pulumi-snowflake 1.2.0a1742884666__tar.gz → 1.2.0a1742970745__tar.gz

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pulumi_snowflake
-Version: 1.2.0a1742884666
+Version: 1.2.0a1742970745
 Summary: A Pulumi package for creating and managing snowflake cloud resources.
 License: Apache-2.0
 Project-URL: Homepage, https://pulumi.io

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pulumi_snowflake/config/__init__.pyi

@@ -217,6 +217,14 @@ Specifies the role to use by default for accessing Snowflake objects in the clie
 `SNOWFLAKE_ROLE` environment variable.
 """
 
+skipTomlFilePermissionVerification: Optional[bool]
+"""
+True by default. Skips TOML configuration file permission verification. This flag has no effect on Windows systems, as
+the permissions are not checked on this platform. We recommend setting this to `false` and setting the proper privileges
+- see the section below. Can also be sourced from the `SNOWFLAKE_SKIP_TOML_FILE_PERMISSION_VERIFICATION` environment
+variable.
+"""
+
 tmpDirectoryPath: Optional[str]
 """
 Sets temporary directory used by the driver for operations like encrypting, compressing etc. Can also be sourced from

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pulumi_snowflake/config/vars.py

@@ -291,6 +291,16 @@ class _ExportableConfig(types.ModuleType):
         """
         return __config__.get('role') or _utilities.get_env('SNOWFLAKE_ROLE')
 
+    @property
+    def skip_toml_file_permission_verification(self) -> Optional[bool]:
+        """
+        True by default. Skips TOML configuration file permission verification. This flag has no effect on Windows systems, as
+        the permissions are not checked on this platform. We recommend setting this to `false` and setting the proper privileges
+        - see the section below. Can also be sourced from the `SNOWFLAKE_SKIP_TOML_FILE_PERMISSION_VERIFICATION` environment
+        variable.
+        """
+        return __config__.get_bool('skipTomlFilePermissionVerification')
+
     @property
     def tmp_directory_path(self) -> Optional[str]:
         """

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pulumi_snowflake/get_users.py

@@ -130,7 +130,7 @@ def get_users(like: Optional[str] = None,
               with_parameters: Optional[bool] = None,
               opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetUsersResult:
     """
-    Data source used to get details of filtered users. Filtering is aligned with the current possibilities for [SHOW USERS](https://docs.snowflake.com/en/sql-reference/sql/show-users) query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. Important note is that when querying users you don't have permissions to, the querying options are limited. You won't get almost any field in `show_output` (only empty or default values), the DESCRIBE command cannot be called, so you have to set `with_describe = false`. Only `parameters` output is not affected by the lack of privileges.
+    Data source used to get details of filtered users. Filtering is aligned with the current possibilities for [SHOW USERS](https://docs.snowflake.com/en/sql-reference/sql/show-users) query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. Important note is that when querying users you don't have permissions to, the querying options are limited. You won't get almost any field in `show_output` (only empty or default values), the DESCRIBE command will return error when called, so you have to set `with_describe = false`; the SHOW PARAMETERS command will return error when called too, so you have to set `with_parameters = false`.
 
 
     :param str like: Filters the output with **case-insensitive** pattern, with support for SQL wildcard characters (`%` and `_`).
@@ -163,7 +163,7 @@ def get_users_output(like: Optional[pulumi.Input[Optional[str]]] = None,
                      with_parameters: Optional[pulumi.Input[Optional[bool]]] = None,
                      opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetUsersResult]:
     """
-    Data source used to get details of filtered users. Filtering is aligned with the current possibilities for [SHOW USERS](https://docs.snowflake.com/en/sql-reference/sql/show-users) query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. Important note is that when querying users you don't have permissions to, the querying options are limited. You won't get almost any field in `show_output` (only empty or default values), the DESCRIBE command cannot be called, so you have to set `with_describe = false`. Only `parameters` output is not affected by the lack of privileges.
+    Data source used to get details of filtered users. Filtering is aligned with the current possibilities for [SHOW USERS](https://docs.snowflake.com/en/sql-reference/sql/show-users) query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. Important note is that when querying users you don't have permissions to, the querying options are limited. You won't get almost any field in `show_output` (only empty or default values), the DESCRIBE command will return error when called, so you have to set `with_describe = false`; the SHOW PARAMETERS command will return error when called too, so you have to set `with_parameters = false`.
 
