pulumi-snowflake 2.3.0a1753339260__py3-none-any.whl → 2.3.0a1753415140__py3-none-any.whl

pulumi_snowflake/saml2_integration.py

@@ -2,8 +2,7 @@
 # *** WARNING: this file was generated by pulumi-language-python. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
-import builtins
-import copy
+import builtins as _builtins
 import warnings
 import sys
 import pulumi
@@ -22,42 +21,42 @@ __all__ = ['Saml2IntegrationArgs', 'Saml2Integration']
 @pulumi.input_type
 class Saml2IntegrationArgs:
     def __init__(__self__, *,
-                 saml2_issuer: pulumi.Input[builtins.str],
-                 saml2_provider: pulumi.Input[builtins.str],
-                 saml2_sso_url: pulumi.Input[builtins.str],
-                 saml2_x509_cert: pulumi.Input[builtins.str],
-                 allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 enabled: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_enable_sp_initiated: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_force_authn: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_post_logout_redirect_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_requested_nameid_format: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sign_request: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_snowflake_acs_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_snowflake_issuer_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sp_initiated_login_page_label: Optional[pulumi.Input[builtins.str]] = None):
+                 saml2_issuer: pulumi.Input[_builtins.str],
+                 saml2_provider: pulumi.Input[_builtins.str],
+                 saml2_sso_url: pulumi.Input[_builtins.str],
+                 saml2_x509_cert: pulumi.Input[_builtins.str],
+                 allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_enable_sp_initiated: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_force_authn: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_post_logout_redirect_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_requested_nameid_format: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sign_request: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_snowflake_acs_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_snowflake_issuer_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sp_initiated_login_page_label: Optional[pulumi.Input[_builtins.str]] = None):
         """
         The set of arguments for constructing a Saml2Integration resource.
-        :param pulumi.Input[builtins.str] saml2_issuer: The string containing the IdP EntityID / Issuer.
-        :param pulumi.Input[builtins.str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
-        :param pulumi.Input[builtins.str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
-        :param pulumi.Input[builtins.str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_user_domains: A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the integration.
-        :param pulumi.Input[builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] name: Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[builtins.str] saml2_enable_sp_initiated: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_force_authn: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
-        :param pulumi.Input[builtins.str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
-        :param pulumi.Input[builtins.str] saml2_sign_request: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
-        :param pulumi.Input[builtins.str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
-        :param pulumi.Input[builtins.str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[_builtins.str] saml2_issuer: The string containing the IdP EntityID / Issuer.
+        :param pulumi.Input[_builtins.str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
+        :param pulumi.Input[_builtins.str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
+        :param pulumi.Input[_builtins.str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_user_domains: A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the integration.
+        :param pulumi.Input[_builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] saml2_enable_sp_initiated: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_force_authn: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
+        :param pulumi.Input[_builtins.str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
+        :param pulumi.Input[_builtins.str] saml2_sign_request: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[_builtins.str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[_builtins.str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         pulumi.set(__self__, "saml2_issuer", saml2_issuer)
         pulumi.set(__self__, "saml2_provider", saml2_provider)
@@ -90,255 +89,255 @@ class Saml2IntegrationArgs:
         if saml2_sp_initiated_login_page_label is not None:
             pulumi.set(__self__, "saml2_sp_initiated_login_page_label", saml2_sp_initiated_login_page_label)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2Issuer")
-    def saml2_issuer(self) -> pulumi.Input[builtins.str]:
+    def saml2_issuer(self) -> pulumi.Input[_builtins.str]:
         """
         The string containing the IdP EntityID / Issuer.
         """
         return pulumi.get(self, "saml2_issuer")
 
     @saml2_issuer.setter
-    def saml2_issuer(self, value: pulumi.Input[builtins.str]):
+    def saml2_issuer(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "saml2_issuer", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2Provider")
-    def saml2_provider(self) -> pulumi.Input[builtins.str]:
+    def saml2_provider(self) -> pulumi.Input[_builtins.str]:
         """
         The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
         """
         return pulumi.get(self, "saml2_provider")
 
     @saml2_provider.setter
-    def saml2_provider(self, value: pulumi.Input[builtins.str]):
+    def saml2_provider(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "saml2_provider", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SsoUrl")
-    def saml2_sso_url(self) -> pulumi.Input[builtins.str]:
+    def saml2_sso_url(self) -> pulumi.Input[_builtins.str]:
         """
         The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
         """
         return pulumi.get(self, "saml2_sso_url")
 
