_integration.py +32 -28
pulumi_snowflake/schema.py +914 -156
pulumi_snowflake/scim_integration.py +25 -21
pulumi_snowflake/secondary_database.py +63 -63
pulumi_snowflake/shared_database.py +63 -63
pulumi_snowflake/streamlit.py +650 -0
pulumi_snowflake/table.py +0 -120
pulumi_snowflake/table_constraint.py +2 -2
pulumi_snowflake/unsafe_execute.py +8 -8
{pulumi_snowflake-0.57.0a1722063098.dist-info → pulumi_snowflake-0.57.1.dist-info}/METADATA +1 -1
{pulumi_snowflake-0.57.0a1722063098.dist-info → pulumi_snowflake-0.57.1.dist-info}/RECORD +34 -30
{pulumi_snowflake-0.57.0a1722063098.dist-info → pulumi_snowflake-0.57.1.dist-info}/WHEEL +1 -1
{pulumi_snowflake-0.57.0a1722063098.dist-info → pulumi_snowflake-0.57.1.dist-info}/top_level.txt +0 -0

pulumi_snowflake/pulumi-plugin.json CHANGED Viewed

@@ -1,5 +1,5 @@
 {
   "resource": true,
   "name": "snowflake",
-  "version": "0.57.0-alpha.1722063098"
+  "version": "0.57.1"
 }

