Docs
PackagesSnowflake v0.55.0 published on Friday, Jun 7, 2024 by Pulumi
snowflake.GrantPrivilegesToRole
Explore with Pulumi AI
Deprecation This resource is deprecated and will be removed in a future major version release. Please use snowflake.GrantPrivilegesToAccountRole instead.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as snowflake from "@pulumi/snowflake";
//#################################
//## global privileges
//#################################
// list of privileges
const g1 = new snowflake.GrantPrivilegesToRole("g1", {
privileges: [
"MODIFY",
"USAGE",
],
roleName: r.name,
onAccount: true,
});
// all privileges + grant option
const g2 = new snowflake.GrantPrivilegesToRole("g2", {
roleName: r.name,
onAccount: true,
allPrivileges: true,
withGrantOption: true,
});
//#################################
//## account object privileges
//#################################
// list of privileges
const g3 = new snowflake.GrantPrivilegesToRole("g3", {
privileges: [
"CREATE",
"MONITOR",
],
roleName: r.name,
onAccountObject: {
objectType: "DATABASE",
objectName: d.name,
},
});
// all privileges + grant option
const g4 = new snowflake.GrantPrivilegesToRole("g4", {
roleName: r.name,
onAccountObject: {
objectType: "DATABASE",
objectName: d.name,
},
allPrivileges: true,
withGrantOption: true,
});
//#################################
//## schema privileges
//#################################
// list of privileges
const g5 = new snowflake.GrantPrivilegesToRole("g5", {
privileges: [
"MODIFY",
"CREATE TABLE",
],
roleName: r.name,
onSchema: {
schemaName: "\"my_db\".\"my_schema\"",
},
});
// all privileges + grant option
const g6 = new snowflake.GrantPrivilegesToRole("g6", {
roleName: r.name,
onSchema: {
schemaName: "\"my_db\".\"my_schema\"",
},
allPrivileges: true,
withGrantOption: true,
});
// all schemas in database
const g7 = new snowflake.GrantPrivilegesToRole("g7", {
privileges: [
"MODIFY",
"CREATE TABLE",
],
roleName: r.name,
onSchema: {
allSchemasInDatabase: d.name,
},
});
// future schemas in database
const g8 = new snowflake.GrantPrivilegesToRole("g8", {
privileges: [
"MODIFY",
"CREATE TABLE",
],
roleName: r.name,
onSchema: {
futureSchemasInDatabase: d.name,
},
});
//#################################
//## schema object privileges
//#################################
// list of privileges
const g9 = new snowflake.GrantPrivilegesToRole("g9", {
privileges: [
"SELECT",
"REFERENCES",
],
roleName: r.name,
onSchemaObject: {
objectType: "VIEW",
objectName: "\"my_db\".\"my_schema\".\"my_view\"",
},
});
// all privileges + grant option
const g10 = new snowflake.GrantPrivilegesToRole("g10", {
roleName: r.name,
onSchemaObject: {
objectType: "VIEW",
objectName: "\"my_db\".\"my_schema\".\"my_view\"",
},
allPrivileges: true,
withGrantOption: true,
});
// all in database
const g11 = new snowflake.GrantPrivilegesToRole("g11", {
privileges: [
"SELECT",
"INSERT",
],
roleName: r.name,
onSchemaObject: {
all: {
objectTypePlural: "TABLES",
inDatabase: d.name,
},
},
});
// all in schema
const g12 = new snowflake.GrantPrivilegesToRole("g12", {
privileges: [
"SELECT",
"INSERT",
],
roleName: r.name,
onSchemaObject: {
all: {
objectTypePlural: "TABLES",
inSchema: "\"my_db\".\"my_schema\"",
},
},
});
// future in database
const g13 = new snowflake.GrantPrivilegesToRole("g13", {
privileges: [
"SELECT",
"INSERT",
],
roleName: r.name,
onSchemaObject: {
future: {
objectTypePlural: "TABLES",
inDatabase: d.name,
},
},
});
// future in schema
const g14 = new snowflake.GrantPrivilegesToRole("g14", {
privileges: [
"SELECT",
"INSERT",
],
roleName: r.name,
onSchemaObject: {
future: {
objectTypePlural: "TABLES",
inSchema: "\"my_db\".\"my_schema\"",
},
},
});
import pulumi
import pulumi_snowflake as snowflake
##################################
### global privileges
##################################
# list of privileges
g1 = snowflake.GrantPrivilegesToRole("g1",
privileges=[
"MODIFY",
"USAGE",
],
role_name=r["name"],
on_account=True)
# all privileges + grant option
g2 = snowflake.GrantPrivilegesToRole("g2",
role_name=r["name"],
on_account=True,
all_privileges=True,
with_grant_option=True)
##################################
### account object privileges
##################################
# list of privileges
g3 = snowflake.GrantPrivilegesToRole("g3",
privileges=[
"CREATE",
"MONITOR",
],
role_name=r["name"],
on_account_object=snowflake.GrantPrivilegesToRoleOnAccountObjectArgs(
object_type="DATABASE",
object_name=d["name"],
))
# all privileges + grant option
g4 = snowflake.GrantPrivilegesToRole("g4",
role_name=r["name"],
on_account_object=snowflake.GrantPrivilegesToRoleOnAccountObjectArgs(
object_type="DATABASE",
object_name=d["name"],
),
all_privileges=True,
with_grant_option=True)
##################################
### schema privileges
##################################
# list of privileges
g5 = snowflake.GrantPrivilegesToRole("g5",
privileges=[
"MODIFY",
"CREATE TABLE",
],
role_name=r["name"],
on_schema=snowflake.GrantPrivilegesToRoleOnSchemaArgs(
schema_name="\"my_db\".\"my_schema\"",
))
# all privileges + grant option
g6 = snowflake.GrantPrivilegesToRole("g6",
role_name=r["name"],
on_schema=snowflake.GrantPrivilegesToRoleOnSchemaArgs(
schema_name="\"my_db\".\"my_schema\"",
),
all_privileges=True,
with_grant_option=True)
# all schemas in database
g7 = snowflake.GrantPrivilegesToRole("g7",
privileges=[
"MODIFY",
"CREATE TABLE",
],
role_name=r["name"],
on_schema=snowflake.GrantPrivilegesToRoleOnSchemaArgs(
all_schemas_in_database=d["name"],
))
# future schemas in database
g8 = snowflake.GrantPrivilegesToRole("g8",
privileges=[
"MODIFY",
"CREATE TABLE",
],
role_name=r["name"],
on_schema=snowflake.GrantPrivilegesToRoleOnSchemaArgs(
future_schemas_in_database=d["name"],
))
##################################
### schema object privileges
##################################
