pulumi-snowflake 2.3.0a1753339260__py3-none-any.whl → 2.3.0a1753415140__py3-none-any.whl

pulumi_snowflake/oauth_integration_for_custom_clients.py

@@ -2,8 +2,7 @@
 # *** WARNING: this file was generated by pulumi-language-python. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
-import builtins
-import copy
+import builtins as _builtins
 import warnings
 import sys
 import pulumi
@@ -22,36 +21,36 @@ __all__ = ['OauthIntegrationForCustomClientsArgs', 'OauthIntegrationForCustomCli
 @pulumi.input_type
 class OauthIntegrationForCustomClientsArgs:
     def __init__(__self__, *,
-                 oauth_client_type: pulumi.Input[builtins.str],
-                 oauth_redirect_uri: pulumi.Input[builtins.str],
-                 blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 enabled: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
-                 network_policy: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_enforce_pkce: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_issue_refresh_tokens: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_refresh_token_validity: Optional[pulumi.Input[builtins.int]] = None,
-                 oauth_use_secondary_roles: Optional[pulumi.Input[builtins.str]] = None,
-                 pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None):
+                 oauth_client_type: pulumi.Input[_builtins.str],
+                 oauth_redirect_uri: pulumi.Input[_builtins.str],
+                 blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 network_policy: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_enforce_pkce: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_issue_refresh_tokens: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_refresh_token_validity: Optional[pulumi.Input[_builtins.int]] = None,
+                 oauth_use_secondary_roles: Optional[pulumi.Input[_builtins.str]] = None,
+                 pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None):
         """
         The set of arguments for constructing a OauthIntegrationForCustomClients resource.
-        :param pulumi.Input[builtins.str] oauth_client_type: Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
-        :param pulumi.Input[builtins.str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] blocked_roles_lists: A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the OAuth integration.
-        :param pulumi.Input[builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[builtins.str] network_policy: Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] oauth_allow_non_tls_redirect_uri: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_enforce_pkce: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_issue_refresh_tokens: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.int] oauth_refresh_token_validity: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
-        :param pulumi.Input[builtins.str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] pre_authorized_roles_lists: A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] oauth_client_type: Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
+        :param pulumi.Input[_builtins.str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] blocked_roles_lists: A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the OAuth integration.
+        :param pulumi.Input[_builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] network_policy: Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] oauth_allow_non_tls_redirect_uri: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_enforce_pkce: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_issue_refresh_tokens: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.int] oauth_refresh_token_validity: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
+        :param pulumi.Input[_builtins.str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] pre_authorized_roles_lists: A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
         """
         pulumi.set(__self__, "oauth_client_type", oauth_client_type)
         pulumi.set(__self__, "oauth_redirect_uri", oauth_redirect_uri)
@@ -82,220 +81,220 @@ class OauthIntegrationForCustomClientsArgs:
         if pre_authorized_roles_lists is not None:
             pulumi.set(__self__, "pre_authorized_roles_lists", pre_authorized_roles_lists)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientType")
-    def oauth_client_type(self) -> pulumi.Input[builtins.str]:
+    def oauth_client_type(self) -> pulumi.Input[_builtins.str]:
         """
         Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
         """
         return pulumi.get(self, "oauth_client_type")
 
     @oauth_client_type.setter
-    def oauth_client_type(self, value: pulumi.Input[builtins.str]):
+    def oauth_client_type(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "oauth_client_type", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthRedirectUri")
-    def oauth_redirect_uri(self) -> pulumi.Input[builtins.str]:
+    def oauth_redirect_uri(self) -> pulumi.Input[_builtins.str]:
         """
         Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
         """
         return pulumi.get(self, "oauth_redirect_uri")
 
     @oauth_redirect_uri.setter
-    def oauth_redirect_uri(self, value: pulumi.Input[builtins.str]):
+    def oauth_redirect_uri(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "oauth_redirect_uri", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="blockedRolesLists")
-    def blocked_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def blocked_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
         """
         return pulumi.get(self, "blocked_roles_lists")
 
