pulumi-snowflake 0.63.0a1734416430__py3-none-any.whl → 1.0.0__py3-none-any.whl

pulumi_snowflake/api_authentication_integration_with_jwt_bearer.py

@@ -36,9 +36,8 @@ class ApiAuthenticationIntegrationWithJwtBearerArgs:
         The set of arguments for constructing a ApiAuthenticationIntegrationWithJwtBearer resource.
         :param pulumi.Input[bool] enabled: Specifies whether this security integration is enabled or disabled.
         :param pulumi.Input[str] oauth_client_id: Specifies the client ID for the OAuth application in the external service.
-        :param pulumi.Input[str] oauth_client_secret: Specifies the client secret for the OAuth application in the ServiceNow instance from the previous step. The connector uses this to request an access token from the ServiceNow instance.
         :param pulumi.Input[str] comment: Specifies a comment for the integration.
-        :param pulumi.Input[str] name: Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] name: Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[int] oauth_access_token_validity: Specifies the default lifetime of the OAuth access token (in seconds) issued by an OAuth server.
         :param pulumi.Input[str] oauth_authorization_endpoint: Specifies the URL for authenticating to the external service.
         :param pulumi.Input[str] oauth_client_auth_method: Specifies that POST is used as the authentication method to the external service. If removed from the config, the resource is recreated. Valid values are (case-insensitive): `CLIENT_SECRET_POST`.
@@ -100,9 +99,6 @@ class ApiAuthenticationIntegrationWithJwtBearerArgs:
     @property
     @pulumi.getter(name="oauthClientSecret")
     def oauth_client_secret(self) -> pulumi.Input[str]:
-        """
-        Specifies the client secret for the OAuth application in the ServiceNow instance from the previous step. The connector uses this to request an access token from the ServiceNow instance.
-        """
         return pulumi.get(self, "oauth_client_secret")
 
     @oauth_client_secret.setter
@@ -125,7 +121,7 @@ class ApiAuthenticationIntegrationWithJwtBearerArgs:
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
@@ -217,12 +213,11 @@ class _ApiAuthenticationIntegrationWithJwtBearerState:
         :param pulumi.Input[Sequence[pulumi.Input['ApiAuthenticationIntegrationWithJwtBearerDescribeOutputArgs']]] describe_outputs: Outputs the result of `DESCRIBE SECURITY INTEGRATIONS` for the given security integration.
         :param pulumi.Input[bool] enabled: Specifies whether this security integration is enabled or disabled.
         :param pulumi.Input[str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
-        :param pulumi.Input[str] name: Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] name: Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[int] oauth_access_token_validity: Specifies the default lifetime of the OAuth access token (in seconds) issued by an OAuth server.
         :param pulumi.Input[str] oauth_authorization_endpoint: Specifies the URL for authenticating to the external service.
         :param pulumi.Input[str] oauth_client_auth_method: Specifies that POST is used as the authentication method to the external service. If removed from the config, the resource is recreated. Valid values are (case-insensitive): `CLIENT_SECRET_POST`.
         :param pulumi.Input[str] oauth_client_id: Specifies the client ID for the OAuth application in the external service.
-        :param pulumi.Input[str] oauth_client_secret: Specifies the client secret for the OAuth application in the ServiceNow instance from the previous step. The connector uses this to request an access token from the ServiceNow instance.
         :param pulumi.Input[int] oauth_refresh_token_validity: Specifies the value to determine the validity of the refresh token obtained from the OAuth server.
         :param pulumi.Input[str] oauth_token_endpoint: Specifies the token endpoint used by the client to obtain an access token by presenting its authorization grant or refresh token. The token endpoint is used with every authorization grant except for the implicit grant type (since an access token is issued directly). If removed from the config, the resource is recreated.
         :param pulumi.Input[Sequence[pulumi.Input['ApiAuthenticationIntegrationWithJwtBearerShowOutputArgs']]] show_outputs: Outputs the result of `SHOW SECURITY INTEGRATIONS` for the given security integration.
@@ -308,7 +303,7 @@ class _ApiAuthenticationIntegrationWithJwtBearerState:
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
@@ -376,9 +371,6 @@ class _ApiAuthenticationIntegrationWithJwtBearerState:
     @property
     @pulumi.getter(name="oauthClientSecret")
     def oauth_client_secret(self) -> Optional[pulumi.Input[str]]:
-        """
-        Specifies the client secret for the OAuth application in the ServiceNow instance from the previous step. The connector uses this to request an access token from the ServiceNow instance.
-        """
         return pulumi.get(self, "oauth_client_secret")
 
     @oauth_client_secret.setter
@@ -443,19 +435,18 @@ class ApiAuthenticationIntegrationWithJwtBearer(pulumi.CustomResource):
         ## Import
 