# list of privileges
g9 = snowflake.GrantPrivilegesToRole("g9",
privileges=[
"SELECT",
"REFERENCES",
],
role_name=r["name"],
on_schema_object=snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs(
object_type="VIEW",
object_name="\"my_db\".\"my_schema\".\"my_view\"",
))
# all privileges + grant option
g10 = snowflake.GrantPrivilegesToRole("g10",
role_name=r["name"],
on_schema_object=snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs(
object_type="VIEW",
object_name="\"my_db\".\"my_schema\".\"my_view\"",
),
all_privileges=True,
with_grant_option=True)
# all in database
g11 = snowflake.GrantPrivilegesToRole("g11",
privileges=[
"SELECT",
"INSERT",
],
role_name=r["name"],
on_schema_object=snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs(
all=snowflake.GrantPrivilegesToRoleOnSchemaObjectAllArgs(
object_type_plural="TABLES",
in_database=d["name"],
),
))
# all in schema
g12 = snowflake.GrantPrivilegesToRole("g12",
privileges=[
"SELECT",
"INSERT",
],
role_name=r["name"],
on_schema_object=snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs(
all=snowflake.GrantPrivilegesToRoleOnSchemaObjectAllArgs(
object_type_plural="TABLES",
in_schema="\"my_db\".\"my_schema\"",
),
))
# future in database
g13 = snowflake.GrantPrivilegesToRole("g13",
privileges=[
"SELECT",
"INSERT",
],
role_name=r["name"],
on_schema_object=snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs(
future=snowflake.GrantPrivilegesToRoleOnSchemaObjectFutureArgs(
object_type_plural="TABLES",
in_database=d["name"],
),
))
# future in schema
g14 = snowflake.GrantPrivilegesToRole("g14",
privileges=[
"SELECT",
"INSERT",
],
role_name=r["name"],
on_schema_object=snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs(
future=snowflake.GrantPrivilegesToRoleOnSchemaObjectFutureArgs(
object_type_plural="TABLES",
in_schema="\"my_db\".\"my_schema\"",
),
))
package main
import (
"github.com/pulumi/pulumi-snowflake/sdk/go/snowflake"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// #################################
// ## global privileges
// #################################
// list of privileges
_, err := snowflake.NewGrantPrivilegesToRole(ctx, "g1", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("MODIFY"),
pulumi.String("USAGE"),
},
RoleName: pulumi.Any(r.Name),
OnAccount: pulumi.Bool(true),
})
if err != nil {
return err
}
// all privileges + grant option
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g2", &snowflake.GrantPrivilegesToRoleArgs{
RoleName: pulumi.Any(r.Name),
OnAccount: pulumi.Bool(true),
AllPrivileges: pulumi.Bool(true),
WithGrantOption: pulumi.Bool(true),
})
if err != nil {
return err
}
// list of privileges
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g3", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("CREATE"),
pulumi.String("MONITOR"),
},
RoleName: pulumi.Any(r.Name),
OnAccountObject: &snowflake.GrantPrivilegesToRoleOnAccountObjectArgs{
ObjectType: pulumi.String("DATABASE"),
ObjectName: pulumi.Any(d.Name),
},
})
if err != nil {
return err
}
// all privileges + grant option
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g4", &snowflake.GrantPrivilegesToRoleArgs{
RoleName: pulumi.Any(r.Name),
OnAccountObject: &snowflake.GrantPrivilegesToRoleOnAccountObjectArgs{
ObjectType: pulumi.String("DATABASE"),
ObjectName: pulumi.Any(d.Name),
},
AllPrivileges: pulumi.Bool(true),
WithGrantOption: pulumi.Bool(true),
})
if err != nil {
return err
}
// list of privileges
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g5", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("MODIFY"),
pulumi.String("CREATE TABLE"),
},
RoleName: pulumi.Any(r.Name),
OnSchema: &snowflake.GrantPrivilegesToRoleOnSchemaArgs{
SchemaName: pulumi.String("\"my_db\".\"my_schema\""),
},
})
if err != nil {
return err
}
// all privileges + grant option
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g6", &snowflake.GrantPrivilegesToRoleArgs{
RoleName: pulumi.Any(r.Name),
OnSchema: &snowflake.GrantPrivilegesToRoleOnSchemaArgs{
SchemaName: pulumi.String("\"my_db\".\"my_schema\""),
},
AllPrivileges: pulumi.Bool(true),
WithGrantOption: pulumi.Bool(true),
})
if err != nil {
return err
}
// all schemas in database
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g7", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("MODIFY"),
pulumi.String("CREATE TABLE"),
},
RoleName: pulumi.Any(r.Name),
OnSchema: &snowflake.GrantPrivilegesToRoleOnSchemaArgs{
AllSchemasInDatabase: pulumi.Any(d.Name),
},
})
if err != nil {
return err
}
// future schemas in database
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g8", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("MODIFY"),
pulumi.String("CREATE TABLE"),
},
RoleName: pulumi.Any(r.Name),
OnSchema: &snowflake.GrantPrivilegesToRoleOnSchemaArgs{
FutureSchemasInDatabase: pulumi.Any(d.Name),
},
})
if err != nil {
return err
}
// list of privileges
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g9", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("REFERENCES"),
},
RoleName: pulumi.Any(r.Name),
OnSchemaObject: &snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs{
ObjectType: pulumi.String("VIEW"),
ObjectName: pulumi.String("\"my_db\".\"my_schema\".\"my_view\""),
},
})
if err != nil {
return err
}
// all privileges + grant option
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g10", &snowflake.GrantPrivilegesToRoleArgs{
RoleName: pulumi.Any(r.Name),
OnSchemaObject: &snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs{
ObjectType: pulumi.String("VIEW"),
ObjectName: pulumi.String("\"my_db\".\"my_schema\".\"my_view\""),
},
AllPrivileges: pulumi.Bool(true),
WithGrantOption: pulumi.Bool(true),
})
if err != nil {
return err
}
// all in database
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g11", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("INSERT"),