     @blocked_roles_lists.setter
-    def blocked_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def blocked_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "blocked_roles_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> Optional[pulumi.Input[builtins.str]]:
+    def comment(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a comment for the OAuth integration.
         """
         return pulumi.get(self, "comment")
 
     @comment.setter
-    def comment(self, value: Optional[pulumi.Input[builtins.str]]):
+    def comment(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "comment", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[builtins.str]]:
+    def enabled(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[builtins.str]]):
+    def enabled(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "enabled", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "name", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="networkPolicy")
-    def network_policy(self) -> Optional[pulumi.Input[builtins.str]]:
+    def network_policy(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
         """
         return pulumi.get(self, "network_policy")
 
     @network_policy.setter
-    def network_policy(self, value: Optional[pulumi.Input[builtins.str]]):
+    def network_policy(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "network_policy", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthAllowNonTlsRedirectUri")
-    def oauth_allow_non_tls_redirect_uri(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_allow_non_tls_redirect_uri(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_allow_non_tls_redirect_uri")
 
     @oauth_allow_non_tls_redirect_uri.setter
-    def oauth_allow_non_tls_redirect_uri(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_allow_non_tls_redirect_uri(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_allow_non_tls_redirect_uri", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientRsaPublicKey")
-    def oauth_client_rsa_public_key(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_client_rsa_public_key(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "oauth_client_rsa_public_key")
 
     @oauth_client_rsa_public_key.setter
-    def oauth_client_rsa_public_key(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_client_rsa_public_key(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_client_rsa_public_key", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientRsaPublicKey2")
-    def oauth_client_rsa_public_key2(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_client_rsa_public_key2(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "oauth_client_rsa_public_key2")
 
     @oauth_client_rsa_public_key2.setter
-    def oauth_client_rsa_public_key2(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_client_rsa_public_key2(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_client_rsa_public_key2", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthEnforcePkce")
-    def oauth_enforce_pkce(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_enforce_pkce(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_enforce_pkce")
 
     @oauth_enforce_pkce.setter
-    def oauth_enforce_pkce(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_enforce_pkce(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_enforce_pkce", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthIssueRefreshTokens")
-    def oauth_issue_refresh_tokens(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_issue_refresh_tokens(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_issue_refresh_tokens")
 
     @oauth_issue_refresh_tokens.setter
-    def oauth_issue_refresh_tokens(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_issue_refresh_tokens(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_issue_refresh_tokens", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthRefreshTokenValidity")
-    def oauth_refresh_token_validity(self) -> Optional[pulumi.Input[builtins.int]]:
+    def oauth_refresh_token_validity(self) -> Optional[pulumi.Input[_builtins.int]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
         """
         return pulumi.get(self, "oauth_refresh_token_validity")
 
     @oauth_refresh_token_validity.setter
-    def oauth_refresh_token_validity(self, value: Optional[pulumi.Input[builtins.int]]):
+    def oauth_refresh_token_validity(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "oauth_refresh_token_validity", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthUseSecondaryRoles")
-    def oauth_use_secondary_roles(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_use_secondary_roles(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
         """
         return pulumi.get(self, "oauth_use_secondary_roles")
 
     @oauth_use_secondary_roles.setter
-    def oauth_use_secondary_roles(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_use_secondary_roles(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_use_secondary_roles", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="preAuthorizedRolesLists")
-    def pre_authorized_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def pre_authorized_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
         """
         return pulumi.get(self, "pre_authorized_roles_lists")
 
     @pre_authorized_roles_lists.setter
-    def pre_authorized_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def pre_authorized_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "pre_authorized_roles_lists", value)
 