         ```sh
-        $ pulumi import snowflake:index/apiAuthenticationIntegrationWithJwtBearer:ApiAuthenticationIntegrationWithJwtBearer example "name"
+        $ pulumi import snowflake:index/apiAuthenticationIntegrationWithJwtBearer:ApiAuthenticationIntegrationWithJwtBearer example '"<integration_name>"'
         ```
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] comment: Specifies a comment for the integration.
         :param pulumi.Input[bool] enabled: Specifies whether this security integration is enabled or disabled.
-        :param pulumi.Input[str] name: Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] name: Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[int] oauth_access_token_validity: Specifies the default lifetime of the OAuth access token (in seconds) issued by an OAuth server.
         :param pulumi.Input[str] oauth_authorization_endpoint: Specifies the URL for authenticating to the external service.
         :param pulumi.Input[str] oauth_client_auth_method: Specifies that POST is used as the authentication method to the external service. If removed from the config, the resource is recreated. Valid values are (case-insensitive): `CLIENT_SECRET_POST`.
         :param pulumi.Input[str] oauth_client_id: Specifies the client ID for the OAuth application in the external service.
-        :param pulumi.Input[str] oauth_client_secret: Specifies the client secret for the OAuth application in the ServiceNow instance from the previous step. The connector uses this to request an access token from the ServiceNow instance.
         :param pulumi.Input[int] oauth_refresh_token_validity: Specifies the value to determine the validity of the refresh token obtained from the OAuth server.
         :param pulumi.Input[str] oauth_token_endpoint: Specifies the token endpoint used by the client to obtain an access token by presenting its authorization grant or refresh token. The token endpoint is used with every authorization grant except for the implicit grant type (since an access token is issued directly). If removed from the config, the resource is recreated.
         """
@@ -469,7 +460,7 @@ class ApiAuthenticationIntegrationWithJwtBearer(pulumi.CustomResource):
         ## Import
 
         ```sh
-        $ pulumi import snowflake:index/apiAuthenticationIntegrationWithJwtBearer:ApiAuthenticationIntegrationWithJwtBearer example "name"
+        $ pulumi import snowflake:index/apiAuthenticationIntegrationWithJwtBearer:ApiAuthenticationIntegrationWithJwtBearer example '"<integration_name>"'
         ```
 
         :param str resource_name: The name of the resource.
@@ -564,12 +555,11 @@ class ApiAuthenticationIntegrationWithJwtBearer(pulumi.CustomResource):
         :param pulumi.Input[Sequence[pulumi.Input[Union['ApiAuthenticationIntegrationWithJwtBearerDescribeOutputArgs', 'ApiAuthenticationIntegrationWithJwtBearerDescribeOutputArgsDict']]]] describe_outputs: Outputs the result of `DESCRIBE SECURITY INTEGRATIONS` for the given security integration.
         :param pulumi.Input[bool] enabled: Specifies whether this security integration is enabled or disabled.
         :param pulumi.Input[str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
-        :param pulumi.Input[str] name: Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] name: Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[int] oauth_access_token_validity: Specifies the default lifetime of the OAuth access token (in seconds) issued by an OAuth server.
         :param pulumi.Input[str] oauth_authorization_endpoint: Specifies the URL for authenticating to the external service.
         :param pulumi.Input[str] oauth_client_auth_method: Specifies that POST is used as the authentication method to the external service. If removed from the config, the resource is recreated. Valid values are (case-insensitive): `CLIENT_SECRET_POST`.
         :param pulumi.Input[str] oauth_client_id: Specifies the client ID for the OAuth application in the external service.
-        :param pulumi.Input[str] oauth_client_secret: Specifies the client secret for the OAuth application in the ServiceNow instance from the previous step. The connector uses this to request an access token from the ServiceNow instance.
         :param pulumi.Input[int] oauth_refresh_token_validity: Specifies the value to determine the validity of the refresh token obtained from the OAuth server.
         :param pulumi.Input[str] oauth_token_endpoint: Specifies the token endpoint used by the client to obtain an access token by presenting its authorization grant or refresh token. The token endpoint is used with every authorization grant except for the implicit grant type (since an access token is issued directly). If removed from the config, the resource is recreated.
         :param pulumi.Input[Sequence[pulumi.Input[Union['ApiAuthenticationIntegrationWithJwtBearerShowOutputArgs', 'ApiAuthenticationIntegrationWithJwtBearerShowOutputArgsDict']]]] show_outputs: Outputs the result of `SHOW SECURITY INTEGRATIONS` for the given security integration.
@@ -630,7 +620,7 @@ class ApiAuthenticationIntegrationWithJwtBearer(pulumi.CustomResource):
     @pulumi.getter
     def name(self) -> pulumi.Output[str]:
         """
-        Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        Specifies the identifier (i.e. name) for the integration. This value must be unique in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
@@ -674,9 +664,6 @@ class ApiAuthenticationIntegrationWithJwtBearer(pulumi.CustomResource):
     @property
     @pulumi.getter(name="oauthClientSecret")
     def oauth_client_secret(self) -> pulumi.Output[str]:
-        """
-        Specifies the client secret for the OAuth application in the ServiceNow instance from the previous step. The connector uses this to request an access token from the ServiceNow instance.
-        """
         return pulumi.get(self, "oauth_client_secret")
 