},
RoleName: pulumi.Any(r.Name),
OnSchemaObject: &snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs{
All: &snowflake.GrantPrivilegesToRoleOnSchemaObjectAllArgs{
ObjectTypePlural: pulumi.String("TABLES"),
InDatabase: pulumi.Any(d.Name),
},
},
})
if err != nil {
return err
}
// all in schema
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g12", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("INSERT"),
},
RoleName: pulumi.Any(r.Name),
OnSchemaObject: &snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs{
All: &snowflake.GrantPrivilegesToRoleOnSchemaObjectAllArgs{
ObjectTypePlural: pulumi.String("TABLES"),
InSchema: pulumi.String("\"my_db\".\"my_schema\""),
},
},
})
if err != nil {
return err
}
// future in database
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g13", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("INSERT"),
},
RoleName: pulumi.Any(r.Name),
OnSchemaObject: &snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs{
Future: &snowflake.GrantPrivilegesToRoleOnSchemaObjectFutureArgs{
ObjectTypePlural: pulumi.String("TABLES"),
InDatabase: pulumi.Any(d.Name),
},
},
})
if err != nil {
return err
}
// future in schema
_, err = snowflake.NewGrantPrivilegesToRole(ctx, "g14", &snowflake.GrantPrivilegesToRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("INSERT"),
},
RoleName: pulumi.Any(r.Name),
OnSchemaObject: &snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs{
Future: &snowflake.GrantPrivilegesToRoleOnSchemaObjectFutureArgs{
ObjectTypePlural: pulumi.String("TABLES"),
InSchema: pulumi.String("\"my_db\".\"my_schema\""),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Snowflake = Pulumi.Snowflake;
return await Deployment.RunAsync(() =>
{
//#################################
//## global privileges
//#################################
// list of privileges
var g1 = new Snowflake.GrantPrivilegesToRole("g1", new()
{
Privileges = new[]
{
"MODIFY",
"USAGE",
},
RoleName = r.Name,
OnAccount = true,
});
// all privileges + grant option
var g2 = new Snowflake.GrantPrivilegesToRole("g2", new()
{
RoleName = r.Name,
OnAccount = true,
AllPrivileges = true,
WithGrantOption = true,
});
//#################################
//## account object privileges
//#################################
// list of privileges
var g3 = new Snowflake.GrantPrivilegesToRole("g3", new()
{
Privileges = new[]
{
"CREATE",
"MONITOR",
},
RoleName = r.Name,
OnAccountObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnAccountObjectArgs
{
ObjectType = "DATABASE",
ObjectName = d.Name,
},
});
// all privileges + grant option
var g4 = new Snowflake.GrantPrivilegesToRole("g4", new()
{
RoleName = r.Name,
OnAccountObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnAccountObjectArgs
{
ObjectType = "DATABASE",
ObjectName = d.Name,
},
AllPrivileges = true,
WithGrantOption = true,
});
//#################################
//## schema privileges
//#################################
// list of privileges
var g5 = new Snowflake.GrantPrivilegesToRole("g5", new()
{
Privileges = new[]
{
"MODIFY",
"CREATE TABLE",
},
RoleName = r.Name,
OnSchema = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaArgs
{
SchemaName = "\"my_db\".\"my_schema\"",
},
});
// all privileges + grant option
var g6 = new Snowflake.GrantPrivilegesToRole("g6", new()
{
RoleName = r.Name,
OnSchema = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaArgs
{
SchemaName = "\"my_db\".\"my_schema\"",
},
AllPrivileges = true,
WithGrantOption = true,
});
// all schemas in database
var g7 = new Snowflake.GrantPrivilegesToRole("g7", new()
{
Privileges = new[]
{
"MODIFY",
"CREATE TABLE",
},
RoleName = r.Name,
OnSchema = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaArgs
{
AllSchemasInDatabase = d.Name,
},
});
// future schemas in database
var g8 = new Snowflake.GrantPrivilegesToRole("g8", new()
{
Privileges = new[]
{
"MODIFY",
"CREATE TABLE",
},
RoleName = r.Name,
OnSchema = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaArgs
{
FutureSchemasInDatabase = d.Name,
},
});
//#################################
//## schema object privileges
//#################################
// list of privileges
var g9 = new Snowflake.GrantPrivilegesToRole("g9", new()
{
Privileges = new[]
{
"SELECT",
"REFERENCES",
},
RoleName = r.Name,
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectArgs
{
ObjectType = "VIEW",
ObjectName = "\"my_db\".\"my_schema\".\"my_view\"",
},
});
// all privileges + grant option
var g10 = new Snowflake.GrantPrivilegesToRole("g10", new()
{
RoleName = r.Name,
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectArgs
{
ObjectType = "VIEW",
ObjectName = "\"my_db\".\"my_schema\".\"my_view\"",
},
AllPrivileges = true,
WithGrantOption = true,
});
// all in database
var g11 = new Snowflake.GrantPrivilegesToRole("g11", new()
{
Privileges = new[]
{
"SELECT",
"INSERT",
},
RoleName = r.Name,
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectArgs
{
All = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectAllArgs
{
ObjectTypePlural = "TABLES",
InDatabase = d.Name,
},
},
});
// all in schema
var g12 = new Snowflake.GrantPrivilegesToRole("g12", new()
{
Privileges = new[]
{
"SELECT",
"INSERT",
},
RoleName = r.Name,
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectArgs
{
All = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectAllArgs
{
ObjectTypePlural = "TABLES",
InSchema = "\"my_db\".\"my_schema\"",
},
},
});
// future in database
var g13 = new Snowflake.GrantPrivilegesToRole("g13", new()
{
Privileges = new[]
{
"SELECT",
"INSERT",
},
RoleName = r.Name,
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectArgs
{
Future = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectFutureArgs
{
ObjectTypePlural = "TABLES",
InDatabase = d.Name,
},
},
});
// future in schema
var g14 = new Snowflake.GrantPrivilegesToRole("g14", new()