 
     :param str like: Filters the output with **case-insensitive** pattern, with support for SQL wildcard characters (`%` and `_`).

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pulumi_snowflake/masking_policy.py

@@ -37,7 +37,7 @@ class MaskingPolicyArgs:
         :param pulumi.Input[str] return_data_type: The return data type must match the input data type of the first column that is specified as an input column. For more information about data types, check [Snowflake docs](https://docs.snowflake.com/en/sql-reference/intro-summary-data-types).
         :param pulumi.Input[str] schema: The schema in which to create the masking policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[str] comment: Specifies a comment for the masking policy.
-        :param pulumi.Input[str] exempt_other_policies: Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is chenged, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[str] exempt_other_policies: Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is changed, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] name: Specifies the identifier for the masking policy; must be unique for the database and schema in which the masking policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         pulumi.set(__self__, "arguments", arguments)
@@ -128,7 +128,7 @@ class MaskingPolicyArgs:
     @pulumi.getter(name="exemptOtherPolicies")
     def exempt_other_policies(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is chenged, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is changed, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "exempt_other_policies")
 
@@ -170,7 +170,7 @@ class _MaskingPolicyState:
         :param pulumi.Input[str] comment: Specifies a comment for the masking policy.
         :param pulumi.Input[str] database: The database in which to create the masking policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input['MaskingPolicyDescribeOutputArgs']]] describe_outputs: Outputs the result of `DESCRIBE MASKING POLICY` for the given masking policy.
-        :param pulumi.Input[str] exempt_other_policies: Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is chenged, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[str] exempt_other_policies: Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is changed, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         :param pulumi.Input[str] name: Specifies the identifier for the masking policy; must be unique for the database and schema in which the masking policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[str] return_data_type: The return data type must match the input data type of the first column that is specified as an input column. For more information about data types, check [Snowflake docs](https://docs.snowflake.com/en/sql-reference/intro-summary-data-types).
@@ -264,7 +264,7 @@ class _MaskingPolicyState:
     @pulumi.getter(name="exemptOtherPolicies")
     def exempt_other_policies(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is chenged, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is changed, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "exempt_other_policies")
 
@@ -360,7 +360,7 @@ class MaskingPolicy(pulumi.CustomResource):
         :param pulumi.Input[str] body: Specifies the SQL expression that transforms the data. To mitigate permadiff on this field, the provider replaces blank characters with a space. This can lead to false positives in cases where a change in case or run of whitespace is semantically significant.
         :param pulumi.Input[str] comment: Specifies a comment for the masking policy.
         :param pulumi.Input[str] database: The database in which to create the masking policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[str] exempt_other_policies: Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is chenged, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[str] exempt_other_policies: Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is changed, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] name: Specifies the identifier for the masking policy; must be unique for the database and schema in which the masking policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[str] return_data_type: The return data type must match the input data type of the first column that is specified as an input column. For more information about data types, check [Snowflake docs](https://docs.snowflake.com/en/sql-reference/intro-summary-data-types).
         :param pulumi.Input[str] schema: The schema in which to create the masking policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
@@ -464,7 +464,7 @@ class MaskingPolicy(pulumi.CustomResource):
         :param pulumi.Input[str] comment: Specifies a comment for the masking policy.
         :param pulumi.Input[str] database: The database in which to create the masking policy. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[Union['MaskingPolicyDescribeOutputArgs', 'MaskingPolicyDescribeOutputArgsDict']]]] describe_outputs: Outputs the result of `DESCRIBE MASKING POLICY` for the given masking policy.
-        :param pulumi.Input[str] exempt_other_policies: Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is chenged, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[str] exempt_other_policies: Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is changed, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         :param pulumi.Input[str] name: Specifies the identifier for the masking policy; must be unique for the database and schema in which the masking policy is created. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[str] return_data_type: The return data type must match the input data type of the first column that is specified as an input column. For more information about data types, check [Snowflake docs](https://docs.snowflake.com/en/sql-reference/intro-summary-data-types).
@@ -532,7 +532,7 @@ class MaskingPolicy(pulumi.CustomResource):
     @pulumi.getter(name="exemptOtherPolicies")
     def exempt_other_policies(self) -> pulumi.Output[Optional[str]]:
         """
-        Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is chenged, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        Specifies whether the row access policy or conditional masking policy can reference a column that is already protected by a masking policy. Due to Snowflake limitations, when value is changed, the resource is recreated. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "exempt_other_policies")
 