     @saml2_sso_url.setter
-    def saml2_sso_url(self, value: pulumi.Input[builtins.str]):
+    def saml2_sso_url(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "saml2_sso_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2X509Cert")
-    def saml2_x509_cert(self) -> pulumi.Input[builtins.str]:
+    def saml2_x509_cert(self) -> pulumi.Input[_builtins.str]:
         """
         The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
         """
         return pulumi.get(self, "saml2_x509_cert")
 
     @saml2_x509_cert.setter
-    def saml2_x509_cert(self, value: pulumi.Input[builtins.str]):
+    def saml2_x509_cert(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "saml2_x509_cert", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="allowedEmailPatterns")
-    def allowed_email_patterns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def allowed_email_patterns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "allowed_email_patterns")
 
     @allowed_email_patterns.setter
-    def allowed_email_patterns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def allowed_email_patterns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "allowed_email_patterns", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="allowedUserDomains")
-    def allowed_user_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def allowed_user_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "allowed_user_domains")
 
     @allowed_user_domains.setter
-    def allowed_user_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def allowed_user_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "allowed_user_domains", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> Optional[pulumi.Input[builtins.str]]:
+    def comment(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a comment for the integration.
         """
         return pulumi.get(self, "comment")
 
     @comment.setter
-    def comment(self, value: Optional[pulumi.Input[builtins.str]]):
+    def comment(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "comment", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[builtins.str]]:
+    def enabled(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[builtins.str]]):
+    def enabled(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "enabled", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "name", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2EnableSpInitiated")
-    def saml2_enable_sp_initiated(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_enable_sp_initiated(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_enable_sp_initiated")
 
     @saml2_enable_sp_initiated.setter
-    def saml2_enable_sp_initiated(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_enable_sp_initiated(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_enable_sp_initiated", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2ForceAuthn")
-    def saml2_force_authn(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_force_authn(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_force_authn")
 
     @saml2_force_authn.setter
-    def saml2_force_authn(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_force_authn(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_force_authn", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2PostLogoutRedirectUrl")
-    def saml2_post_logout_redirect_url(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_post_logout_redirect_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
         """
         return pulumi.get(self, "saml2_post_logout_redirect_url")
 
     @saml2_post_logout_redirect_url.setter
-    def saml2_post_logout_redirect_url(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_post_logout_redirect_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_post_logout_redirect_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2RequestedNameidFormat")
-    def saml2_requested_nameid_format(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_requested_nameid_format(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         """
         return pulumi.get(self, "saml2_requested_nameid_format")
 
     @saml2_requested_nameid_format.setter
-    def saml2_requested_nameid_format(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_requested_nameid_format(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_requested_nameid_format", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SignRequest")
-    def saml2_sign_request(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_sign_request(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_sign_request")
 
     @saml2_sign_request.setter
-    def saml2_sign_request(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_sign_request(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_sign_request", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SnowflakeAcsUrl")
-    def saml2_snowflake_acs_url(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_snowflake_acs_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_acs_url")
 
     @saml2_snowflake_acs_url.setter
-    def saml2_snowflake_acs_url(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_snowflake_acs_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_snowflake_acs_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SnowflakeIssuerUrl")
-    def saml2_snowflake_issuer_url(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_snowflake_issuer_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_issuer_url")
 
     @saml2_snowflake_issuer_url.setter
-    def saml2_snowflake_issuer_url(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_snowflake_issuer_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_snowflake_issuer_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SpInitiatedLoginPageLabel")
-    def saml2_sp_initiated_login_page_label(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_sp_initiated_login_page_label(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "saml2_sp_initiated_login_page_label")
 
     @saml2_sp_initiated_login_page_label.setter
-    def saml2_sp_initiated_login_page_label(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_sp_initiated_login_page_label(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_sp_initiated_login_page_label", value)
 