{
Privileges = new[]
{
"SELECT",
"INSERT",
},
RoleName = r.Name,
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectArgs
{
Future = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectFutureArgs
{
ObjectTypePlural = "TABLES",
InSchema = "\"my_db\".\"my_schema\"",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.snowflake.GrantPrivilegesToRole;
import com.pulumi.snowflake.GrantPrivilegesToRoleArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToRoleOnAccountObjectArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToRoleOnSchemaArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToRoleOnSchemaObjectArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToRoleOnSchemaObjectAllArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToRoleOnSchemaObjectFutureArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
//#################################
//## global privileges
//#################################
// list of privileges
var g1 = new GrantPrivilegesToRole("g1", GrantPrivilegesToRoleArgs.builder()
.privileges(
"MODIFY",
"USAGE")
.roleName(r.name())
.onAccount(true)
.build());
// all privileges + grant option
var g2 = new GrantPrivilegesToRole("g2", GrantPrivilegesToRoleArgs.builder()
.roleName(r.name())
.onAccount(true)
.allPrivileges(true)
.withGrantOption(true)
.build());
//#################################
//## account object privileges
//#################################
// list of privileges
var g3 = new GrantPrivilegesToRole("g3", GrantPrivilegesToRoleArgs.builder()
.privileges(
"CREATE",
"MONITOR")
.roleName(r.name())
.onAccountObject(GrantPrivilegesToRoleOnAccountObjectArgs.builder()
.objectType("DATABASE")
.objectName(d.name())
.build())
.build());
// all privileges + grant option
var g4 = new GrantPrivilegesToRole("g4", GrantPrivilegesToRoleArgs.builder()
.roleName(r.name())
.onAccountObject(GrantPrivilegesToRoleOnAccountObjectArgs.builder()
.objectType("DATABASE")
.objectName(d.name())
.build())
.allPrivileges(true)
.withGrantOption(true)
.build());
//#################################
//## schema privileges
//#################################
// list of privileges
var g5 = new GrantPrivilegesToRole("g5", GrantPrivilegesToRoleArgs.builder()
.privileges(
"MODIFY",
"CREATE TABLE")
.roleName(r.name())
.onSchema(GrantPrivilegesToRoleOnSchemaArgs.builder()
.schemaName("\"my_db\".\"my_schema\"")
.build())
.build());
// all privileges + grant option
var g6 = new GrantPrivilegesToRole("g6", GrantPrivilegesToRoleArgs.builder()
.roleName(r.name())
.onSchema(GrantPrivilegesToRoleOnSchemaArgs.builder()
.schemaName("\"my_db\".\"my_schema\"")
.build())
.allPrivileges(true)
.withGrantOption(true)
.build());
// all schemas in database
var g7 = new GrantPrivilegesToRole("g7", GrantPrivilegesToRoleArgs.builder()
.privileges(
"MODIFY",
"CREATE TABLE")
.roleName(r.name())
.onSchema(GrantPrivilegesToRoleOnSchemaArgs.builder()
.allSchemasInDatabase(d.name())
.build())
.build());
// future schemas in database
var g8 = new GrantPrivilegesToRole("g8", GrantPrivilegesToRoleArgs.builder()
.privileges(
"MODIFY",
"CREATE TABLE")
.roleName(r.name())
.onSchema(GrantPrivilegesToRoleOnSchemaArgs.builder()
.futureSchemasInDatabase(d.name())
.build())
.build());
//#################################
//## schema object privileges
//#################################
// list of privileges
var g9 = new GrantPrivilegesToRole("g9", GrantPrivilegesToRoleArgs.builder()
.privileges(
"SELECT",
"REFERENCES")
.roleName(r.name())
.onSchemaObject(GrantPrivilegesToRoleOnSchemaObjectArgs.builder()
.objectType("VIEW")
.objectName("\"my_db\".\"my_schema\".\"my_view\"")
.build())
.build());
// all privileges + grant option
var g10 = new GrantPrivilegesToRole("g10", GrantPrivilegesToRoleArgs.builder()
.roleName(r.name())
.onSchemaObject(GrantPrivilegesToRoleOnSchemaObjectArgs.builder()
.objectType("VIEW")
.objectName("\"my_db\".\"my_schema\".\"my_view\"")
.build())
.allPrivileges(true)
.withGrantOption(true)
.build());
// all in database
var g11 = new GrantPrivilegesToRole("g11", GrantPrivilegesToRoleArgs.builder()
.privileges(
"SELECT",
"INSERT")
.roleName(r.name())
.onSchemaObject(GrantPrivilegesToRoleOnSchemaObjectArgs.builder()
.all(GrantPrivilegesToRoleOnSchemaObjectAllArgs.builder()
.objectTypePlural("TABLES")
.inDatabase(d.name())
.build())
.build())
.build());
// all in schema
var g12 = new GrantPrivilegesToRole("g12", GrantPrivilegesToRoleArgs.builder()
.privileges(
"SELECT",
"INSERT")
.roleName(r.name())
.onSchemaObject(GrantPrivilegesToRoleOnSchemaObjectArgs.builder()
.all(GrantPrivilegesToRoleOnSchemaObjectAllArgs.builder()
.objectTypePlural("TABLES")
.inSchema("\"my_db\".\"my_schema\"")
.build())
.build())
.build());
// future in database
var g13 = new GrantPrivilegesToRole("g13", GrantPrivilegesToRoleArgs.builder()
.privileges(
"SELECT",
"INSERT")
.roleName(r.name())
.onSchemaObject(GrantPrivilegesToRoleOnSchemaObjectArgs.builder()
.future(GrantPrivilegesToRoleOnSchemaObjectFutureArgs.builder()
.objectTypePlural("TABLES")
.inDatabase(d.name())
.build())
.build())
.build());
// future in schema
var g14 = new GrantPrivilegesToRole("g14", GrantPrivilegesToRoleArgs.builder()
.privileges(
"SELECT",
"INSERT")
.roleName(r.name())
.onSchemaObject(GrantPrivilegesToRoleOnSchemaObjectArgs.builder()
.future(GrantPrivilegesToRoleOnSchemaObjectFutureArgs.builder()
.objectTypePlural("TABLES")
.inSchema("\"my_db\".\"my_schema\"")
.build())
.build())
.build());
}
}
resources:
##################################
### global privileges
##################################
# list of privileges
g1:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- MODIFY
- USAGE
roleName: ${r.name}
onAccount: true
# all privileges + grant option
g2: ##################################
### account object privileges
##################################