     @property

pulumi_snowflake/authentication_policy.py

@@ -32,14 +32,14 @@ class AuthenticationPolicyArgs:
                  security_integrations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
         """
         The set of arguments for constructing a AuthenticationPolicy resource.
-        :param pulumi.Input[str] database: The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
-        :param pulumi.Input[str] schema: The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] database: The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[str] schema: The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] authentication_methods: A list of authentication methods that are allowed during login. This parameter accepts one or more of the following values: `ALL` | `SAML` | `PASSWORD` | `OAUTH` | `KEYPAIR`
         :param pulumi.Input[Sequence[pulumi.Input[str]]] client_types: A list of clients that can authenticate with Snowflake. If a client tries to connect, and the client is not one of the valid CLIENT*TYPES, then the login attempt fails. Allowed values are `ALL` | `SNOWFLAKE_UI` | `DRIVERS` | `SNOWSQL`. The CLIENT*TYPES property of an authentication policy is a best effort method to block user logins based on specific clients. It should not be used as the sole control to establish a security boundary.
         :param pulumi.Input[str] comment: Specifies a comment for the authentication policy.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] mfa_authentication_methods: A list of authentication methods that enforce multi-factor authentication (MFA) during login. Authentication methods not listed in this parameter do not prompt for multi-factor authentication. Allowed values are `ALL` | `SAML` | `PASSWORD`.
         :param pulumi.Input[str] mfa_enrollment: Determines whether a user must enroll in multi-factor authentication. Allowed values are REQUIRED and OPTIONAL. When REQUIRED is specified, Enforces users to enroll in MFA. If this value is used, then the CLIENT*TYPES parameter must include SNOWFLAKE*UI, because Snowsight is the only place users can enroll in multi-factor authentication (MFA).
-        :param pulumi.Input[str] name: Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] name: Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] security_integrations: A list of security integrations the authentication policy is associated with. This parameter has no effect when SAML or OAUTH are not in the AUTHENTICATION*METHODS list. All values in the SECURITY*INTEGRATIONS list must be compatible with the values in the AUTHENTICATION*METHODS list. For example, if SECURITY*INTEGRATIONS contains a SAML security integration, and AUTHENTICATION_METHODS contains OAUTH, then you cannot create the authentication policy. To allow all security integrations use ALL as parameter.
         """
         pulumi.set(__self__, "database", database)
@@ -63,7 +63,7 @@ class AuthenticationPolicyArgs:
     @pulumi.getter
     def database(self) -> pulumi.Input[str]:
         """
-        The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "database")
 
@@ -75,7 +75,7 @@ class AuthenticationPolicyArgs:
     @pulumi.getter
     def schema(self) -> pulumi.Input[str]:
         """
-        The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "schema")
 
@@ -147,7 +147,7 @@ class AuthenticationPolicyArgs:
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
@@ -188,13 +188,13 @@ class _AuthenticationPolicyState:
         :param pulumi.Input[Sequence[pulumi.Input[str]]] authentication_methods: A list of authentication methods that are allowed during login. This parameter accepts one or more of the following values: `ALL` | `SAML` | `PASSWORD` | `OAUTH` | `KEYPAIR`
         :param pulumi.Input[Sequence[pulumi.Input[str]]] client_types: A list of clients that can authenticate with Snowflake. If a client tries to connect, and the client is not one of the valid CLIENT*TYPES, then the login attempt fails. Allowed values are `ALL` | `SNOWFLAKE_UI` | `DRIVERS` | `SNOWSQL`. The CLIENT*TYPES property of an authentication policy is a best effort method to block user logins based on specific clients. It should not be used as the sole control to establish a security boundary.
         :param pulumi.Input[str] comment: Specifies a comment for the authentication policy.
-        :param pulumi.Input[str] database: The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] database: The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input['AuthenticationPolicyDescribeOutputArgs']]] describe_outputs: Outputs the result of `DESCRIBE AUTHENTICATION POLICY` for the given policy.
         :param pulumi.Input[str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         :param pulumi.Input[Sequence[pulumi.Input[str]]] mfa_authentication_methods: A list of authentication methods that enforce multi-factor authentication (MFA) during login. Authentication methods not listed in this parameter do not prompt for multi-factor authentication. Allowed values are `ALL` | `SAML` | `PASSWORD`.
         :param pulumi.Input[str] mfa_enrollment: Determines whether a user must enroll in multi-factor authentication. Allowed values are REQUIRED and OPTIONAL. When REQUIRED is specified, Enforces users to enroll in MFA. If this value is used, then the CLIENT*TYPES parameter must include SNOWFLAKE*UI, because Snowsight is the only place users can enroll in multi-factor authentication (MFA).
-        :param pulumi.Input[str] name: Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
-        :param pulumi.Input[str] schema: The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] name: Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[str] schema: The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] security_integrations: A list of security integrations the authentication policy is associated with. This parameter has no effect when SAML or OAUTH are not in the AUTHENTICATION*METHODS list. All values in the SECURITY*INTEGRATIONS list must be compatible with the values in the AUTHENTICATION*METHODS list. For example, if SECURITY*INTEGRATIONS contains a SAML security integration, and AUTHENTICATION_METHODS contains OAUTH, then you cannot create the authentication policy. To allow all security integrations use ALL as parameter.
         :param pulumi.Input[Sequence[pulumi.Input['AuthenticationPolicyShowOutputArgs']]] show_outputs: Outputs the result of `SHOW AUTHENTICATION POLICIES` for the given policy.
         """
@@ -263,7 +263,7 @@ class _AuthenticationPolicyState:
     @pulumi.getter
     def database(self) -> Optional[pulumi.Input[str]]:
         """
-        The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "database")
 