 
 @pulumi.input_type
 class _Saml2IntegrationState:
     def __init__(__self__, *,
-                 allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
+                 allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
                  describe_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['Saml2IntegrationDescribeOutputArgs']]]] = None,
-                 enabled: Optional[pulumi.Input[builtins.str]] = None,
-                 fully_qualified_name: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_enable_sp_initiated: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_force_authn: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_issuer: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_post_logout_redirect_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_provider: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_requested_nameid_format: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sign_request: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_snowflake_acs_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_snowflake_issuer_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sp_initiated_login_page_label: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sso_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_x509_cert: Optional[pulumi.Input[builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.str]] = None,
+                 fully_qualified_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_enable_sp_initiated: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_force_authn: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_issuer: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_post_logout_redirect_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_provider: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_requested_nameid_format: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sign_request: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_snowflake_acs_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_snowflake_issuer_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sp_initiated_login_page_label: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sso_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_x509_cert: Optional[pulumi.Input[_builtins.str]] = None,
                  show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['Saml2IntegrationShowOutputArgs']]]] = None):
         """
         Input properties used for looking up and filtering Saml2Integration resources.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_user_domains: A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the integration.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_user_domains: A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the integration.
         :param pulumi.Input[Sequence[pulumi.Input['Saml2IntegrationDescribeOutputArgs']]] describe_outputs: Outputs the result of `DESCRIBE SECURITY INTEGRATION` for the given integration.
-        :param pulumi.Input[builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
-        :param pulumi.Input[builtins.str] name: Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[builtins.str] saml2_enable_sp_initiated: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_force_authn: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_issuer: The string containing the IdP EntityID / Issuer.
-        :param pulumi.Input[builtins.str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
-        :param pulumi.Input[builtins.str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
-        :param pulumi.Input[builtins.str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
-        :param pulumi.Input[builtins.str] saml2_sign_request: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
-        :param pulumi.Input[builtins.str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
-        :param pulumi.Input[builtins.str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[builtins.str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
-        :param pulumi.Input[builtins.str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
+        :param pulumi.Input[_builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] saml2_enable_sp_initiated: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_force_authn: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_issuer: The string containing the IdP EntityID / Issuer.
+        :param pulumi.Input[_builtins.str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
+        :param pulumi.Input[_builtins.str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
+        :param pulumi.Input[_builtins.str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
+        :param pulumi.Input[_builtins.str] saml2_sign_request: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[_builtins.str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[_builtins.str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[_builtins.str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
+        :param pulumi.Input[_builtins.str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
         :param pulumi.Input[Sequence[pulumi.Input['Saml2IntegrationShowOutputArgs']]] show_outputs: Outputs the result of `SHOW SECURITY INTEGRATION` for the given integration.
         """
         if allowed_email_patterns is not None:
@@ -382,43 +381,43 @@ class _Saml2IntegrationState:
         if show_outputs is not None:
             pulumi.set(__self__, "show_outputs", show_outputs)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="allowedEmailPatterns")
-    def allowed_email_patterns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def allowed_email_patterns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "allowed_email_patterns")
 
     @allowed_email_patterns.setter
-    def allowed_email_patterns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def allowed_email_patterns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "allowed_email_patterns", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="allowedUserDomains")
-    def allowed_user_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def allowed_user_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "allowed_user_domains")
 
     @allowed_user_domains.setter
-    def allowed_user_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def allowed_user_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "allowed_user_domains", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> Optional[pulumi.Input[builtins.str]]:
+    def comment(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a comment for the integration.
         """
         return pulumi.get(self, "comment")
 
     @comment.setter
-    def comment(self, value: Optional[pulumi.Input[builtins.str]]):
+    def comment(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "comment", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="describeOutputs")
     def describe_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['Saml2IntegrationDescribeOutputArgs']]]]:
         """
@@ -430,187 +429,187 @@ class _Saml2IntegrationState:
     def describe_outputs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Saml2IntegrationDescribeOutputArgs']]]]):
         pulumi.set(self, "describe_outputs", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[builtins.str]]:
+    def enabled(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[builtins.str]]):
+    def enabled(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "enabled", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="fullyQualifiedName")
-    def fully_qualified_name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def fully_qualified_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         """
         return pulumi.get(self, "fully_qualified_name")
 
     @fully_qualified_name.setter
-    def fully_qualified_name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def fully_qualified_name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "fully_qualified_name", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "name", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2EnableSpInitiated")
-    def saml2_enable_sp_initiated(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_enable_sp_initiated(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_enable_sp_initiated")
 