 
 @pulumi.input_type
 class _OauthIntegrationForCustomClientsState:
     def __init__(__self__, *,
-                 blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
+                 blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
                  describe_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsDescribeOutputArgs']]]] = None,
-                 enabled: Optional[pulumi.Input[builtins.str]] = None,
-                 fully_qualified_name: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
-                 network_policy: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_type: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_enforce_pkce: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_issue_refresh_tokens: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_refresh_token_validity: Optional[pulumi.Input[builtins.int]] = None,
-                 oauth_use_secondary_roles: Optional[pulumi.Input[builtins.str]] = None,
-                 pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.str]] = None,
+                 fully_qualified_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 network_policy: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_enforce_pkce: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_issue_refresh_tokens: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_refresh_token_validity: Optional[pulumi.Input[_builtins.int]] = None,
+                 oauth_use_secondary_roles: Optional[pulumi.Input[_builtins.str]] = None,
+                 pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  related_parameters: Optional[pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsRelatedParameterArgs']]]] = None,
                  show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsShowOutputArgs']]]] = None):
         """
         Input properties used for looking up and filtering OauthIntegrationForCustomClients resources.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] blocked_roles_lists: A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the OAuth integration.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] blocked_roles_lists: A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the OAuth integration.
         :param pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsDescribeOutputArgs']]] describe_outputs: Outputs the result of `DESCRIBE SECURITY INTEGRATION` for the given integration.
-        :param pulumi.Input[builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
-        :param pulumi.Input[builtins.str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[builtins.str] network_policy: Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] oauth_allow_non_tls_redirect_uri: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_client_type: Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
-        :param pulumi.Input[builtins.str] oauth_enforce_pkce: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_issue_refresh_tokens: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
-        :param pulumi.Input[builtins.int] oauth_refresh_token_validity: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
-        :param pulumi.Input[builtins.str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] pre_authorized_roles_lists: A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] network_policy: Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] oauth_allow_non_tls_redirect_uri: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_client_type: Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
+        :param pulumi.Input[_builtins.str] oauth_enforce_pkce: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_issue_refresh_tokens: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
+        :param pulumi.Input[_builtins.int] oauth_refresh_token_validity: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
+        :param pulumi.Input[_builtins.str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] pre_authorized_roles_lists: A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
         :param pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsRelatedParameterArgs']]] related_parameters: Parameters related to this security integration.
         :param pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsShowOutputArgs']]] show_outputs: Outputs the result of `SHOW SECURITY INTEGRATION` for the given integration.
         """
@@ -338,31 +337,31 @@ class _OauthIntegrationForCustomClientsState:
         if show_outputs is not None:
             pulumi.set(__self__, "show_outputs", show_outputs)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="blockedRolesLists")
-    def blocked_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def blocked_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
         """
         return pulumi.get(self, "blocked_roles_lists")
 
     @blocked_roles_lists.setter
-    def blocked_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def blocked_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "blocked_roles_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> Optional[pulumi.Input[builtins.str]]:
+    def comment(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a comment for the OAuth integration.
         """
         return pulumi.get(self, "comment")
 
     @comment.setter
-    def comment(self, value: Optional[pulumi.Input[builtins.str]]):
+    def comment(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "comment", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="describeOutputs")
     def describe_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsDescribeOutputArgs']]]]:
         """
@@ -374,169 +373,169 @@ class _OauthIntegrationForCustomClientsState:
     def describe_outputs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsDescribeOutputArgs']]]]):
         pulumi.set(self, "describe_outputs", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[builtins.str]]:
+    def enabled(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[builtins.str]]):
+    def enabled(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "enabled", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="fullyQualifiedName")
-    def fully_qualified_name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def fully_qualified_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         """
         return pulumi.get(self, "fully_qualified_name")
 
     @fully_qualified_name.setter
-    def fully_qualified_name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def fully_qualified_name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "fully_qualified_name", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "name", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="networkPolicy")
-    def network_policy(self) -> Optional[pulumi.Input[builtins.str]]:
+    def network_policy(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
         """
         return pulumi.get(self, "network_policy")
 
     @network_policy.setter
-    def network_policy(self, value: Optional[pulumi.Input[builtins.str]]):
+    def network_policy(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "network_policy", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthAllowNonTlsRedirectUri")
-    def oauth_allow_non_tls_redirect_uri(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_allow_non_tls_redirect_uri(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_allow_non_tls_redirect_uri")
 
     @oauth_allow_non_tls_redirect_uri.setter
-    def oauth_allow_non_tls_redirect_uri(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_allow_non_tls_redirect_uri(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_allow_non_tls_redirect_uri", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientRsaPublicKey")
-    def oauth_client_rsa_public_key(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_client_rsa_public_key(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "oauth_client_rsa_public_key")
 