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pulumi_snowflake/oauth_integration_for_partner_applications.py

@@ -38,6 +38,7 @@ class OauthIntegrationForPartnerApplicationsArgs:
         :param pulumi.Input[str] enabled: Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         :param pulumi.Input[str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[str] oauth_issue_refresh_tokens: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI. The field should be only set when OAUTH_CLIENT = LOOKER. In any other case the field should be left out empty.
         :param pulumi.Input[int] oauth_refresh_token_validity: Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
         :param pulumi.Input[str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
         """
@@ -134,6 +135,9 @@ class OauthIntegrationForPartnerApplicationsArgs:
     @property
     @pulumi.getter(name="oauthRedirectUri")
     def oauth_redirect_uri(self) -> Optional[pulumi.Input[str]]:
+        """
+        Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI. The field should be only set when OAUTH_CLIENT = LOOKER. In any other case the field should be left out empty.
+        """
         return pulumi.get(self, "oauth_redirect_uri")
 
     @oauth_redirect_uri.setter
@@ -191,6 +195,7 @@ class _OauthIntegrationForPartnerApplicationsState:
         :param pulumi.Input[str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[str] oauth_client: Creates an OAuth interface between Snowflake and a partner application. Valid options are: `LOOKER` | `TABLEAU_DESKTOP` | `TABLEAU_SERVER`.
         :param pulumi.Input[str] oauth_issue_refresh_tokens: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI. The field should be only set when OAUTH_CLIENT = LOOKER. In any other case the field should be left out empty.
         :param pulumi.Input[int] oauth_refresh_token_validity: Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
         :param pulumi.Input[str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
         :param pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForPartnerApplicationsRelatedParameterArgs']]] related_parameters: Parameters related to this security integration.
@@ -322,6 +327,9 @@ class _OauthIntegrationForPartnerApplicationsState:
     @property
     @pulumi.getter(name="oauthRedirectUri")
     def oauth_redirect_uri(self) -> Optional[pulumi.Input[str]]:
+        """
+        Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI. The field should be only set when OAUTH_CLIENT = LOOKER. In any other case the field should be left out empty.
+        """
         return pulumi.get(self, "oauth_redirect_uri")
 
     @oauth_redirect_uri.setter
@@ -407,6 +415,7 @@ class OauthIntegrationForPartnerApplications(pulumi.CustomResource):
         :param pulumi.Input[str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[str] oauth_client: Creates an OAuth interface between Snowflake and a partner application. Valid options are: `LOOKER` | `TABLEAU_DESKTOP` | `TABLEAU_SERVER`.
         :param pulumi.Input[str] oauth_issue_refresh_tokens: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI. The field should be only set when OAUTH_CLIENT = LOOKER. In any other case the field should be left out empty.
         :param pulumi.Input[int] oauth_refresh_token_validity: Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
         :param pulumi.Input[str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
         """
@@ -509,6 +518,7 @@ class OauthIntegrationForPartnerApplications(pulumi.CustomResource):
         :param pulumi.Input[str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[str] oauth_client: Creates an OAuth interface between Snowflake and a partner application. Valid options are: `LOOKER` | `TABLEAU_DESKTOP` | `TABLEAU_SERVER`.
         :param pulumi.Input[str] oauth_issue_refresh_tokens: Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI. The field should be only set when OAUTH_CLIENT = LOOKER. In any other case the field should be left out empty.
         :param pulumi.Input[int] oauth_refresh_token_validity: Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
         :param pulumi.Input[str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
         :param pulumi.Input[Sequence[pulumi.Input[Union['OauthIntegrationForPartnerApplicationsRelatedParameterArgs', 'OauthIntegrationForPartnerApplicationsRelatedParameterArgsDict']]]] related_parameters: Parameters related to this security integration.
@@ -600,6 +610,9 @@ class OauthIntegrationForPartnerApplications(pulumi.CustomResource):
     @property
     @pulumi.getter(name="oauthRedirectUri")
     def oauth_redirect_uri(self) -> pulumi.Output[Optional[str]]:
+        """
+        Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI. The field should be only set when OAUTH_CLIENT = LOOKER. In any other case the field should be left out empty.
+        """
         return pulumi.get(self, "oauth_redirect_uri")
 
