Snowflake v0.55.0, Jun 7 24

Snowflake v0.55.0 published on Friday, Jun 7, 2024 by Pulumi

snowflake.Provider

Explore with Pulumi AI

Snowflake v0.55.0 published on Friday, Jun 7, 2024 by Pulumi

The provider type for the snowflake package. By default, resources use package-wide configuration settings, however an explicit Provider instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the documentation for more information.

Create Provider Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Provider(name: string, args?: ProviderArgs, opts?: CustomResourceOptions);

@overload
def Provider(resource_name: str,
             args: Optional[ProviderArgs] = None,
             opts: Optional[ResourceOptions] = None)

@overload
def Provider(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             account: Optional[str] = None,
             authenticator: Optional[str] = None,
             browser_auth: Optional[bool] = None,
             client_ip: Optional[str] = None,
             client_request_mfa_token: Optional[bool] = None,
             client_store_temporary_credential: Optional[bool] = None,
             client_timeout: Optional[int] = None,
             disable_query_context_cache: Optional[bool] = None,
             disable_telemetry: Optional[bool] = None,
             external_browser_timeout: Optional[int] = None,
             host: Optional[str] = None,
             insecure_mode: Optional[bool] = None,
             jwt_client_timeout: Optional[int] = None,
             jwt_expire_timeout: Optional[int] = None,
             keep_session_alive: Optional[bool] = None,
             login_timeout: Optional[int] = None,
             oauth_access_token: Optional[str] = None,
             oauth_client_id: Optional[str] = None,
             oauth_client_secret: Optional[str] = None,
             oauth_endpoint: Optional[str] = None,
             oauth_redirect_url: Optional[str] = None,
             oauth_refresh_token: Optional[str] = None,
             ocsp_fail_open: Optional[bool] = None,
             okta_url: Optional[str] = None,
             params: Optional[Mapping[str, Any]] = None,
             passcode: Optional[str] = None,
             passcode_in_password: Optional[bool] = None,
             password: Optional[str] = None,
             port: Optional[int] = None,
             private_key: Optional[str] = None,
             private_key_passphrase: Optional[str] = None,
             private_key_path: Optional[str] = None,
             profile: Optional[str] = None,
             protocol: Optional[str] = None,
             region: Optional[str] = None,
             request_timeout: Optional[int] = None,
             role: Optional[str] = None,
             session_params: Optional[Mapping[str, Any]] = None,
             token: Optional[str] = None,
             token_accessor: Optional[ProviderTokenAccessorArgs] = None,
             user: Optional[str] = None,
             username: Optional[str] = None,
             validate_default_parameters: Optional[bool] = None,
             warehouse: Optional[str] = None)

func NewProvider(ctx *Context, name string, args *ProviderArgs, opts ...ResourceOption) (*Provider, error)

public Provider(string name, ProviderArgs? args = null, CustomResourceOptions? opts = null)

public Provider(String name, ProviderArgs args)
public Provider(String name, ProviderArgs args, CustomResourceOptions options)

type: pulumi:providers:snowflake
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ProviderArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ProviderArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ProviderArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ProviderArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ProviderArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Provider Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Provider resource accepts the following input properties:

Account string: Specifies your Snowflake account identifier assigned, by Snowflake. For information about account identifiers, see the Snowflake documentation. Can also be sourced from the SNOWFLAKE_ACCOUNT environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_ACCOUNT
Authenticator string: Specifies the authentication type to use when connecting to Snowflake. Valid values include: Snowflake, OAuth, ExternalBrowser, Okta, JWT, TokenAccessor, UsernamePasswordMFA. Can also be sourced from the SNOWFLAKE_AUTHENTICATOR environment variable. It has to be set explicitly to JWT for private key authentication.
BrowserAuth bool: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_USE_BROWSER_AUTH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_USE_BROWSER_AUTH
Deprecated: Use authenticator instead
ClientIp string: IP address for network checks. Can also be sourced from the SNOWFLAKE_CLIENT_IP environment variable.
ClientRequestMfaToken bool: When true the MFA token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_REQUEST_MFA_TOKEN environment variable.
ClientStoreTemporaryCredential bool: When true the ID token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_STORE_TEMPORARY_CREDENTIAL environment variable.
ClientTimeout int: The timeout in seconds for the client to complete the authentication. Default is 900 seconds. Can also be sourced from the SNOWFLAKE_CLIENT_TIMEOUT environment variable.
DisableQueryContextCache bool: Should HTAP query context cache be disabled. Can also be sourced from the SNOWFLAKE_DISABLE_QUERY_CONTEXT_CACHE environment variable.
DisableTelemetry bool: Indicates whether to disable telemetry. Can also be sourced from the SNOWFLAKE_DISABLE_TELEMETRY environment variable.
ExternalBrowserTimeout int: The timeout in seconds for the external browser to complete the authentication. Default is 120 seconds. Can also be sourced from the SNOWFLAKE_EXTERNAL_BROWSER_TIMEOUT environment variable.
Host string: Supports passing in a custom host value to the snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_HOST environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_HOST
InsecureMode bool: If true, bypass the Online Certificate Status Protocol (OCSP) certificate revocation check. IMPORTANT: Change the default value for testing or emergency situations only. Can also be sourced from the SNOWFLAKE_INSECURE_MODE environment variable.
JwtClientTimeout int: The timeout in seconds for the JWT client to complete the authentication. Default is 10 seconds. Can also be sourced from the SNOWFLAKE_JWT_CLIENT_TIMEOUT environment variable.
JwtExpireTimeout int: JWT expire after timeout in seconds. Can also be sourced from the SNOWFLAKE_JWT_EXPIRE_TIMEOUT environment variable.
KeepSessionAlive bool: Enables the session to persist even after the connection is closed. Can also be sourced from the SNOWFLAKE_KEEP_SESSION_ALIVE environment variable.
LoginTimeout int: Login retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_LOGIN_TIMEOUT environment variable.
OauthAccessToken string: Token for use with OAuth. Generating the token is left to other tools. Cannot be used with browser_auth, private_key_path, oauth_refresh_token or password. Can also be sourced from SNOWFLAKE_OAUTH_ACCESS_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ACCESS_TOKEN
Deprecated: Use token instead
OauthClientId string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_ID environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_ID
Deprecated: Use token_accessor.0.client_id instead
OauthClientSecret string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_SECRET environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_SECRET
Deprecated: Use token_accessor.0.client_secret instead
OauthEndpoint string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_ENDPOINT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ENDPOINT
Deprecated: Use token_accessor.0.token_endpoint instead
OauthRedirectUrl string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_REDIRECT_URL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REDIRECT_URL
Deprecated: Use token_accessor.0.redirect_uri instead
OauthRefreshToken string: Token for use with OAuth. Setup and generation of the token is left to other tools. Should be used in conjunction with oauth_client_id, oauth_client_secret, oauth_endpoint, oauth_redirect_url. Cannot be used with browser_auth, private_key_path, oauth_access_token or password. Can also be sourced from SNOWFLAKE_OAUTH_REFRESH_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REFRESH_TOKEN
Deprecated: Use token_accessor.0.refresh_token instead
OcspFailOpen bool: True represents OCSP fail open mode. False represents OCSP fail closed mode. Fail open true by default. Can also be sourced from the SNOWFLAKE_OCSP_FAIL_OPEN environment variable.
OktaUrl string: The URL of the Okta server. e.g. https://example.okta.com. Can also be sourced from the SNOWFLAKE_OKTA_URL environment variable.
Params Dictionary<string, object>: Sets other connection (i.e. session) parameters. Parameters
Passcode string: Specifies the passcode provided by Duo when using multi-factor authentication (MFA) for login. Can also be sourced from the SNOWFLAKE_PASSCODE environment variable.
PasscodeInPassword bool: False by default. Set to true if the MFA passcode is embedded in the login password. Appends the MFA passcode to the end of the password. Can also be sourced from the SNOWFLAKE_PASSCODE_IN_PASSWORD environment variable.
Password string: Password for username+password auth. Cannot be used with browser_auth or private_key_path. Can also be sourced from the SNOWFLAKE_PASSWORD environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PASSWORD
Port int: Support custom port values to snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_PORT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PORT
PrivateKey string: Private Key for username+private-key auth. Cannot be used with browser_auth or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY environment variable.
PrivateKeyPassphrase string: Supports the encryption ciphers aes-128-cbc, aes-128-gcm, aes-192-cbc, aes-192-gcm, aes-256-cbc, aes-256-gcm, and des-ede3-cbc. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PASSPHRASE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PASSPHRASE
PrivateKeyPath string: Path to a private key for using keypair authentication. Cannot be used with browser_auth, oauth_access_token or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PATH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PATH
Deprecated: use the file Function instead
Profile string: Sets the profile to read from ~/.snowflake/config file. Can also be sourced from the SNOWFLAKE_PROFILE environment variable.
Protocol string: Either http or https, defaults to https. Can also be sourced from the SNOWFLAKE_PROTOCOL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PROTOCOL
Region string: Snowflake region, such as "eu-central-1", with this parameter. However, since this parameter is deprecated, it is best to specify the region as part of the account parameter. For details, see the description of the account parameter. Snowflake region to use. Required if using the legacy format for the account identifier in the form of <cloud_region_id>.<cloud>. Can also be sourced from the SNOWFLAKE_REGION environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_REGION
Deprecated: Specify the region as part of the account parameter
RequestTimeout int: request retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_REQUEST_TIMEOUT environment variable.
Role string: Specifies the role to use by default for accessing Snowflake objects in the client session. Can also be sourced from the SNOWFLAKE_ROLE environment variable. . It can also be sourced from the following environment variable: SNOWFLAKE_ROLE
SessionParams Dictionary<string, object>: Sets session parameters. Parameters
Deprecated: Use params instead
Token string: Token to use for OAuth and other forms of token based auth. Can also be sourced from the SNOWFLAKE_TOKEN environment variable.
TokenAccessor ProviderTokenAccessor
User string: Username. Can also be sourced from the SNOWFLAKE_USER environment variable. Required unless using profile.
Username string: Username for username+password authentication. Can also be sourced from the SNOWFLAKE_USERNAME environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_USER
Deprecated: Use user instead of username
ValidateDefaultParameters bool: True by default. If false, disables the validation checks for Database, Schema, Warehouse and Role at the time a connection is established. Can also be sourced from the SNOWFLAKE_VALIDATE_DEFAULT_PARAMETERS environment variable.
Warehouse string: Specifies the virtual warehouse to use by default for queries, loading, etc. in the client session. Can also be sourced from the SNOWFLAKE_WAREHOUSE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_WAREHOUSE