@@ -323,7 +323,7 @@ class _AuthenticationPolicyState:
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
@@ -335,7 +335,7 @@ class _AuthenticationPolicyState:
     @pulumi.getter
     def schema(self) -> Optional[pulumi.Input[str]]:
         """
-        The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "schema")
 
@@ -395,11 +395,11 @@ class AuthenticationPolicy(pulumi.CustomResource):
         :param pulumi.Input[Sequence[pulumi.Input[str]]] authentication_methods: A list of authentication methods that are allowed during login. This parameter accepts one or more of the following values: `ALL` | `SAML` | `PASSWORD` | `OAUTH` | `KEYPAIR`
         :param pulumi.Input[Sequence[pulumi.Input[str]]] client_types: A list of clients that can authenticate with Snowflake. If a client tries to connect, and the client is not one of the valid CLIENT*TYPES, then the login attempt fails. Allowed values are `ALL` | `SNOWFLAKE_UI` | `DRIVERS` | `SNOWSQL`. The CLIENT*TYPES property of an authentication policy is a best effort method to block user logins based on specific clients. It should not be used as the sole control to establish a security boundary.
         :param pulumi.Input[str] comment: Specifies a comment for the authentication policy.
-        :param pulumi.Input[str] database: The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] database: The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] mfa_authentication_methods: A list of authentication methods that enforce multi-factor authentication (MFA) during login. Authentication methods not listed in this parameter do not prompt for multi-factor authentication. Allowed values are `ALL` | `SAML` | `PASSWORD`.
         :param pulumi.Input[str] mfa_enrollment: Determines whether a user must enroll in multi-factor authentication. Allowed values are REQUIRED and OPTIONAL. When REQUIRED is specified, Enforces users to enroll in MFA. If this value is used, then the CLIENT*TYPES parameter must include SNOWFLAKE*UI, because Snowsight is the only place users can enroll in multi-factor authentication (MFA).
-        :param pulumi.Input[str] name: Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
-        :param pulumi.Input[str] schema: The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] name: Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[str] schema: The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] security_integrations: A list of security integrations the authentication policy is associated with. This parameter has no effect when SAML or OAUTH are not in the AUTHENTICATION*METHODS list. All values in the SECURITY*INTEGRATIONS list must be compatible with the values in the AUTHENTICATION*METHODS list. For example, if SECURITY*INTEGRATIONS contains a SAML security integration, and AUTHENTICATION_METHODS contains OAUTH, then you cannot create the authentication policy. To allow all security integrations use ALL as parameter.
         """
         ...
@@ -496,13 +496,13 @@ class AuthenticationPolicy(pulumi.CustomResource):
         :param pulumi.Input[Sequence[pulumi.Input[str]]] authentication_methods: A list of authentication methods that are allowed during login. This parameter accepts one or more of the following values: `ALL` | `SAML` | `PASSWORD` | `OAUTH` | `KEYPAIR`
         :param pulumi.Input[Sequence[pulumi.Input[str]]] client_types: A list of clients that can authenticate with Snowflake. If a client tries to connect, and the client is not one of the valid CLIENT*TYPES, then the login attempt fails. Allowed values are `ALL` | `SNOWFLAKE_UI` | `DRIVERS` | `SNOWSQL`. The CLIENT*TYPES property of an authentication policy is a best effort method to block user logins based on specific clients. It should not be used as the sole control to establish a security boundary.
         :param pulumi.Input[str] comment: Specifies a comment for the authentication policy.
-        :param pulumi.Input[str] database: The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] database: The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[Union['AuthenticationPolicyDescribeOutputArgs', 'AuthenticationPolicyDescribeOutputArgsDict']]]] describe_outputs: Outputs the result of `DESCRIBE AUTHENTICATION POLICY` for the given policy.
         :param pulumi.Input[str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         :param pulumi.Input[Sequence[pulumi.Input[str]]] mfa_authentication_methods: A list of authentication methods that enforce multi-factor authentication (MFA) during login. Authentication methods not listed in this parameter do not prompt for multi-factor authentication. Allowed values are `ALL` | `SAML` | `PASSWORD`.
         :param pulumi.Input[str] mfa_enrollment: Determines whether a user must enroll in multi-factor authentication. Allowed values are REQUIRED and OPTIONAL. When REQUIRED is specified, Enforces users to enroll in MFA. If this value is used, then the CLIENT*TYPES parameter must include SNOWFLAKE*UI, because Snowsight is the only place users can enroll in multi-factor authentication (MFA).
-        :param pulumi.Input[str] name: Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
-        :param pulumi.Input[str] schema: The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        :param pulumi.Input[str] name: Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[str] schema: The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] security_integrations: A list of security integrations the authentication policy is associated with. This parameter has no effect when SAML or OAUTH are not in the AUTHENTICATION*METHODS list. All values in the SECURITY*INTEGRATIONS list must be compatible with the values in the AUTHENTICATION*METHODS list. For example, if SECURITY*INTEGRATIONS contains a SAML security integration, and AUTHENTICATION_METHODS contains OAUTH, then you cannot create the authentication policy. To allow all security integrations use ALL as parameter.
         :param pulumi.Input[Sequence[pulumi.Input[Union['AuthenticationPolicyShowOutputArgs', 'AuthenticationPolicyShowOutputArgsDict']]]] show_outputs: Outputs the result of `SHOW AUTHENTICATION POLICIES` for the given policy.
         """
@@ -552,7 +552,7 @@ class AuthenticationPolicy(pulumi.CustomResource):
     @pulumi.getter
     def database(self) -> pulumi.Output[str]:
         """
-        The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        The database in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "database")
 