     @oauth_client_rsa_public_key.setter
-    def oauth_client_rsa_public_key(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_client_rsa_public_key(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_client_rsa_public_key", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientRsaPublicKey2")
-    def oauth_client_rsa_public_key2(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_client_rsa_public_key2(self) -> Optional[pulumi.Input[_builtins.str]]:
         return pulumi.get(self, "oauth_client_rsa_public_key2")
 
     @oauth_client_rsa_public_key2.setter
-    def oauth_client_rsa_public_key2(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_client_rsa_public_key2(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_client_rsa_public_key2", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientType")
-    def oauth_client_type(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_client_type(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
         """
         return pulumi.get(self, "oauth_client_type")
 
     @oauth_client_type.setter
-    def oauth_client_type(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_client_type(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_client_type", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthEnforcePkce")
-    def oauth_enforce_pkce(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_enforce_pkce(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_enforce_pkce")
 
     @oauth_enforce_pkce.setter
-    def oauth_enforce_pkce(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_enforce_pkce(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_enforce_pkce", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthIssueRefreshTokens")
-    def oauth_issue_refresh_tokens(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_issue_refresh_tokens(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_issue_refresh_tokens")
 
     @oauth_issue_refresh_tokens.setter
-    def oauth_issue_refresh_tokens(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_issue_refresh_tokens(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_issue_refresh_tokens", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthRedirectUri")
-    def oauth_redirect_uri(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_redirect_uri(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
         """
         return pulumi.get(self, "oauth_redirect_uri")
 
     @oauth_redirect_uri.setter
-    def oauth_redirect_uri(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_redirect_uri(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_redirect_uri", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthRefreshTokenValidity")
-    def oauth_refresh_token_validity(self) -> Optional[pulumi.Input[builtins.int]]:
+    def oauth_refresh_token_validity(self) -> Optional[pulumi.Input[_builtins.int]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
         """
         return pulumi.get(self, "oauth_refresh_token_validity")
 
     @oauth_refresh_token_validity.setter
-    def oauth_refresh_token_validity(self, value: Optional[pulumi.Input[builtins.int]]):
+    def oauth_refresh_token_validity(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "oauth_refresh_token_validity", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthUseSecondaryRoles")
-    def oauth_use_secondary_roles(self) -> Optional[pulumi.Input[builtins.str]]:
+    def oauth_use_secondary_roles(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
         """
         return pulumi.get(self, "oauth_use_secondary_roles")
 
     @oauth_use_secondary_roles.setter
-    def oauth_use_secondary_roles(self, value: Optional[pulumi.Input[builtins.str]]):
+    def oauth_use_secondary_roles(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "oauth_use_secondary_roles", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="preAuthorizedRolesLists")
-    def pre_authorized_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def pre_authorized_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
         """
         return pulumi.get(self, "pre_authorized_roles_lists")
 