pulumi_snowflake/role.py CHANGED Viewed

@@ -17,21 +17,14 @@ __all__ = ['RoleArgs', 'Role']
 class RoleArgs:
     def __init__(__self__, *,
                  comment: Optional[pulumi.Input[str]] = None,
-                 name: Optional[pulumi.Input[str]] = None,
-                 tags: Optional[pulumi.Input[Sequence[pulumi.Input['RoleTagArgs']]]] = None):
+                 name: Optional[pulumi.Input[str]] = None):
         """
         The set of arguments for constructing a Role resource.
-        :param pulumi.Input[Sequence[pulumi.Input['RoleTagArgs']]] tags: Definitions of a tag to associate with the resource.
         """
         if comment is not None:
             pulumi.set(__self__, "comment", comment)
         if name is not None:
             pulumi.set(__self__, "name", name)
-        if tags is not None:
-            warnings.warn("""Use the 'snowflake_tag_association' resource instead.""", DeprecationWarning)
-            pulumi.log.warn("""tags is deprecated: Use the 'snowflake_tag_association' resource instead.""")
-        if tags is not None:
-            pulumi.set(__self__, "tags", tags)
     @property
     @pulumi.getter
@@ -51,39 +44,23 @@ class RoleArgs:
     def name(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "name", value)
-    @property
-    @pulumi.getter
-    @_utilities.deprecated("""Use the 'snowflake_tag_association' resource instead.""")
-    def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['RoleTagArgs']]]]:
-        """
-        Definitions of a tag to associate with the resource.
-        """
-        return pulumi.get(self, "tags")
-    @tags.setter
-    def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['RoleTagArgs']]]]):
-        pulumi.set(self, "tags", value)
 @pulumi.input_type
 class _RoleState:
     def __init__(__self__, *,
                  comment: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
-                 tags: Optional[pulumi.Input[Sequence[pulumi.Input['RoleTagArgs']]]] = None):
+                 show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['RoleShowOutputArgs']]]] = None):
         """
         Input properties used for looking up and filtering Role resources.
-        :param pulumi.Input[Sequence[pulumi.Input['RoleTagArgs']]] tags: Definitions of a tag to associate with the resource.
+        :param pulumi.Input[Sequence[pulumi.Input['RoleShowOutputArgs']]] show_outputs: Outputs the result of `SHOW ROLES` for the given role.
         """
         if comment is not None:
             pulumi.set(__self__, "comment", comment)
         if name is not None:
             pulumi.set(__self__, "name", name)
-        if tags is not None:
-            warnings.warn("""Use the 'snowflake_tag_association' resource instead.""", DeprecationWarning)
-            pulumi.log.warn("""tags is deprecated: Use the 'snowflake_tag_association' resource instead.""")
-        if tags is not None:
-            pulumi.set(__self__, "tags", tags)
+        if show_outputs is not None:
+            pulumi.set(__self__, "show_outputs", show_outputs)
     @property
     @pulumi.getter
@@ -104,17 +81,16 @@ class _RoleState:
         pulumi.set(self, "name", value)
     @property
-    @pulumi.getter
-    @_utilities.deprecated("""Use the 'snowflake_tag_association' resource instead.""")
-    def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['RoleTagArgs']]]]:
+    @pulumi.getter(name="showOutputs")
+    def show_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['RoleShowOutputArgs']]]]:
         """
-        Definitions of a tag to associate with the resource.
+        Outputs the result of `SHOW ROLES` for the given role.
         """
-        return pulumi.get(self, "tags")
+        return pulumi.get(self, "show_outputs")
-    @tags.setter
-    def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['RoleTagArgs']]]]):
-        pulumi.set(self, "tags", value)
+    @show_outputs.setter
+    def show_outputs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['RoleShowOutputArgs']]]]):
+        pulumi.set(self, "show_outputs", value)
 class Role(pulumi.CustomResource):
@@ -124,29 +100,27 @@ class Role(pulumi.CustomResource):
                  opts: Optional[pulumi.ResourceOptions] = None,
                  comment: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
-                 tags: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['RoleTagArgs']]]]] = None,
                  __props__=None):
         """
-        ## Example Usage
+        > **Deprecation** This resource is deprecated and will be removed in a future major version release. Please use AccountRole instead. <deprecation>
+        The resource is used for role management, where roles can be assigned privileges and, in turn, granted to users and other roles. When granted to roles they can create hierarchies of privilege structures. For more details, refer to the [official documentation](https://docs.snowflake.com/en/user-guide/security-access-control-overview).