     @saml2_enable_sp_initiated.setter
-    def saml2_enable_sp_initiated(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_enable_sp_initiated(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_enable_sp_initiated", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2ForceAuthn")
-    def saml2_force_authn(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_force_authn(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_force_authn")
 
     @saml2_force_authn.setter
-    def saml2_force_authn(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_force_authn(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_force_authn", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2Issuer")
-    def saml2_issuer(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_issuer(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string containing the IdP EntityID / Issuer.
         """
         return pulumi.get(self, "saml2_issuer")
 
     @saml2_issuer.setter
-    def saml2_issuer(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_issuer(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_issuer", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2PostLogoutRedirectUrl")
-    def saml2_post_logout_redirect_url(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_post_logout_redirect_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
         """
         return pulumi.get(self, "saml2_post_logout_redirect_url")
 
     @saml2_post_logout_redirect_url.setter
-    def saml2_post_logout_redirect_url(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_post_logout_redirect_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_post_logout_redirect_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2Provider")
-    def saml2_provider(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_provider(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
         """
         return pulumi.get(self, "saml2_provider")
 
     @saml2_provider.setter
-    def saml2_provider(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_provider(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_provider", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2RequestedNameidFormat")
-    def saml2_requested_nameid_format(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_requested_nameid_format(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         """
         return pulumi.get(self, "saml2_requested_nameid_format")
 
     @saml2_requested_nameid_format.setter
-    def saml2_requested_nameid_format(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_requested_nameid_format(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_requested_nameid_format", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SignRequest")
-    def saml2_sign_request(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_sign_request(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_sign_request")
 
     @saml2_sign_request.setter
-    def saml2_sign_request(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_sign_request(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_sign_request", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SnowflakeAcsUrl")
-    def saml2_snowflake_acs_url(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_snowflake_acs_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_acs_url")
 
     @saml2_snowflake_acs_url.setter
-    def saml2_snowflake_acs_url(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_snowflake_acs_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_snowflake_acs_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SnowflakeIssuerUrl")
-    def saml2_snowflake_issuer_url(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_snowflake_issuer_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_issuer_url")
 
     @saml2_snowflake_issuer_url.setter
-    def saml2_snowflake_issuer_url(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_snowflake_issuer_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_snowflake_issuer_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SpInitiatedLoginPageLabel")
-    def saml2_sp_initiated_login_page_label(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_sp_initiated_login_page_label(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "saml2_sp_initiated_login_page_label")
 
     @saml2_sp_initiated_login_page_label.setter
-    def saml2_sp_initiated_login_page_label(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_sp_initiated_login_page_label(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_sp_initiated_login_page_label", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SsoUrl")
-    def saml2_sso_url(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_sso_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
         """
         return pulumi.get(self, "saml2_sso_url")
 
     @saml2_sso_url.setter
-    def saml2_sso_url(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_sso_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_sso_url", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2X509Cert")
-    def saml2_x509_cert(self) -> Optional[pulumi.Input[builtins.str]]:
+    def saml2_x509_cert(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
         """
         return pulumi.get(self, "saml2_x509_cert")
 