     @property

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pulumi_snowflake/provider.py

@@ -54,6 +54,7 @@ class ProviderArgs:
                  protocol: Optional[pulumi.Input[str]] = None,
                  request_timeout: Optional[pulumi.Input[int]] = None,
                  role: Optional[pulumi.Input[str]] = None,
+                 skip_toml_file_permission_verification: Optional[pulumi.Input[bool]] = None,
                  tmp_directory_path: Optional[pulumi.Input[str]] = None,
                  token: Optional[pulumi.Input[str]] = None,
                  token_accessor: Optional[pulumi.Input['ProviderTokenAccessorArgs']] = None,
@@ -130,6 +131,10 @@ class ProviderArgs:
                `SNOWFLAKE_REQUEST_TIMEOUT` environment variable.
         :param pulumi.Input[str] role: Specifies the role to use by default for accessing Snowflake objects in the client session. Can also be sourced from the
                `SNOWFLAKE_ROLE` environment variable.
+        :param pulumi.Input[bool] skip_toml_file_permission_verification: True by default. Skips TOML configuration file permission verification. This flag has no effect on Windows systems, as
+               the permissions are not checked on this platform. We recommend setting this to `false` and setting the proper privileges
+               - see the section below. Can also be sourced from the `SNOWFLAKE_SKIP_TOML_FILE_PERMISSION_VERIFICATION` environment
+               variable.
         :param pulumi.Input[str] tmp_directory_path: Sets temporary directory used by the driver for operations like encrypting, compressing etc. Can also be sourced from
                the `SNOWFLAKE_TMP_DIRECTORY_PATH` environment variable.
         :param pulumi.Input[str] token: Token to use for OAuth and other forms of token based auth. Can also be sourced from the `SNOWFLAKE_TOKEN` environment
@@ -220,6 +225,8 @@ class ProviderArgs:
             role = _utilities.get_env('SNOWFLAKE_ROLE')
         if role is not None:
             pulumi.set(__self__, "role", role)
+        if skip_toml_file_permission_verification is not None:
+            pulumi.set(__self__, "skip_toml_file_permission_verification", skip_toml_file_permission_verification)
         if tmp_directory_path is not None:
             pulumi.set(__self__, "tmp_directory_path", tmp_directory_path)
         if token is not None:
@@ -675,6 +682,21 @@ class ProviderArgs:
     def role(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "role", value)
 