@@ -592,7 +592,7 @@ class AuthenticationPolicy(pulumi.CustomResource):
     @pulumi.getter
     def name(self) -> pulumi.Output[str]:
         """
-        Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        Specifies the identifier for the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
@@ -600,7 +600,7 @@ class AuthenticationPolicy(pulumi.CustomResource):
     @pulumi.getter
     def schema(self) -> pulumi.Output[str]:
         """
-        The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`
+        The schema in which to create the authentication policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "schema")
 

pulumi_snowflake/config/__init__.pyi

@@ -15,16 +15,6 @@ else:
 from .. import _utilities
 from . import outputs
 
-account: Optional[str]
-"""
-Use `account_name` and `organization_name` instead. Specifies your Snowflake account identifier assigned, by Snowflake.
-The [account
-locator](https://docs.snowflake.com/en/user-guide/admin-account-identifier#format-2-account-locator-in-a-region) format
-is not supported. For information about account identifiers, see the [Snowflake
-documentation](https://docs.snowflake.com/en/user-guide/admin-account-identifier.html). Required unless using `profile`.
-Can also be sourced from the `SNOWFLAKE_ACCOUNT` environment variable.
-"""
-
 accountName: Optional[str]
 """
 Specifies your Snowflake account name assigned by Snowflake. For information about account identifiers, see the
@@ -35,14 +25,8 @@ unless using `profile`. Can also be sourced from the `SNOWFLAKE_ACCOUNT_NAME` en
 authenticator: Optional[str]
 """
 Specifies the [authentication type](https://pkg.go.dev/github.com/snowflakedb/gosnowflake#AuthType) to use when
-connecting to Snowflake. Valid options are: `SNOWFLAKE` | `OAUTH` | `EXTERNALBROWSER` | `OKTA` | `JWT` | `SNOWFLAKE_JWT`
-| `TOKENACCESSOR` | `USERNAMEPASSWORDMFA`. Value `JWT` is deprecated and will be removed in future releases. Can also be
-sourced from the `SNOWFLAKE_AUTHENTICATOR` environment variable.
-"""
-
-browserAuth: Optional[bool]
-"""
-Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_USE_BROWSER_AUTH` environment variable.
+connecting to Snowflake. Valid options are: `SNOWFLAKE` | `OAUTH` | `EXTERNALBROWSER` | `OKTA` | `SNOWFLAKE_JWT` |
+`TOKENACCESSOR` | `USERNAMEPASSWORDMFA`. Can also be sourced from the `SNOWFLAKE_AUTHENTICATOR` environment variable.
 """
 
 clientIp: Optional[str]
@@ -145,43 +129,6 @@ Specifies how many times non-periodic HTTP request can be retried by the driver.
 `SNOWFLAKE_MAX_RETRY_COUNT` environment variable.
 """
 