     @saml2_x509_cert.setter
-    def saml2_x509_cert(self, value: Optional[pulumi.Input[builtins.str]]):
+    def saml2_x509_cert(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "saml2_x509_cert", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="showOutputs")
     def show_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['Saml2IntegrationShowOutputArgs']]]]:
         """
@@ -629,23 +628,23 @@ class Saml2Integration(pulumi.CustomResource):
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 enabled: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_enable_sp_initiated: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_force_authn: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_issuer: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_post_logout_redirect_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_provider: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_requested_nameid_format: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sign_request: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_snowflake_acs_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_snowflake_issuer_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sp_initiated_login_page_label: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sso_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_x509_cert: Optional[pulumi.Input[builtins.str]] = None,
+                 allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_enable_sp_initiated: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_force_authn: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_issuer: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_post_logout_redirect_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_provider: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_requested_nameid_format: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sign_request: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_snowflake_acs_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_snowflake_issuer_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sp_initiated_login_page_label: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sso_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_x509_cert: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         """
         ## Import
@@ -656,23 +655,23 @@ class Saml2Integration(pulumi.CustomResource):
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_user_domains: A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the integration.
-        :param pulumi.Input[builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] name: Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[builtins.str] saml2_enable_sp_initiated: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_force_authn: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_issuer: The string containing the IdP EntityID / Issuer.
-        :param pulumi.Input[builtins.str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
-        :param pulumi.Input[builtins.str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
-        :param pulumi.Input[builtins.str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
-        :param pulumi.Input[builtins.str] saml2_sign_request: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
-        :param pulumi.Input[builtins.str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
-        :param pulumi.Input[builtins.str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[builtins.str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
-        :param pulumi.Input[builtins.str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_user_domains: A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the integration.
+        :param pulumi.Input[_builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] saml2_enable_sp_initiated: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_force_authn: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_issuer: The string containing the IdP EntityID / Issuer.
+        :param pulumi.Input[_builtins.str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
+        :param pulumi.Input[_builtins.str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
+        :param pulumi.Input[_builtins.str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
+        :param pulumi.Input[_builtins.str] saml2_sign_request: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[_builtins.str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[_builtins.str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[_builtins.str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
+        :param pulumi.Input[_builtins.str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
         """
         ...
     @overload
@@ -702,23 +701,23 @@ class Saml2Integration(pulumi.CustomResource):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 enabled: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_enable_sp_initiated: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_force_authn: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_issuer: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_post_logout_redirect_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_provider: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_requested_nameid_format: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sign_request: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_snowflake_acs_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_snowflake_issuer_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sp_initiated_login_page_label: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_sso_url: Optional[pulumi.Input[builtins.str]] = None,
-                 saml2_x509_cert: Optional[pulumi.Input[builtins.str]] = None,
+                 allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_enable_sp_initiated: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_force_authn: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_issuer: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_post_logout_redirect_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_provider: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_requested_nameid_format: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sign_request: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_snowflake_acs_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_snowflake_issuer_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sp_initiated_login_page_label: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_sso_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 saml2_x509_cert: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -768,25 +767,25 @@ class Saml2Integration(pulumi.CustomResource):
     def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
-            allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-            allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-            comment: Optional[pulumi.Input[builtins.str]] = None,
+            allowed_email_patterns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            allowed_user_domains: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            comment: Optional[pulumi.Input[_builtins.str]] = None,
             describe_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['Saml2IntegrationDescribeOutputArgs', 'Saml2IntegrationDescribeOutputArgsDict']]]]] = None,
-            enabled: Optional[pulumi.Input[builtins.str]] = None,
-            fully_qualified_name: Optional[pulumi.Input[builtins.str]] = None,