     @pre_authorized_roles_lists.setter
-    def pre_authorized_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def pre_authorized_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "pre_authorized_roles_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="relatedParameters")
     def related_parameters(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsRelatedParameterArgs']]]]:
         """
@@ -548,7 +547,7 @@ class _OauthIntegrationForCustomClientsState:
     def related_parameters(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsRelatedParameterArgs']]]]):
         pulumi.set(self, "related_parameters", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="showOutputs")
     def show_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['OauthIntegrationForCustomClientsShowOutputArgs']]]]:
         """
@@ -567,21 +566,21 @@ class OauthIntegrationForCustomClients(pulumi.CustomResource):
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 enabled: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
-                 network_policy: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_type: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_enforce_pkce: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_issue_refresh_tokens: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_refresh_token_validity: Optional[pulumi.Input[builtins.int]] = None,
-                 oauth_use_secondary_roles: Optional[pulumi.Input[builtins.str]] = None,
-                 pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 network_policy: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_enforce_pkce: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_issue_refresh_tokens: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_refresh_token_validity: Optional[pulumi.Input[_builtins.int]] = None,
+                 oauth_use_secondary_roles: Optional[pulumi.Input[_builtins.str]] = None,
+                 pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  __props__=None):
         """
         ## Import
@@ -592,19 +591,19 @@ class OauthIntegrationForCustomClients(pulumi.CustomResource):
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] blocked_roles_lists: A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the OAuth integration.
-        :param pulumi.Input[builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[builtins.str] network_policy: Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] oauth_allow_non_tls_redirect_uri: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_client_type: Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
-        :param pulumi.Input[builtins.str] oauth_enforce_pkce: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_issue_refresh_tokens: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
-        :param pulumi.Input[builtins.int] oauth_refresh_token_validity: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
-        :param pulumi.Input[builtins.str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] pre_authorized_roles_lists: A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] blocked_roles_lists: A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the OAuth integration.
+        :param pulumi.Input[_builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] network_policy: Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] oauth_allow_non_tls_redirect_uri: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_client_type: Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
+        :param pulumi.Input[_builtins.str] oauth_enforce_pkce: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_issue_refresh_tokens: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
+        :param pulumi.Input[_builtins.int] oauth_refresh_token_validity: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
+        :param pulumi.Input[_builtins.str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] pre_authorized_roles_lists: A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
         """
         ...
     @overload
@@ -634,21 +633,21 @@ class OauthIntegrationForCustomClients(pulumi.CustomResource):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 enabled: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
-                 network_policy: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_client_type: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_enforce_pkce: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_issue_refresh_tokens: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-                 oauth_refresh_token_validity: Optional[pulumi.Input[builtins.int]] = None,
-                 oauth_use_secondary_roles: Optional[pulumi.Input[builtins.str]] = None,
-                 pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 network_policy: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_client_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_enforce_pkce: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_issue_refresh_tokens: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+                 oauth_refresh_token_validity: Optional[pulumi.Input[_builtins.int]] = None,
+                 oauth_use_secondary_roles: Optional[pulumi.Input[_builtins.str]] = None,
+                 pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -693,23 +692,23 @@ class OauthIntegrationForCustomClients(pulumi.CustomResource):
     def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
-            blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-            comment: Optional[pulumi.Input[builtins.str]] = None,
+            blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            comment: Optional[pulumi.Input[_builtins.str]] = None,
             describe_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['OauthIntegrationForCustomClientsDescribeOutputArgs', 'OauthIntegrationForCustomClientsDescribeOutputArgsDict']]]]] = None,
-            enabled: Optional[pulumi.Input[builtins.str]] = None,
-            fully_qualified_name: Optional[pulumi.Input[builtins.str]] = None,
-            name: Optional[pulumi.Input[builtins.str]] = None,