-oauthAccessToken: Optional[str]
-"""
-Token for use with OAuth. Generating the token is left to other tools. Cannot be used with `browser_auth`,
-`private_key_path`, `oauth_refresh_token` or `password`. Can also be sourced from `SNOWFLAKE_OAUTH_ACCESS_TOKEN`
-environment variable.
-"""
-
-oauthClientId: Optional[str]
-"""
-Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_OAUTH_CLIENT_ID` environment variable.
-"""
-
-oauthClientSecret: Optional[str]
-"""
-Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_OAUTH_CLIENT_SECRET` environment
-variable.
-"""
-
-oauthEndpoint: Optional[str]
-"""
-Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_OAUTH_ENDPOINT` environment variable.
-"""
-
-oauthRedirectUrl: Optional[str]
-"""
-Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_OAUTH_REDIRECT_URL` environment
-variable.
-"""
-
-oauthRefreshToken: Optional[str]
-"""
-Token for use with OAuth. Setup and generation of the token is left to other tools. Should be used in conjunction with
-`oauth_client_id`, `oauth_client_secret`, `oauth_endpoint`, `oauth_redirect_url`. Cannot be used with `browser_auth`,
-`private_key_path`, `oauth_access_token` or `password`. Can also be sourced from `SNOWFLAKE_OAUTH_REFRESH_TOKEN`
-environment variable.
-"""
-
 ocspFailOpen: Optional[str]
 """
 True represents OCSP fail open mode. False represents OCSP fail closed mode. Fail open true by default. Can also be
@@ -222,8 +169,8 @@ False by default. Set to true if the MFA passcode is embedded to the configured
 
 password: Optional[str]
 """
-Password for user + password auth. Cannot be used with `browser_auth` or `private_key_path`. Can also be sourced from
-the `SNOWFLAKE_PASSWORD` environment variable.
+Password for user + password auth. Cannot be used with `private_key` and `private_key_passphrase`. Can also be sourced
+from the `SNOWFLAKE_PASSWORD` environment variable.
 """
 
 port: Optional[int]
@@ -232,10 +179,12 @@ Specifies a custom port value used by the driver for privatelink connections. Ca
 `SNOWFLAKE_PORT` environment variable.
 """
 
+previewFeaturesEnableds: Optional[str]
+
 privateKey: Optional[str]
 """
-Private Key for username+private-key auth. Cannot be used with `browser_auth` or `password`. Can also be sourced from
-the `SNOWFLAKE_PRIVATE_KEY` environment variable.
+Private Key for username+private-key auth. Cannot be used with `password`. Can also be sourced from the
+`SNOWFLAKE_PRIVATE_KEY` environment variable.
 """
 
 privateKeyPassphrase: Optional[str]
@@ -244,12 +193,6 @@ Supports the encryption ciphers aes-128-cbc, aes-128-gcm, aes-192-cbc, aes-192-g
 des-ede3-cbc. Can also be sourced from the `SNOWFLAKE_PRIVATE_KEY_PASSPHRASE` environment variable.
 """
 
-privateKeyPath: Optional[str]
-"""
-Path to a private key for using keypair authentication. Cannot be used with `browser_auth`, `oauth_access_token` or
-`password`. Can also be sourced from `SNOWFLAKE_PRIVATE_KEY_PATH` environment variable.
-"""
-
 profile: Optional[str]
 """
 Sets the profile to read from ~/.snowflake/config file. Can also be sourced from the `SNOWFLAKE_PROFILE` environment
@@ -262,16 +205,6 @@ A protocol used in the connection. Valid options are: `http` | `https`. Can also
 `SNOWFLAKE_PROTOCOL` environment variable.
 """
 
-region: Optional[str]
-"""
-Snowflake region, such as "eu-central-1", with this parameter. However, since this parameter is deprecated, it is best
-to specify the region as part of the account parameter. For details, see the description of the account parameter.
-[Snowflake region](https://docs.snowflake.com/en/user-guide/intro-regions.html) to use. Required if using the [legacy
-format for the `account`
-identifier](https://docs.snowflake.com/en/user-guide/admin-account-identifier.html#format-2-legacy-account-locator-in-a-region)
-in the form of `<cloud_region_id>.<cloud>`. Can also be sourced from the `SNOWFLAKE_REGION` environment variable.
-"""
-
 requestTimeout: Optional[int]
 """
 request retry timeout in seconds EXCLUDING network roundtrip and read out http response. Can also be sourced from the
@@ -284,11 +217,6 @@ Specifies the role to use by default for accessing Snowflake objects in the clie
 `SNOWFLAKE_ROLE` environment variable.
 """
 
-sessionParams: Optional[str]
-"""
-Sets session parameters. [Parameters](https://docs.snowflake.com/en/sql-reference/parameters)
-"""
-
 tmpDirectoryPath: Optional[str]
 """
 Sets temporary directory used by the driver for operations like encrypting, compressing etc. Can also be sourced from
@@ -308,12 +236,6 @@ user: Optional[str]
 Username. Required unless using `profile`. Can also be sourced from the `SNOWFLAKE_USER` environment variable.
 """
 