type: snowflake:GrantPrivilegesToRole
properties:
roleName: ${r.name}
onAccount: true
allPrivileges: true
withGrantOption: true
# list of privileges
g3:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- CREATE
- MONITOR
roleName: ${r.name}
onAccountObject:
objectType: DATABASE
objectName: ${d.name}
# all privileges + grant option
g4: ##################################
### schema privileges
##################################
type: snowflake:GrantPrivilegesToRole
properties:
roleName: ${r.name}
onAccountObject:
objectType: DATABASE
objectName: ${d.name}
allPrivileges: true
withGrantOption: true
# list of privileges
g5:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- MODIFY
- CREATE TABLE
roleName: ${r.name}
onSchema:
schemaName: '"my_db"."my_schema"'
# all privileges + grant option
g6:
type: snowflake:GrantPrivilegesToRole
properties:
roleName: ${r.name}
onSchema:
schemaName: '"my_db"."my_schema"'
allPrivileges: true
withGrantOption: true
# all schemas in database
g7:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- MODIFY
- CREATE TABLE
roleName: ${r.name}
onSchema:
allSchemasInDatabase: ${d.name}
# future schemas in database
g8: ##################################
### schema object privileges
##################################
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- MODIFY
- CREATE TABLE
roleName: ${r.name}
onSchema:
futureSchemasInDatabase: ${d.name}
# list of privileges
g9:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- SELECT
- REFERENCES
roleName: ${r.name}
onSchemaObject:
objectType: VIEW
objectName: '"my_db"."my_schema"."my_view"'
# all privileges + grant option
g10:
type: snowflake:GrantPrivilegesToRole
properties:
roleName: ${r.name}
onSchemaObject:
objectType: VIEW
objectName: '"my_db"."my_schema"."my_view"'
allPrivileges: true
withGrantOption: true
# all in database
g11:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- SELECT
- INSERT
roleName: ${r.name}
onSchemaObject:
all:
objectTypePlural: TABLES
inDatabase: ${d.name}
# all in schema
g12:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- SELECT
- INSERT
roleName: ${r.name}
onSchemaObject:
all:
objectTypePlural: TABLES
inSchema: '"my_db"."my_schema"'
# future in database
g13:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- SELECT
- INSERT
roleName: ${r.name}
onSchemaObject:
future:
objectTypePlural: TABLES
inDatabase: ${d.name}
# future in schema
g14:
type: snowflake:GrantPrivilegesToRole
properties:
privileges:
- SELECT
- INSERT
roleName: ${r.name}
onSchemaObject:
future:
objectTypePlural: TABLES
inSchema: '"my_db"."my_schema"'
Create GrantPrivilegesToRole Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GrantPrivilegesToRole(name: string, args: GrantPrivilegesToRoleArgs, opts?: CustomResourceOptions);@overload
def GrantPrivilegesToRole(resource_name: str,
args: GrantPrivilegesToRoleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GrantPrivilegesToRole(resource_name: str,
opts: Optional[ResourceOptions] = None,
role_name: Optional[str] = None,
all_privileges: Optional[bool] = None,
on_account: Optional[bool] = None,
on_account_object: Optional[GrantPrivilegesToRoleOnAccountObjectArgs] = None,
on_schema: Optional[GrantPrivilegesToRoleOnSchemaArgs] = None,
on_schema_object: Optional[GrantPrivilegesToRoleOnSchemaObjectArgs] = None,
privileges: Optional[Sequence[str]] = None,
with_grant_option: Optional[bool] = None)func NewGrantPrivilegesToRole(ctx *Context, name string, args GrantPrivilegesToRoleArgs, opts ...ResourceOption) (*GrantPrivilegesToRole, error)public GrantPrivilegesToRole(string name, GrantPrivilegesToRoleArgs args, CustomResourceOptions? opts = null)
public GrantPrivilegesToRole(String name, GrantPrivilegesToRoleArgs args)
public GrantPrivilegesToRole(String name, GrantPrivilegesToRoleArgs args, CustomResourceOptions options)
type: snowflake:GrantPrivilegesToRole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GrantPrivilegesToRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GrantPrivilegesToRoleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GrantPrivilegesToRoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GrantPrivilegesToRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GrantPrivilegesToRoleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var grantPrivilegesToRoleResource = new Snowflake.GrantPrivilegesToRole("grantPrivilegesToRoleResource", new()
{
RoleName = "string",
AllPrivileges = false,
OnAccount = false,
OnAccountObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnAccountObjectArgs
{
ObjectName = "string",
ObjectType = "string",
},
OnSchema = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaArgs
{
AllSchemasInDatabase = "string",
FutureSchemasInDatabase = "string",
SchemaName = "string",
},
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectArgs
{
All = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectAllArgs
{
ObjectTypePlural = "string",
InDatabase = "string",
InSchema = "string",
},
Future = new Snowflake.Inputs.GrantPrivilegesToRoleOnSchemaObjectFutureArgs
{
ObjectTypePlural = "string",
InDatabase = "string",
InSchema = "string",
},
ObjectName = "string",
ObjectType = "string",
},
Privileges = new[]
{
"string",
},
WithGrantOption = false,
});
example, err := snowflake.NewGrantPrivilegesToRole(ctx, "grantPrivilegesToRoleResource", &snowflake.GrantPrivilegesToRoleArgs{
RoleName: pulumi.String("string"),
AllPrivileges: pulumi.Bool(false),
OnAccount: pulumi.Bool(false),
OnAccountObject: &snowflake.GrantPrivilegesToRoleOnAccountObjectArgs{
ObjectName: pulumi.String("string"),
ObjectType: pulumi.String("string"),
},
OnSchema: &snowflake.GrantPrivilegesToRoleOnSchemaArgs{
AllSchemasInDatabase: pulumi.String("string"),
FutureSchemasInDatabase: pulumi.String("string"),
SchemaName: pulumi.String("string"),
},