-            network_policy: Optional[pulumi.Input[builtins.str]] = None,
-            oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-            oauth_client_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-            oauth_client_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-            oauth_client_type: Optional[pulumi.Input[builtins.str]] = None,
-            oauth_enforce_pkce: Optional[pulumi.Input[builtins.str]] = None,
-            oauth_issue_refresh_tokens: Optional[pulumi.Input[builtins.str]] = None,
-            oauth_redirect_uri: Optional[pulumi.Input[builtins.str]] = None,
-            oauth_refresh_token_validity: Optional[pulumi.Input[builtins.int]] = None,
-            oauth_use_secondary_roles: Optional[pulumi.Input[builtins.str]] = None,
-            pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+            enabled: Optional[pulumi.Input[_builtins.str]] = None,
+            fully_qualified_name: Optional[pulumi.Input[_builtins.str]] = None,
+            name: Optional[pulumi.Input[_builtins.str]] = None,
+            network_policy: Optional[pulumi.Input[_builtins.str]] = None,
+            oauth_allow_non_tls_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+            oauth_client_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+            oauth_client_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+            oauth_client_type: Optional[pulumi.Input[_builtins.str]] = None,
+            oauth_enforce_pkce: Optional[pulumi.Input[_builtins.str]] = None,
+            oauth_issue_refresh_tokens: Optional[pulumi.Input[_builtins.str]] = None,
+            oauth_redirect_uri: Optional[pulumi.Input[_builtins.str]] = None,
+            oauth_refresh_token_validity: Optional[pulumi.Input[_builtins.int]] = None,
+            oauth_use_secondary_roles: Optional[pulumi.Input[_builtins.str]] = None,
+            pre_authorized_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
             related_parameters: Optional[pulumi.Input[Sequence[pulumi.Input[Union['OauthIntegrationForCustomClientsRelatedParameterArgs', 'OauthIntegrationForCustomClientsRelatedParameterArgsDict']]]]] = None,
             show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['OauthIntegrationForCustomClientsShowOutputArgs', 'OauthIntegrationForCustomClientsShowOutputArgsDict']]]]] = None) -> 'OauthIntegrationForCustomClients':
         """
@@ -719,21 +718,21 @@ class OauthIntegrationForCustomClients(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] blocked_roles_lists: A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the OAuth integration.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] blocked_roles_lists: A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the OAuth integration.
         :param pulumi.Input[Sequence[pulumi.Input[Union['OauthIntegrationForCustomClientsDescribeOutputArgs', 'OauthIntegrationForCustomClientsDescribeOutputArgsDict']]]] describe_outputs: Outputs the result of `DESCRIBE SECURITY INTEGRATION` for the given integration.
-        :param pulumi.Input[builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
-        :param pulumi.Input[builtins.str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[builtins.str] network_policy: Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] oauth_allow_non_tls_redirect_uri: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_client_type: Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
-        :param pulumi.Input[builtins.str] oauth_enforce_pkce: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_issue_refresh_tokens: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
-        :param pulumi.Input[builtins.int] oauth_refresh_token_validity: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
-        :param pulumi.Input[builtins.str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] pre_authorized_roles_lists: A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] network_policy: Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] oauth_allow_non_tls_redirect_uri: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_client_type: Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
+        :param pulumi.Input[_builtins.str] oauth_enforce_pkce: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_issue_refresh_tokens: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] oauth_redirect_uri: Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
+        :param pulumi.Input[_builtins.int] oauth_refresh_token_validity: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
+        :param pulumi.Input[_builtins.str] oauth_use_secondary_roles: Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] pre_authorized_roles_lists: A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
         :param pulumi.Input[Sequence[pulumi.Input[Union['OauthIntegrationForCustomClientsRelatedParameterArgs', 'OauthIntegrationForCustomClientsRelatedParameterArgsDict']]]] related_parameters: Parameters related to this security integration.
         :param pulumi.Input[Sequence[pulumi.Input[Union['OauthIntegrationForCustomClientsShowOutputArgs', 'OauthIntegrationForCustomClientsShowOutputArgsDict']]]] show_outputs: Outputs the result of `SHOW SECURITY INTEGRATION` for the given integration.
         """
@@ -762,23 +761,23 @@ class OauthIntegrationForCustomClients(pulumi.CustomResource):
         __props__.__dict__["show_outputs"] = show_outputs
         return OauthIntegrationForCustomClients(resource_name, opts=opts, __props__=__props__)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="blockedRolesLists")
-    def blocked_roles_lists(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+    def blocked_roles_lists(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
         A set of Snowflake roles that a user cannot explicitly consent to using after authenticating. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
         """
         return pulumi.get(self, "blocked_roles_lists")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> pulumi.Output[Optional[builtins.str]]:
+    def comment(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies a comment for the OAuth integration.