-username: Optional[str]
-"""
-Username for user + password authentication. Required unless using `profile`. Can also be sourced from the
-`SNOWFLAKE_USERNAME` environment variable.
-"""
-
 validateDefaultParameters: Optional[str]
 """
 True by default. If false, disables the validation checks for Database, Schema, Warehouse and Role at the time a

pulumi_snowflake/config/vars.py

@@ -21,18 +21,6 @@ __config__ = pulumi.Config('snowflake')
 
 
 class _ExportableConfig(types.ModuleType):
-    @property
-    def account(self) -> Optional[str]:
-        """
-        Use `account_name` and `organization_name` instead. Specifies your Snowflake account identifier assigned, by Snowflake.
-        The [account
-        locator](https://docs.snowflake.com/en/user-guide/admin-account-identifier#format-2-account-locator-in-a-region) format
-        is not supported. For information about account identifiers, see the [Snowflake
-        documentation](https://docs.snowflake.com/en/user-guide/admin-account-identifier.html). Required unless using `profile`.
-        Can also be sourced from the `SNOWFLAKE_ACCOUNT` environment variable.
-        """
-        return __config__.get('account') or _utilities.get_env('SNOWFLAKE_ACCOUNT')
-
     @property
     def account_name(self) -> Optional[str]:
         """
@@ -46,19 +34,11 @@ class _ExportableConfig(types.ModuleType):
     def authenticator(self) -> Optional[str]:
         """
         Specifies the [authentication type](https://pkg.go.dev/github.com/snowflakedb/gosnowflake#AuthType) to use when
-        connecting to Snowflake. Valid options are: `SNOWFLAKE` | `OAUTH` | `EXTERNALBROWSER` | `OKTA` | `JWT` | `SNOWFLAKE_JWT`
-        | `TOKENACCESSOR` | `USERNAMEPASSWORDMFA`. Value `JWT` is deprecated and will be removed in future releases. Can also be
-        sourced from the `SNOWFLAKE_AUTHENTICATOR` environment variable.
+        connecting to Snowflake. Valid options are: `SNOWFLAKE` | `OAUTH` | `EXTERNALBROWSER` | `OKTA` | `SNOWFLAKE_JWT` |
+        `TOKENACCESSOR` | `USERNAMEPASSWORDMFA`. Can also be sourced from the `SNOWFLAKE_AUTHENTICATOR` environment variable.
         """
         return __config__.get('authenticator')
 
-    @property
-    def browser_auth(self) -> Optional[bool]:
-        """
-        Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_USE_BROWSER_AUTH` environment variable.
-        """
-        return __config__.get_bool('browserAuth') or _utilities.get_env_bool('SNOWFLAKE_USE_BROWSER_AUTH')
-
     @property
     def client_ip(self) -> Optional[str]:
         """
@@ -193,55 +173,6 @@ class _ExportableConfig(types.ModuleType):
         """
         return __config__.get_int('maxRetryCount')
 
-    @property
-    def oauth_access_token(self) -> Optional[str]:
-        """
-        Token for use with OAuth. Generating the token is left to other tools. Cannot be used with `browser_auth`,
-        `private_key_path`, `oauth_refresh_token` or `password`. Can also be sourced from `SNOWFLAKE_OAUTH_ACCESS_TOKEN`
-        environment variable.
-        """
-        return __config__.get('oauthAccessToken') or _utilities.get_env('SNOWFLAKE_OAUTH_ACCESS_TOKEN')
-
-    @property
-    def oauth_client_id(self) -> Optional[str]:
-        """
-        Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_OAUTH_CLIENT_ID` environment variable.
-        """
-        return __config__.get('oauthClientId') or _utilities.get_env('SNOWFLAKE_OAUTH_CLIENT_ID')
-
-    @property
-    def oauth_client_secret(self) -> Optional[str]:
-        """
-        Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_OAUTH_CLIENT_SECRET` environment
-        variable.
-        """
-        return __config__.get('oauthClientSecret') or _utilities.get_env('SNOWFLAKE_OAUTH_CLIENT_SECRET')
-
-    @property
-    def oauth_endpoint(self) -> Optional[str]:
-        """
-        Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_OAUTH_ENDPOINT` environment variable.
-        """
-        return __config__.get('oauthEndpoint') or _utilities.get_env('SNOWFLAKE_OAUTH_ENDPOINT')
-
-    @property
-    def oauth_redirect_url(self) -> Optional[str]:
-        """
-        Required when `oauth_refresh_token` is used. Can also be sourced from `SNOWFLAKE_OAUTH_REDIRECT_URL` environment
-        variable.
-        """
-        return __config__.get('oauthRedirectUrl') or _utilities.get_env('SNOWFLAKE_OAUTH_REDIRECT_URL')
-
-    @property
-    def oauth_refresh_token(self) -> Optional[str]:
-        """
-        Token for use with OAuth. Setup and generation of the token is left to other tools. Should be used in conjunction with
-        `oauth_client_id`, `oauth_client_secret`, `oauth_endpoint`, `oauth_redirect_url`. Cannot be used with `browser_auth`,
-        `private_key_path`, `oauth_access_token` or `password`. Can also be sourced from `SNOWFLAKE_OAUTH_REFRESH_TOKEN`
-        environment variable.
-        """
-        return __config__.get('oauthRefreshToken') or _utilities.get_env('SNOWFLAKE_OAUTH_REFRESH_TOKEN')
-
     @property
     def ocsp_fail_open(self) -> Optional[str]:
         """
@@ -295,8 +226,8 @@ class _ExportableConfig(types.ModuleType):
     @property
     def password(self) -> Optional[str]:
         """
-        Password for user + password auth. Cannot be used with `browser_auth` or `private_key_path`. Can also be sourced from
-        the `SNOWFLAKE_PASSWORD` environment variable.
+        Password for user + password auth. Cannot be used with `private_key` and `private_key_passphrase`. Can also be sourced
+        from the `SNOWFLAKE_PASSWORD` environment variable.
         """
         return __config__.get('password') or _utilities.get_env('SNOWFLAKE_PASSWORD')
 