+    @property
+    @pulumi.getter(name="skipTomlFilePermissionVerification")
+    def skip_toml_file_permission_verification(self) -> Optional[pulumi.Input[bool]]:
+        """
+        True by default. Skips TOML configuration file permission verification. This flag has no effect on Windows systems, as
+        the permissions are not checked on this platform. We recommend setting this to `false` and setting the proper privileges
+        - see the section below. Can also be sourced from the `SNOWFLAKE_SKIP_TOML_FILE_PERMISSION_VERIFICATION` environment
+        variable.
+        """
+        return pulumi.get(self, "skip_toml_file_permission_verification")
+
+    @skip_toml_file_permission_verification.setter
+    def skip_toml_file_permission_verification(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "skip_toml_file_permission_verification", value)
+
     @property
     @pulumi.getter(name="tmpDirectoryPath")
     def tmp_directory_path(self) -> Optional[pulumi.Input[str]]:
@@ -788,6 +810,7 @@ class Provider(pulumi.ProviderResource):
                  protocol: Optional[pulumi.Input[str]] = None,
                  request_timeout: Optional[pulumi.Input[int]] = None,
                  role: Optional[pulumi.Input[str]] = None,
+                 skip_toml_file_permission_verification: Optional[pulumi.Input[bool]] = None,
                  tmp_directory_path: Optional[pulumi.Input[str]] = None,
                  token: Optional[pulumi.Input[str]] = None,
                  token_accessor: Optional[pulumi.Input[Union['ProviderTokenAccessorArgs', 'ProviderTokenAccessorArgsDict']]] = None,
@@ -871,6 +894,10 @@ class Provider(pulumi.ProviderResource):
                `SNOWFLAKE_REQUEST_TIMEOUT` environment variable.
         :param pulumi.Input[str] role: Specifies the role to use by default for accessing Snowflake objects in the client session. Can also be sourced from the
                `SNOWFLAKE_ROLE` environment variable.
+        :param pulumi.Input[bool] skip_toml_file_permission_verification: True by default. Skips TOML configuration file permission verification. This flag has no effect on Windows systems, as
+               the permissions are not checked on this platform. We recommend setting this to `false` and setting the proper privileges
+               - see the section below. Can also be sourced from the `SNOWFLAKE_SKIP_TOML_FILE_PERMISSION_VERIFICATION` environment
+               variable.
         :param pulumi.Input[str] tmp_directory_path: Sets temporary directory used by the driver for operations like encrypting, compressing etc. Can also be sourced from
                the `SNOWFLAKE_TMP_DIRECTORY_PATH` environment variable.
         :param pulumi.Input[str] token: Token to use for OAuth and other forms of token based auth. Can also be sourced from the `SNOWFLAKE_TOKEN` environment
@@ -942,6 +969,7 @@ class Provider(pulumi.ProviderResource):
                  protocol: Optional[pulumi.Input[str]] = None,
                  request_timeout: Optional[pulumi.Input[int]] = None,
                  role: Optional[pulumi.Input[str]] = None,
+                 skip_toml_file_permission_verification: Optional[pulumi.Input[bool]] = None,
                  tmp_directory_path: Optional[pulumi.Input[str]] = None,
                  token: Optional[pulumi.Input[str]] = None,
                  token_accessor: Optional[pulumi.Input[Union['ProviderTokenAccessorArgs', 'ProviderTokenAccessorArgsDict']]] = None,
@@ -1003,6 +1031,7 @@ class Provider(pulumi.ProviderResource):
             if role is None:
                 role = _utilities.get_env('SNOWFLAKE_ROLE')
             __props__.__dict__["role"] = role
+            __props__.__dict__["skip_toml_file_permission_verification"] = pulumi.Output.from_input(skip_toml_file_permission_verification).apply(pulumi.runtime.to_json) if skip_toml_file_permission_verification is not None else None
             __props__.__dict__["tmp_directory_path"] = tmp_directory_path
             __props__.__dict__["token"] = None if token is None else pulumi.Output.secret(token)
             __props__.__dict__["token_accessor"] = pulumi.Output.from_input(token_accessor).apply(pulumi.runtime.to_json) if token_accessor is not None else None

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pulumi_snowflake/pulumi-plugin.json

@@ -1,5 +1,5 @@
 {
   "resource": true,
   "name": "snowflake",
-  "version": "1.2.0-alpha.1742884666"
+  "version": "1.2.0-alpha.1742970745"
 }

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pulumi_snowflake.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pulumi_snowflake
-Version: 1.2.0a1742884666
+Version: 1.2.0a1742970745
 Summary: A Pulumi package for creating and managing snowflake cloud resources.
 License: Apache-2.0
 Project-URL: Homepage, https://pulumi.io

{pulumi_snowflake-1.2.0a1742884666 → pulumi_snowflake-1.2.0a1742970745}/pyproject.toml

@@ -5,7 +5,7 @@
   keywords = ["pulumi", "snowflake"]
   readme = "README.md"
   requires-python = ">=3.9"
-  version = "1.2.0a1742884666"
+  version = "1.2.0a1742970745"
   [project.license]
     text = "Apache-2.0"
   [project.urls]