-            name: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_enable_sp_initiated: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_force_authn: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_issuer: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_post_logout_redirect_url: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_provider: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_requested_nameid_format: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_sign_request: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_snowflake_acs_url: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_snowflake_issuer_url: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_sp_initiated_login_page_label: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_sso_url: Optional[pulumi.Input[builtins.str]] = None,
-            saml2_x509_cert: Optional[pulumi.Input[builtins.str]] = None,
+            enabled: Optional[pulumi.Input[_builtins.str]] = None,
+            fully_qualified_name: Optional[pulumi.Input[_builtins.str]] = None,
+            name: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_enable_sp_initiated: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_force_authn: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_issuer: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_post_logout_redirect_url: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_provider: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_requested_nameid_format: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_sign_request: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_snowflake_acs_url: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_snowflake_issuer_url: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_sp_initiated_login_page_label: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_sso_url: Optional[pulumi.Input[_builtins.str]] = None,
+            saml2_x509_cert: Optional[pulumi.Input[_builtins.str]] = None,
             show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['Saml2IntegrationShowOutputArgs', 'Saml2IntegrationShowOutputArgsDict']]]]] = None) -> 'Saml2Integration':
         """
         Get an existing Saml2Integration resource's state with the given name, id, and optional extra
@@ -795,25 +794,25 @@ class Saml2Integration(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_user_domains: A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the integration.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_email_patterns: A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_user_domains: A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the integration.
         :param pulumi.Input[Sequence[pulumi.Input[Union['Saml2IntegrationDescribeOutputArgs', 'Saml2IntegrationDescribeOutputArgsDict']]]] describe_outputs: Outputs the result of `DESCRIBE SECURITY INTEGRATION` for the given integration.
-        :param pulumi.Input[builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
-        :param pulumi.Input[builtins.str] name: Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
-        :param pulumi.Input[builtins.str] saml2_enable_sp_initiated: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_force_authn: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_issuer: The string containing the IdP EntityID / Issuer.
-        :param pulumi.Input[builtins.str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
-        :param pulumi.Input[builtins.str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
-        :param pulumi.Input[builtins.str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
-        :param pulumi.Input[builtins.str] saml2_sign_request: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
-        :param pulumi.Input[builtins.str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
-        :param pulumi.Input[builtins.str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
-        :param pulumi.Input[builtins.str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
-        :param pulumi.Input[builtins.str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
-        :param pulumi.Input[builtins.str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
+        :param pulumi.Input[_builtins.str] enabled: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] saml2_enable_sp_initiated: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_force_authn: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_issuer: The string containing the IdP EntityID / Issuer.
+        :param pulumi.Input[_builtins.str] saml2_post_logout_redirect_url: The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
+        :param pulumi.Input[_builtins.str] saml2_provider: The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
+        :param pulumi.Input[_builtins.str] saml2_requested_nameid_format: The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
+        :param pulumi.Input[_builtins.str] saml2_sign_request: (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
+        :param pulumi.Input[_builtins.str] saml2_snowflake_acs_url: The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[_builtins.str] saml2_snowflake_issuer_url: The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
+        :param pulumi.Input[_builtins.str] saml2_sp_initiated_login_page_label: The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
+        :param pulumi.Input[_builtins.str] saml2_sso_url: The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
+        :param pulumi.Input[_builtins.str] saml2_x509_cert: The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
         :param pulumi.Input[Sequence[pulumi.Input[Union['Saml2IntegrationShowOutputArgs', 'Saml2IntegrationShowOutputArgsDict']]]] show_outputs: Outputs the result of `SHOW SECURITY INTEGRATION` for the given integration.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -842,31 +841,31 @@ class Saml2Integration(pulumi.CustomResource):
         __props__.__dict__["show_outputs"] = show_outputs
         return Saml2Integration(resource_name, opts=opts, __props__=__props__)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="allowedEmailPatterns")
-    def allowed_email_patterns(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+    def allowed_email_patterns(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
         A list of regular expressions that email addresses are matched against to authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "allowed_email_patterns")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="allowedUserDomains")
-    def allowed_user_domains(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+    def allowed_user_domains(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
         A list of email domains that can authenticate with a SAML2 security integration. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "allowed_user_domains")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> pulumi.Output[Optional[builtins.str]]:
+    def comment(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies a comment for the integration.
         """
         return pulumi.get(self, "comment")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="describeOutputs")
     def describe_outputs(self) -> pulumi.Output[Sequence['outputs.Saml2IntegrationDescribeOutput']]:
         """
@@ -874,127 +873,127 @@ class Saml2Integration(pulumi.CustomResource):
         """
         return pulumi.get(self, "describe_outputs")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> pulumi.Output[Optional[builtins.str]]:
+    def enabled(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) Specifies whether this security integration is enabled or disabled. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "enabled")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="fullyQualifiedName")
-    def fully_qualified_name(self) -> pulumi.Output[builtins.str]:
+    def fully_qualified_name(self) -> pulumi.Output[_builtins.str]:
         """
         Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         """
         return pulumi.get(self, "fully_qualified_name")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> pulumi.Output[builtins.str]:
+    def name(self) -> pulumi.Output[_builtins.str]:
         """
         Specifies the name of the SAML2 integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2EnableSpInitiated")
-    def saml2_enable_sp_initiated(self) -> pulumi.Output[Optional[builtins.str]]:
+    def saml2_enable_sp_initiated(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating if the Log In With button will be shown on the login page. TRUE: displays the Log in With button on the login page. FALSE: does not display the Log in With button on the login page. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_enable_sp_initiated")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2ForceAuthn")
-    def saml2_force_authn(self) -> pulumi.Output[Optional[builtins.str]]:
+    def saml2_force_authn(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether users, during the initial authentication flow, are forced to authenticate again to access Snowflake. When set to TRUE, Snowflake sets the ForceAuthn SAML parameter to TRUE in the outgoing request from Snowflake to the identity provider. TRUE: forces users to authenticate again to access Snowflake, even if a valid session with the identity provider exists. FALSE: does not force users to authenticate again to access Snowflake. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_force_authn")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2Issuer")
-    def saml2_issuer(self) -> pulumi.Output[builtins.str]:
+    def saml2_issuer(self) -> pulumi.Output[_builtins.str]:
         """
         The string containing the IdP EntityID / Issuer.
         """
         return pulumi.get(self, "saml2_issuer")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2PostLogoutRedirectUrl")
-    def saml2_post_logout_redirect_url(self) -> pulumi.Output[Optional[builtins.str]]:
+    def saml2_post_logout_redirect_url(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The endpoint to which Snowflake redirects users after clicking the Log Out button in the classic Snowflake web interface. Snowflake terminates the Snowflake session upon redirecting to the specified endpoint.
         """
         return pulumi.get(self, "saml2_post_logout_redirect_url")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2Provider")
-    def saml2_provider(self) -> pulumi.Output[builtins.str]:
+    def saml2_provider(self) -> pulumi.Output[_builtins.str]:
         """
         The string describing the IdP. Valid options are: `OKTA` | `ADFS` | `CUSTOM`.
         """
         return pulumi.get(self, "saml2_provider")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2RequestedNameidFormat")
-    def saml2_requested_nameid_format(self) -> pulumi.Output[Optional[builtins.str]]:
+    def saml2_requested_nameid_format(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The SAML NameID format allows Snowflake to set an expectation of the identifying attribute of the user (i.e. SAML Subject) in the SAML assertion from the IdP to ensure a valid authentication to Snowflake. Valid options are: `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified` | `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` | `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` | `urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName` | `urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos` | `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` | `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`.
         """
         return pulumi.get(self, "saml2_requested_nameid_format")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SignRequest")
-    def saml2_sign_request(self) -> pulumi.Output[Optional[builtins.str]]:
+    def saml2_sign_request(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (`default`)) The Boolean indicating whether SAML requests are signed. TRUE: allows SAML requests to be signed. FALSE: does not allow SAML requests to be signed. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value.
         """
         return pulumi.get(self, "saml2_sign_request")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SnowflakeAcsUrl")
-    def saml2_snowflake_acs_url(self) -> pulumi.Output[Optional[builtins.str]]:
+    def saml2_snowflake_acs_url(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The string containing the Snowflake Assertion Consumer Service URL to which the IdP will send its SAML authentication response back to Snowflake. This property will be set in the SAML authentication request generated by Snowflake when initiating a SAML SSO operation with the IdP. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_acs_url")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SnowflakeIssuerUrl")
-    def saml2_snowflake_issuer_url(self) -> pulumi.Output[Optional[builtins.str]]:
+    def saml2_snowflake_issuer_url(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The string containing the EntityID / Issuer for the Snowflake service provider. If an incorrect value is specified, Snowflake returns an error message indicating the acceptable values to use. Because Okta does not support underscores in URLs, the underscore in the account name must be converted to a hyphen. See [docs](https://docs.snowflake.com/en/user-guide/organizations-connect#okta-urls).
         """
         return pulumi.get(self, "saml2_snowflake_issuer_url")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SpInitiatedLoginPageLabel")
-    def saml2_sp_initiated_login_page_label(self) -> pulumi.Output[Optional[builtins.str]]:
+    def saml2_sp_initiated_login_page_label(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The string containing the label to display after the Log In With button on the login page. If this field changes value from non-empty to empty, the whole resource is recreated because of Snowflake limitations.
         """
         return pulumi.get(self, "saml2_sp_initiated_login_page_label")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2SsoUrl")
-    def saml2_sso_url(self) -> pulumi.Output[builtins.str]:
+    def saml2_sso_url(self) -> pulumi.Output[_builtins.str]:
         """
         The string containing the IdP SSO URL, where the user should be redirected by Snowflake (the Service Provider) with a SAML AuthnRequest message.
         """
         return pulumi.get(self, "saml2_sso_url")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="saml2X509Cert")
-    def saml2_x509_cert(self) -> pulumi.Output[builtins.str]:
+    def saml2_x509_cert(self) -> pulumi.Output[_builtins.str]:
         """
         The Base64 encoded IdP signing certificate on a single line without the leading -----BEGIN CERTIFICATE----- and ending -----END CERTIFICATE----- markers.
         """
         return pulumi.get(self, "saml2_x509_cert")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="showOutputs")
     def show_outputs(self) -> pulumi.Output[Sequence['outputs.Saml2IntegrationShowOutput']]:
         """