-        ```python
-        import pulumi
-        import pulumi_snowflake as snowflake
+        ## Minimal
-        role = snowflake.Role("role",
-            name="role1",
-            comment="A role.")
-        ```
+        resource "Role" "minimal" {
+          name = "role_name"
+        }
-        ## Import
+        ## Complete (with every optional set)
-        ```sh
-        $ pulumi import snowflake:index/role:Role example roleName
-        ```
+        resource "Role" "complete" {
+          name    = "role_name"
+          comment = "my account role"
+        }
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['RoleTagArgs']]]] tags: Definitions of a tag to associate with the resource.
         """
         ...
     @overload
@@ -155,22 +129,22 @@ class Role(pulumi.CustomResource):
                  args: Optional[RoleArgs] = None,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
-        ## Example Usage
+        > **Deprecation** This resource is deprecated and will be removed in a future major version release. Please use AccountRole instead. <deprecation>
-        ```python
-        import pulumi
-        import pulumi_snowflake as snowflake
+        The resource is used for role management, where roles can be assigned privileges and, in turn, granted to users and other roles. When granted to roles they can create hierarchies of privilege structures. For more details, refer to the [official documentation](https://docs.snowflake.com/en/user-guide/security-access-control-overview).
-        role = snowflake.Role("role",
-            name="role1",
-            comment="A role.")
-        ```
+        ## Minimal
-        ## Import
+        resource "Role" "minimal" {
+          name = "role_name"
+        }
-        ```sh
-        $ pulumi import snowflake:index/role:Role example roleName
-        ```
+        ## Complete (with every optional set)
+        resource "Role" "complete" {
+          name    = "role_name"
+          comment = "my account role"
+        }
         :param str resource_name: The name of the resource.
         :param RoleArgs args: The arguments to use to populate this resource's properties.
@@ -189,7 +163,6 @@ class Role(pulumi.CustomResource):
                  opts: Optional[pulumi.ResourceOptions] = None,
                  comment: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
-                 tags: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['RoleTagArgs']]]]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -201,7 +174,7 @@ class Role(pulumi.CustomResource):
             __props__.__dict__["comment"] = comment
             __props__.__dict__["name"] = name
-            __props__.__dict__["tags"] = tags
+            __props__.__dict__["show_outputs"] = None
         super(Role, __self__).__init__(
             'snowflake:index/role:Role',
             resource_name,
@@ -214,7 +187,7 @@ class Role(pulumi.CustomResource):
             opts: Optional[pulumi.ResourceOptions] = None,
             comment: Optional[pulumi.Input[str]] = None,
             name: Optional[pulumi.Input[str]] = None,
-            tags: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['RoleTagArgs']]]]] = None) -> 'Role':
+            show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['RoleShowOutputArgs']]]]] = None) -> 'Role':
         """
         Get an existing Role resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -222,7 +195,7 @@ class Role(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['RoleTagArgs']]]] tags: Definitions of a tag to associate with the resource.
+        :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['RoleShowOutputArgs']]]] show_outputs: Outputs the result of `SHOW ROLES` for the given role.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -230,7 +203,7 @@ class Role(pulumi.CustomResource):
         __props__.__dict__["comment"] = comment
         __props__.__dict__["name"] = name
-        __props__.__dict__["tags"] = tags
+        __props__.__dict__["show_outputs"] = show_outputs
         return Role(resource_name, opts=opts, __props__=__props__)
     @property
@@ -244,11 +217,10 @@ class Role(pulumi.CustomResource):
         return pulumi.get(self, "name")
     @property
-    @pulumi.getter
-    @_utilities.deprecated("""Use the 'snowflake_tag_association' resource instead.""")
-    def tags(self) -> pulumi.Output[Optional[Sequence['outputs.RoleTag']]]:
+    @pulumi.getter(name="showOutputs")
+    def show_outputs(self) -> pulumi.Output[Sequence['outputs.RoleShowOutput']]:
         """
-        Definitions of a tag to associate with the resource.
+        Outputs the result of `SHOW ROLES` for the given role.
         """
-        return pulumi.get(self, "tags")
+        return pulumi.get(self, "show_outputs")