OnSchemaObject: &snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs{
All: &snowflake.GrantPrivilegesToRoleOnSchemaObjectAllArgs{
ObjectTypePlural: pulumi.String("string"),
InDatabase: pulumi.String("string"),
InSchema: pulumi.String("string"),
},
Future: &snowflake.GrantPrivilegesToRoleOnSchemaObjectFutureArgs{
ObjectTypePlural: pulumi.String("string"),
InDatabase: pulumi.String("string"),
InSchema: pulumi.String("string"),
},
ObjectName: pulumi.String("string"),
ObjectType: pulumi.String("string"),
},
Privileges: pulumi.StringArray{
pulumi.String("string"),
},
WithGrantOption: pulumi.Bool(false),
})
var grantPrivilegesToRoleResource = new GrantPrivilegesToRole("grantPrivilegesToRoleResource", GrantPrivilegesToRoleArgs.builder()
.roleName("string")
.allPrivileges(false)
.onAccount(false)
.onAccountObject(GrantPrivilegesToRoleOnAccountObjectArgs.builder()
.objectName("string")
.objectType("string")
.build())
.onSchema(GrantPrivilegesToRoleOnSchemaArgs.builder()
.allSchemasInDatabase("string")
.futureSchemasInDatabase("string")
.schemaName("string")
.build())
.onSchemaObject(GrantPrivilegesToRoleOnSchemaObjectArgs.builder()
.all(GrantPrivilegesToRoleOnSchemaObjectAllArgs.builder()
.objectTypePlural("string")
.inDatabase("string")
.inSchema("string")
.build())
.future(GrantPrivilegesToRoleOnSchemaObjectFutureArgs.builder()
.objectTypePlural("string")
.inDatabase("string")
.inSchema("string")
.build())
.objectName("string")
.objectType("string")
.build())
.privileges("string")
.withGrantOption(false)
.build());
grant_privileges_to_role_resource = snowflake.GrantPrivilegesToRole("grantPrivilegesToRoleResource",
role_name="string",
all_privileges=False,
on_account=False,
on_account_object=snowflake.GrantPrivilegesToRoleOnAccountObjectArgs(
object_name="string",
object_type="string",
),
on_schema=snowflake.GrantPrivilegesToRoleOnSchemaArgs(
all_schemas_in_database="string",
future_schemas_in_database="string",
schema_name="string",
),
on_schema_object=snowflake.GrantPrivilegesToRoleOnSchemaObjectArgs(
all=snowflake.GrantPrivilegesToRoleOnSchemaObjectAllArgs(
object_type_plural="string",
in_database="string",
in_schema="string",
),
future=snowflake.GrantPrivilegesToRoleOnSchemaObjectFutureArgs(
object_type_plural="string",
in_database="string",
in_schema="string",
),
object_name="string",
object_type="string",
),
privileges=["string"],
with_grant_option=False)
const grantPrivilegesToRoleResource = new snowflake.GrantPrivilegesToRole("grantPrivilegesToRoleResource", {
roleName: "string",
allPrivileges: false,
onAccount: false,
onAccountObject: {
objectName: "string",
objectType: "string",
},
onSchema: {
allSchemasInDatabase: "string",
futureSchemasInDatabase: "string",
schemaName: "string",
},
onSchemaObject: {
all: {
objectTypePlural: "string",
inDatabase: "string",
inSchema: "string",
},
future: {
objectTypePlural: "string",
inDatabase: "string",
inSchema: "string",
},
objectName: "string",
objectType: "string",
},
privileges: ["string"],
withGrantOption: false,
});
type: snowflake:GrantPrivilegesToRole
properties:
allPrivileges: false
onAccount: false
onAccountObject:
objectName: string
objectType: string
onSchema:
allSchemasInDatabase: string
futureSchemasInDatabase: string
schemaName: string
onSchemaObject:
all:
inDatabase: string
inSchema: string
objectTypePlural: string
future:
inDatabase: string
inSchema: string
objectTypePlural: string
objectName: string
objectType: string
privileges:
- string
roleName: string
withGrantOption: false
GrantPrivilegesToRole Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The GrantPrivilegesToRole resource accepts the following input properties:
- Role
Name string - The fully qualified name of the role to which privileges will be granted.
- All
Privileges bool - Grant all privileges on the account role.
- On
Account bool - If true, the privileges will be granted on the account.
- On
Account GrantObject Privileges To Role On Account Object - Specifies the account object on which privileges will be granted
- On
Schema GrantPrivileges To Role On Schema - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Role On Schema Object - Specifies the schema object on which privileges will be granted.
- Privileges List<string>
- The privileges to grant on the account role.
- With
Grant boolOption - Specifies whether the grantee can grant the privileges to other users.
- Role
Name string - The fully qualified name of the role to which privileges will be granted.
- All
Privileges bool - Grant all privileges on the account role.
- On
Account bool - If true, the privileges will be granted on the account.
- On
Account GrantObject Privileges To Role On Account Object Args - Specifies the account object on which privileges will be granted
- On
Schema GrantPrivileges To Role On Schema Args - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- Privileges []string
- The privileges to grant on the account role.
- With
Grant boolOption - Specifies whether the grantee can grant the privileges to other users.
- role
Name String - The fully qualified name of the role to which privileges will be granted.
- all
Privileges Boolean - Grant all privileges on the account role.
- on
Account Boolean - If true, the privileges will be granted on the account.
- on
Account GrantObject Privileges To Role On Account Object - Specifies the account object on which privileges will be granted
- on
Schema GrantPrivileges To Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the account role.
- with
Grant BooleanOption - Specifies whether the grantee can grant the privileges to other users.
- role
Name string - The fully qualified name of the role to which privileges will be granted.
- all
Privileges boolean - Grant all privileges on the account role.
- on
Account boolean - If true, the privileges will be granted on the account.