@@ -308,11 +239,15 @@ class _ExportableConfig(types.ModuleType):
         """
         return __config__.get_int('port') or _utilities.get_env_int('SNOWFLAKE_PORT')
 
+    @property
+    def preview_features_enableds(self) -> Optional[str]:
+        return __config__.get('previewFeaturesEnableds')
+
     @property
     def private_key(self) -> Optional[str]:
         """
-        Private Key for username+private-key auth. Cannot be used with `browser_auth` or `password`. Can also be sourced from
-        the `SNOWFLAKE_PRIVATE_KEY` environment variable.
+        Private Key for username+private-key auth. Cannot be used with `password`. Can also be sourced from the
+        `SNOWFLAKE_PRIVATE_KEY` environment variable.
         """
         return __config__.get('privateKey')
 
@@ -324,14 +259,6 @@ class _ExportableConfig(types.ModuleType):
         """
         return __config__.get('privateKeyPassphrase') or _utilities.get_env('SNOWFLAKE_PRIVATE_KEY_PASSPHRASE')
 
-    @property
-    def private_key_path(self) -> Optional[str]:
-        """
-        Path to a private key for using keypair authentication. Cannot be used with `browser_auth`, `oauth_access_token` or
-        `password`. Can also be sourced from `SNOWFLAKE_PRIVATE_KEY_PATH` environment variable.
-        """
-        return __config__.get('privateKeyPath') or _utilities.get_env('SNOWFLAKE_PRIVATE_KEY_PATH')
-
     @property
     def profile(self) -> Optional[str]:
         """
@@ -348,18 +275,6 @@ class _ExportableConfig(types.ModuleType):
         """
         return __config__.get('protocol') or _utilities.get_env('SNOWFLAKE_PROTOCOL')
 
-    @property
-    def region(self) -> Optional[str]:
-        """
-        Snowflake region, such as "eu-central-1", with this parameter. However, since this parameter is deprecated, it is best
-        to specify the region as part of the account parameter. For details, see the description of the account parameter.
-        [Snowflake region](https://docs.snowflake.com/en/user-guide/intro-regions.html) to use. Required if using the [legacy
-        format for the `account`
-        identifier](https://docs.snowflake.com/en/user-guide/admin-account-identifier.html#format-2-legacy-account-locator-in-a-region)
-        in the form of `<cloud_region_id>.<cloud>`. Can also be sourced from the `SNOWFLAKE_REGION` environment variable.
-        """
-        return __config__.get('region') or _utilities.get_env('SNOWFLAKE_REGION')
-
     @property
     def request_timeout(self) -> Optional[int]:
         """
@@ -376,13 +291,6 @@ class _ExportableConfig(types.ModuleType):
         """
         return __config__.get('role') or _utilities.get_env('SNOWFLAKE_ROLE')
 
-    @property
-    def session_params(self) -> Optional[str]:
-        """
-        Sets session parameters. [Parameters](https://docs.snowflake.com/en/sql-reference/parameters)
-        """
-        return __config__.get('sessionParams')
-
     @property
     def tmp_directory_path(self) -> Optional[str]:
         """
@@ -410,14 +318,6 @@ class _ExportableConfig(types.ModuleType):
         """
         return __config__.get('user')
 
-    @property
-    def username(self) -> Optional[str]:
-        """
-        Username for user + password authentication. Required unless using `profile`. Can also be sourced from the
-        `SNOWFLAKE_USERNAME` environment variable.
-        """
-        return __config__.get('username') or _utilities.get_env('SNOWFLAKE_USER')
-
     @property
     def validate_default_parameters(self) -> Optional[str]:
         """