pulumi_snowflake/saml2_integration.py CHANGED Viewed

@@ -36,7 +36,7 @@ class Saml2IntegrationArgs:
         """
         The set of arguments for constructing a Saml2Integration resource.
         :param pulumi.Input[str] saml2_issuer: The string containing the IdP EntityID / Issuer.
-        :param pulumi.Input[str] saml2_provider: The string describing the IdP. Valid options are: [OKTA ADFS CUSTOM].
+        :param pulumi.Input[str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
         :param pulumi.Input[str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
         :param pulumi.Input[str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
@@ -47,10 +47,10 @@ class Saml2IntegrationArgs:
         :param pulumi.Input[str] saml2_enable_sp_initiated: The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] saml2_force_authn: The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
-        :param pulumi.Input[str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: [urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
+        :param pulumi.Input[str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         :param pulumi.Input[str] saml2_sign_request: The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
-        :param pulumi.Input[str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        :param pulumi.Input[str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         :param pulumi.Input[str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         pulumi.set(__self__, "saml2_issuer", saml2_issuer)
@@ -100,7 +100,7 @@ class Saml2IntegrationArgs:
     @pulumi.getter(name="saml2Provider")
     def saml2_provider(self) -> pulumi.Input[str]:
         """
-        The string describing the IdP. Valid options are: [OKTA ADFS CUSTOM].
+        The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
         """
         return pulumi.get(self, "saml2_provider")
@@ -232,7 +232,7 @@ class Saml2IntegrationArgs:
     @pulumi.getter(name="saml2RequestedNameidFormat")
     def saml2_requested_nameid_format(self) -> Optional[pulumi.Input[str]]:
         """
-        The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: [urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
+        The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         """
         return pulumi.get(self, "saml2_requested_nameid_format")
@@ -256,7 +256,7 @@ class Saml2IntegrationArgs:
     @pulumi.getter(name="saml2SnowflakeAcsUrl")
     def saml2_snowflake_acs_url(self) -> Optional[pulumi.Input[str]]:
         """
-        The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_acs_url")
@@ -268,7 +268,7 @@ class Saml2IntegrationArgs:
     @pulumi.getter(name="saml2SnowflakeIssuerUrl")
     def saml2_snowflake_issuer_url(self) -> Optional[pulumi.Input[str]]:
         """
-        The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_issuer_url")
@@ -323,11 +323,11 @@ class _Saml2IntegrationState:
         :param pulumi.Input[str] saml2_force_authn: The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] saml2_issuer: The string containing the IdP EntityID / Issuer.
         :param pulumi.Input[str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
-        :param pulumi.Input[str] saml2_provider: The string describing the IdP. Valid options are: [OKTA ADFS CUSTOM].
-        :param pulumi.Input[str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: [urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
+        :param pulumi.Input[str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
+        :param pulumi.Input[str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         :param pulumi.Input[str] saml2_sign_request: The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
-        :param pulumi.Input[str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        :param pulumi.Input[str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         :param pulumi.Input[str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         :param pulumi.Input[str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
         :param pulumi.Input[str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
@@ -496,7 +496,7 @@ class _Saml2IntegrationState:
     @pulumi.getter(name="saml2Provider")
     def saml2_provider(self) -> Optional[pulumi.Input[str]]:
         """
-        The string describing the IdP. Valid options are: [OKTA ADFS CUSTOM].
+        The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
         """
         return pulumi.get(self, "saml2_provider")
@@ -508,7 +508,7 @@ class _Saml2IntegrationState:
     @pulumi.getter(name="saml2RequestedNameidFormat")
     def saml2_requested_nameid_format(self) -> Optional[pulumi.Input[str]]:
         """
-        The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: [urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
+        The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         """
         return pulumi.get(self, "saml2_requested_nameid_format")
@@ -532,7 +532,7 @@ class _Saml2IntegrationState:
     @pulumi.getter(name="saml2SnowflakeAcsUrl")
     def saml2_snowflake_acs_url(self) -> Optional[pulumi.Input[str]]:
         """
-        The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_acs_url")
@@ -544,7 +544,7 @@ class _Saml2IntegrationState:
     @pulumi.getter(name="saml2SnowflakeIssuerUrl")
     def saml2_snowflake_issuer_url(self) -> Optional[pulumi.Input[str]]:
         """
-        The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_issuer_url")
@@ -627,6 +627,8 @@ class Saml2Integration(pulumi.CustomResource):
         """
         !> **V1 release candidate** This resource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release. Please follow the migration guide to use it.
+        Resource used to manage saml2 security integration objects. For more information, check [security integrations documentation](https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-saml2).
         ## Import
         ```sh
@@ -644,11 +646,11 @@ class Saml2Integration(pulumi.CustomResource):
         :param pulumi.Input[str] saml2_force_authn: The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] saml2_issuer: The string containing the IdP EntityID / Issuer.
         :param pulumi.Input[str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
-        :param pulumi.Input[str] saml2_provider: The string describing the IdP. Valid options are: [OKTA ADFS CUSTOM].
-        :param pulumi.Input[str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: [urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
+        :param pulumi.Input[str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
+        :param pulumi.Input[str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         :param pulumi.Input[str] saml2_sign_request: The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
-        :param pulumi.Input[str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        :param pulumi.Input[str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         :param pulumi.Input[str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         :param pulumi.Input[str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
         :param pulumi.Input[str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
@@ -662,6 +664,8 @@ class Saml2Integration(pulumi.CustomResource):
         """
         !> **V1 release candidate** This resource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release. Please follow the migration guide to use it.
+        Resource used to manage saml2 security integration objects. For more information, check [security integrations documentation](https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-saml2).
         ## Import
         ```sh
@@ -782,11 +786,11 @@ class Saml2Integration(pulumi.CustomResource):
         :param pulumi.Input[str] saml2_force_authn: The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] saml2_issuer: The string containing the IdP EntityID / Issuer.
         :param pulumi.Input[str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
-        :param pulumi.Input[str] saml2_provider: The string describing the IdP. Valid options are: [OKTA ADFS CUSTOM].
-        :param pulumi.Input[str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: [urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
+        :param pulumi.Input[str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
+        :param pulumi.Input[str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         :param pulumi.Input[str] saml2_sign_request: The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
-        :param pulumi.Input[str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        :param pulumi.Input[str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         :param pulumi.Input[str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         :param pulumi.Input[str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
         :param pulumi.Input[str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
@@ -901,7 +905,7 @@ class Saml2Integration(pulumi.CustomResource):
     @pulumi.getter(name="saml2Provider")
     def saml2_provider(self) -> pulumi.Output[str]:
         """
-        The string describing the IdP. Valid options are: [OKTA ADFS CUSTOM].
+        The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
         """
         return pulumi.get(self, "saml2_provider")
@@ -909,7 +913,7 @@ class Saml2Integration(pulumi.CustomResource):
     @pulumi.getter(name="saml2RequestedNameidFormat")
     def saml2_requested_nameid_format(self) -> pulumi.Output[Optional[str]]:
         """
-        The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: [urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
+        The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         """
         return pulumi.get(self, "saml2_requested_nameid_format")
@@ -925,7 +929,7 @@ class Saml2Integration(pulumi.CustomResource):
     @pulumi.getter(name="saml2SnowflakeAcsUrl")
     def saml2_snowflake_acs_url(self) -> pulumi.Output[Optional[str]]:
         """
-        The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_acs_url")
@@ -933,7 +937,7 @@ class Saml2Integration(pulumi.CustomResource):
     @pulumi.getter(name="saml2SnowflakeIssuerUrl")
     def saml2_snowflake_issuer_url(self) -> pulumi.Output[Optional[str]]:
         """
-        The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use.
+        The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_issuer_url")

pulumi-snowflake 0.57.0a1722063098__py3-none-any.whl → 0.57.1__py3-none-any.whl

pulumi-snowflake 0.57.0a1722063098py3-none-any.whl → 0.57.1py3-none-any.whl