- on
Account GrantObject Privileges To Role On Account Object - Specifies the account object on which privileges will be granted
- on
Schema GrantPrivileges To Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges string[]
- The privileges to grant on the account role.
- with
Grant booleanOption - Specifies whether the grantee can grant the privileges to other users.
- role_
name str - The fully qualified name of the role to which privileges will be granted.
- all_
privileges bool - Grant all privileges on the account role.
- on_
account bool - If true, the privileges will be granted on the account.
- on_
account_ Grantobject Privileges To Role On Account Object Args - Specifies the account object on which privileges will be granted
- on_
schema GrantPrivileges To Role On Schema Args - Specifies the schema on which privileges will be granted.
- on_
schema_ Grantobject Privileges To Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- privileges Sequence[str]
- The privileges to grant on the account role.
- with_
grant_ booloption - Specifies whether the grantee can grant the privileges to other users.
- role
Name String - The fully qualified name of the role to which privileges will be granted.
- all
Privileges Boolean - Grant all privileges on the account role.
- on
Account Boolean - If true, the privileges will be granted on the account.
- on
Account Property MapObject - Specifies the account object on which privileges will be granted
- on
Schema Property Map - Specifies the schema on which privileges will be granted.
- on
Schema Property MapObject - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the account role.
- with
Grant BooleanOption - Specifies whether the grantee can grant the privileges to other users.
Outputs
All input properties are implicitly available as output properties. Additionally, the GrantPrivilegesToRole resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing GrantPrivilegesToRole Resource
Get an existing GrantPrivilegesToRole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GrantPrivilegesToRoleState, opts?: CustomResourceOptions): GrantPrivilegesToRole@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
all_privileges: Optional[bool] = None,
on_account: Optional[bool] = None,
on_account_object: Optional[GrantPrivilegesToRoleOnAccountObjectArgs] = None,
on_schema: Optional[GrantPrivilegesToRoleOnSchemaArgs] = None,
on_schema_object: Optional[GrantPrivilegesToRoleOnSchemaObjectArgs] = None,
privileges: Optional[Sequence[str]] = None,
role_name: Optional[str] = None,
with_grant_option: Optional[bool] = None) -> GrantPrivilegesToRolefunc GetGrantPrivilegesToRole(ctx *Context, name string, id IDInput, state *GrantPrivilegesToRoleState, opts ...ResourceOption) (*GrantPrivilegesToRole, error)public static GrantPrivilegesToRole Get(string name, Input<string> id, GrantPrivilegesToRoleState? state, CustomResourceOptions? opts = null)public static GrantPrivilegesToRole get(String name, Output<String> id, GrantPrivilegesToRoleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- All
Privileges bool - Grant all privileges on the account role.
- On
Account bool - If true, the privileges will be granted on the account.
- On
Account GrantObject Privileges To Role On Account Object - Specifies the account object on which privileges will be granted
- On
Schema GrantPrivileges To Role On Schema - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Role On Schema Object - Specifies the schema object on which privileges will be granted.
- Privileges List<string>
- The privileges to grant on the account role.
- Role
Name string - The fully qualified name of the role to which privileges will be granted.
- With
Grant boolOption - Specifies whether the grantee can grant the privileges to other users.
- All
Privileges bool - Grant all privileges on the account role.
- On
Account bool - If true, the privileges will be granted on the account.
- On
Account GrantObject Privileges To Role On Account Object Args - Specifies the account object on which privileges will be granted
- On
Schema GrantPrivileges To Role On Schema Args - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- Privileges []string
- The privileges to grant on the account role.
- Role
Name string - The fully qualified name of the role to which privileges will be granted.
- With
Grant boolOption - Specifies whether the grantee can grant the privileges to other users.
- all
Privileges Boolean - Grant all privileges on the account role.
- on
Account Boolean - If true, the privileges will be granted on the account.
- on
Account GrantObject Privileges To Role On Account Object - Specifies the account object on which privileges will be granted
- on
Schema GrantPrivileges To Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the account role.
- role
Name String - The fully qualified name of the role to which privileges will be granted.
- with
Grant BooleanOption - Specifies whether the grantee can grant the privileges to other users.
- all
Privileges boolean - Grant all privileges on the account role.
- on
Account boolean - If true, the privileges will be granted on the account.
- on
Account GrantObject Privileges To Role On Account Object - Specifies the account object on which privileges will be granted
- on
Schema GrantPrivileges To Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges string[]
- The privileges to grant on the account role.
- role
Name string - The fully qualified name of the role to which privileges will be granted.
- with
Grant booleanOption - Specifies whether the grantee can grant the privileges to other users.
- all_
privileges bool - Grant all privileges on the account role.
- on_
account bool - If true, the privileges will be granted on the account.
- on_
account_ Grantobject Privileges To Role On Account Object Args - Specifies the account object on which privileges will be granted
- on_
schema GrantPrivileges To Role On Schema Args - Specifies the schema on which privileges will be granted.
- on_
schema_ Grantobject Privileges To Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- privileges Sequence[str]
- The privileges to grant on the account role.
- role_
name str - The fully qualified name of the role to which privileges will be granted.
- with_
grant_ booloption - Specifies whether the grantee can grant the privileges to other users.
- all
Privileges Boolean - Grant all privileges on the account role.
- on
Account Boolean - If true, the privileges will be granted on the account.
- on
Account Property MapObject - Specifies the account object on which privileges will be granted
- on
Schema Property Map - Specifies the schema on which privileges will be granted.
- on
Schema Property MapObject - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the account role.
- role
Name String - The fully qualified name of the role to which privileges will be granted.
- with
Grant BooleanOption - Specifies whether the grantee can grant the privileges to other users.
Supporting Types
GrantPrivilegesToRoleOnAccountObject, GrantPrivilegesToRoleOnAccountObjectArgs
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- object
Name string - The fully qualified name of the object on which privileges will be granted.
- object
Type string - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- object_
name str - The fully qualified name of the object on which privileges will be granted.
- object_
type str - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
GrantPrivilegesToRoleOnSchema, GrantPrivilegesToRoleOnSchemaArgs
- All
Schemas stringIn Database - The fully qualified name of the database.