         """
         return pulumi.get(self, "comment")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="describeOutputs")
     def describe_outputs(self) -> pulumi.Output[Sequence['outputs.OauthIntegrationForCustomClientsDescribeOutput']]:
         """
@@ -786,113 +785,113 @@ class OauthIntegrationForCustomClients(pulumi.CustomResource):
         """
         return pulumi.get(self, "describe_outputs")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> pulumi.Output[Optional[builtins.str]]:
+    def enabled(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this OAuth integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "enabled")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="fullyQualifiedName")
-    def fully_qualified_name(self) -> pulumi.Output[builtins.str]:
+    def fully_qualified_name(self) -> pulumi.Output[_builtins.str]:
         """
         Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         """
         return pulumi.get(self, "fully_qualified_name")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> pulumi.Output[builtins.str]:
+    def name(self) -> pulumi.Output[_builtins.str]:
         """
         Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="networkPolicy")
-    def network_policy(self) -> pulumi.Output[Optional[builtins.str]]:
+    def network_policy(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies an existing network policy. This network policy controls network traffic that is attempting to exchange an authorization code for an access or refresh token or to use a refresh token to obtain a new access token. For more information about this resource, see docs.
         """
         return pulumi.get(self, "network_policy")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthAllowNonTlsRedirectUri")
-    def oauth_allow_non_tls_redirect_uri(self) -> pulumi.Output[Optional[builtins.str]]:
+    def oauth_allow_non_tls_redirect_uri(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) If true, allows setting oauth*redirect*uri to a URI not protected by TLS. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_allow_non_tls_redirect_uri")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientRsaPublicKey")
-    def oauth_client_rsa_public_key(self) -> pulumi.Output[Optional[builtins.str]]:
+    def oauth_client_rsa_public_key(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "oauth_client_rsa_public_key")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientRsaPublicKey2")
-    def oauth_client_rsa_public_key2(self) -> pulumi.Output[Optional[builtins.str]]:
+    def oauth_client_rsa_public_key2(self) -> pulumi.Output[Optional[_builtins.str]]:
         return pulumi.get(self, "oauth_client_rsa_public_key2")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthClientType")
-    def oauth_client_type(self) -> pulumi.Output[builtins.str]:
+    def oauth_client_type(self) -> pulumi.Output[_builtins.str]:
         """
         Specifies the type of client being registered. Snowflake supports both confidential and public clients. Valid options are: `PUBLIC` | `CONFIDENTIAL`.
         """
         return pulumi.get(self, "oauth_client_type")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthEnforcePkce")
-    def oauth_enforce_pkce(self) -> pulumi.Output[Optional[builtins.str]]:
+    def oauth_enforce_pkce(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Boolean that specifies whether Proof Key for Code Exchange (PKCE) should be required for the integration. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_enforce_pkce")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthIssueRefreshTokens")
-    def oauth_issue_refresh_tokens(self) -> pulumi.Output[Optional[builtins.str]]:
+    def oauth_issue_refresh_tokens(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "oauth_issue_refresh_tokens")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthRedirectUri")
-    def oauth_redirect_uri(self) -> pulumi.Output[builtins.str]:
+    def oauth_redirect_uri(self) -> pulumi.Output[_builtins.str]:
         """
         Specifies the client URI. After a user is authenticated, the web browser is redirected to this URI.
         """
         return pulumi.get(self, "oauth_redirect_uri")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthRefreshTokenValidity")
-    def oauth_refresh_token_validity(self) -> pulumi.Output[Optional[builtins.int]]:
+    def oauth_refresh_token_validity(self) -> pulumi.Output[Optional[_builtins.int]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`-1`)) Specifies how long refresh tokens should be valid (in seconds). OAUTH*ISSUE*REFRESH_TOKENS must be set to TRUE.
         """
         return pulumi.get(self, "oauth_refresh_token_validity")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="oauthUseSecondaryRoles")
-    def oauth_use_secondary_roles(self) -> pulumi.Output[Optional[builtins.str]]:
+    def oauth_use_secondary_roles(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. Valid options are: `IMPLICIT` | `NONE`.
         """
         return pulumi.get(self, "oauth_use_secondary_roles")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="preAuthorizedRolesLists")
-    def pre_authorized_roles_lists(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+    def pre_authorized_roles_lists(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
         A set of Snowflake roles that a user does not need to explicitly consent to using after authenticating. For more information about this resource, see docs.
         """
         return pulumi.get(self, "pre_authorized_roles_lists")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="relatedParameters")
     def related_parameters(self) -> pulumi.Output[Sequence['outputs.OauthIntegrationForCustomClientsRelatedParameter']]:
         """
@@ -900,7 +899,7 @@ class OauthIntegrationForCustomClients(pulumi.CustomResource):
         """
         return pulumi.get(self, "related_parameters")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="showOutputs")
     def show_outputs(self) -> pulumi.Output[Sequence['outputs.OauthIntegrationForCustomClientsShowOutput']]:
         """