- Future
Schemas stringIn Database - The fully qualified name of the database.
- Schema
Name string - The fully qualified name of the schema.
- All
Schemas stringIn Database - The fully qualified name of the database.
- Future
Schemas stringIn Database - The fully qualified name of the database.
- Schema
Name string - The fully qualified name of the schema.
- all
Schemas StringIn Database - The fully qualified name of the database.
- future
Schemas StringIn Database - The fully qualified name of the database.
- schema
Name String - The fully qualified name of the schema.
- all
Schemas stringIn Database - The fully qualified name of the database.
- future
Schemas stringIn Database - The fully qualified name of the database.
- schema
Name string - The fully qualified name of the schema.
- all_
schemas_ strin_ database - The fully qualified name of the database.
- future_
schemas_ strin_ database - The fully qualified name of the database.
- schema_
name str - The fully qualified name of the schema.
- all
Schemas StringIn Database - The fully qualified name of the database.
- future
Schemas StringIn Database - The fully qualified name of the database.
- schema
Name String - The fully qualified name of the schema.
GrantPrivilegesToRoleOnSchemaObject, GrantPrivilegesToRoleOnSchemaObjectArgs
- All
Grant
Privileges To Role On Schema Object All - Configures the privilege to be granted on all objects in eihter a database or schema.
- Future
Grant
Privileges To Role On Schema Object Future - Configures the privilege to be granted on future objects in eihter a database or schema.
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- All
Grant
Privileges To Role On Schema Object All - Configures the privilege to be granted on all objects in eihter a database or schema.
- Future
Grant
Privileges To Role On Schema Object Future - Configures the privilege to be granted on future objects in eihter a database or schema.
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Role On Schema Object All - Configures the privilege to be granted on all objects in eihter a database or schema.
- future
Grant
Privileges To Role On Schema Object Future - Configures the privilege to be granted on future objects in eihter a database or schema.
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Role On Schema Object All - Configures the privilege to be granted on all objects in eihter a database or schema.
- future
Grant
Privileges To Role On Schema Object Future - Configures the privilege to be granted on future objects in eihter a database or schema.
- object
Name string - The fully qualified name of the object on which privileges will be granted.
- object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Role On Schema Object All - Configures the privilege to be granted on all objects in eihter a database or schema.
- future
Grant
Privileges To Role On Schema Object Future - Configures the privilege to be granted on future objects in eihter a database or schema.
- object_
name str - The fully qualified name of the object on which privileges will be granted.
- object_
type str - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all Property Map
- Configures the privilege to be granted on all objects in eihter a database or schema.
- future Property Map
- Configures the privilege to be granted on future objects in eihter a database or schema.
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
GrantPrivilegesToRoleOnSchemaObjectAll, GrantPrivilegesToRoleOnSchemaObjectAllArgs
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS
- In
Database string - The fully qualified name of the database.
- In
Schema string - The fully qualified name of the schema.
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS
- In
Database string - The fully qualified name of the database.
- In
Schema string - The fully qualified name of the schema.
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS
- in
Database String - The fully qualified name of the database.
- in
Schema String - The fully qualified name of the schema.
- object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS
- in
Database string - The fully qualified name of the database.
- in
Schema string - The fully qualified name of the schema.
- object_
type_ strplural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS
- in_
database str - The fully qualified name of the database.
- in_
schema str - The fully qualified name of the schema.
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS
- in
Database String - The fully qualified name of the database.
- in
Schema String - The fully qualified name of the schema.
GrantPrivilegesToRoleOnSchemaObjectFuture, GrantPrivilegesToRoleOnSchemaObjectFutureArgs
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | ICEBERG TABLES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PASSWORD POLICIES | PIPES | PROCEDURES | SECRETS | SERVICES | SEQUENCES | STAGES | STREAMS | TABLES | TASKS | VIEWS
- In
Database string - The fully qualified name of the database.
- In
Schema string - The fully qualified name of the schema.
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | ICEBERG TABLES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PASSWORD POLICIES | PIPES | PROCEDURES | SECRETS | SERVICES | SEQUENCES | STAGES | STREAMS | TABLES | TASKS | VIEWS
- In
Database string - The fully qualified name of the database.
- In
Schema string - The fully qualified name of the schema.
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | ICEBERG TABLES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PASSWORD POLICIES | PIPES | PROCEDURES | SECRETS | SERVICES | SEQUENCES | STAGES | STREAMS | TABLES | TASKS | VIEWS
- in
Database String - The fully qualified name of the database.
- in
Schema String - The fully qualified name of the schema.
- object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | ICEBERG TABLES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PASSWORD POLICIES | PIPES | PROCEDURES | SECRETS | SERVICES | SEQUENCES | STAGES | STREAMS | TABLES | TASKS | VIEWS
- in
Database string - The fully qualified name of the database.
- in
Schema string - The fully qualified name of the schema.
- object_
type_ strplural - The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | ICEBERG TABLES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PASSWORD POLICIES | PIPES | PROCEDURES | SECRETS | SERVICES | SEQUENCES | STAGES | STREAMS | TABLES | TASKS | VIEWS
- in_
database str - The fully qualified name of the database.
- in_
schema str - The fully qualified name of the schema.
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | ICEBERG TABLES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PASSWORD POLICIES | PIPES | PROCEDURES | SECRETS | SERVICES | SEQUENCES | STAGES | STREAMS | TABLES | TASKS | VIEWS
- in
Database String - The fully qualified name of the database.
- in
Schema String - The fully qualified name of the schema.
Import
format is role_name (string) | privileges (comma-delimited string) | all_privileges (bool) |with_grant_option (bool) | on_account (bool) | on_account_object (bool) | on_schema (bool) | on_schema_object (bool) | all (bool) | future (bool) | object_type (string) | object_name (string) | object_type_plural (string) | in_schema (bool) | schema_name (string) | in_database (bool) | database_name (string)
$ pulumi import snowflake:index/grantPrivilegesToRole:GrantPrivilegesToRole "test_role|MANAGE GRANTS,MONITOR USAGE|false|false|true|false|false|false|false|false||||false||false|"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Snowflake pulumi/pulumi-snowflake
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
snowflakeTerraform Provider.