Account string: Specifies your Snowflake account identifier assigned, by Snowflake. For information about account identifiers, see the Snowflake documentation. Can also be sourced from the SNOWFLAKE_ACCOUNT environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_ACCOUNT
Authenticator string: Specifies the authentication type to use when connecting to Snowflake. Valid values include: Snowflake, OAuth, ExternalBrowser, Okta, JWT, TokenAccessor, UsernamePasswordMFA. Can also be sourced from the SNOWFLAKE_AUTHENTICATOR environment variable. It has to be set explicitly to JWT for private key authentication.
BrowserAuth bool: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_USE_BROWSER_AUTH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_USE_BROWSER_AUTH
Deprecated: Use authenticator instead
ClientIp string: IP address for network checks. Can also be sourced from the SNOWFLAKE_CLIENT_IP environment variable.
ClientRequestMfaToken bool: When true the MFA token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_REQUEST_MFA_TOKEN environment variable.
ClientStoreTemporaryCredential bool: When true the ID token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_STORE_TEMPORARY_CREDENTIAL environment variable.
ClientTimeout int: The timeout in seconds for the client to complete the authentication. Default is 900 seconds. Can also be sourced from the SNOWFLAKE_CLIENT_TIMEOUT environment variable.
DisableQueryContextCache bool: Should HTAP query context cache be disabled. Can also be sourced from the SNOWFLAKE_DISABLE_QUERY_CONTEXT_CACHE environment variable.
DisableTelemetry bool: Indicates whether to disable telemetry. Can also be sourced from the SNOWFLAKE_DISABLE_TELEMETRY environment variable.
ExternalBrowserTimeout int: The timeout in seconds for the external browser to complete the authentication. Default is 120 seconds. Can also be sourced from the SNOWFLAKE_EXTERNAL_BROWSER_TIMEOUT environment variable.
Host string: Supports passing in a custom host value to the snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_HOST environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_HOST
InsecureMode bool: If true, bypass the Online Certificate Status Protocol (OCSP) certificate revocation check. IMPORTANT: Change the default value for testing or emergency situations only. Can also be sourced from the SNOWFLAKE_INSECURE_MODE environment variable.
JwtClientTimeout int: The timeout in seconds for the JWT client to complete the authentication. Default is 10 seconds. Can also be sourced from the SNOWFLAKE_JWT_CLIENT_TIMEOUT environment variable.
JwtExpireTimeout int: JWT expire after timeout in seconds. Can also be sourced from the SNOWFLAKE_JWT_EXPIRE_TIMEOUT environment variable.
KeepSessionAlive bool: Enables the session to persist even after the connection is closed. Can also be sourced from the SNOWFLAKE_KEEP_SESSION_ALIVE environment variable.
LoginTimeout int: Login retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_LOGIN_TIMEOUT environment variable.
OauthAccessToken string: Token for use with OAuth. Generating the token is left to other tools. Cannot be used with browser_auth, private_key_path, oauth_refresh_token or password. Can also be sourced from SNOWFLAKE_OAUTH_ACCESS_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ACCESS_TOKEN
Deprecated: Use token instead
OauthClientId string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_ID environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_ID
Deprecated: Use token_accessor.0.client_id instead
OauthClientSecret string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_SECRET environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_SECRET
Deprecated: Use token_accessor.0.client_secret instead
OauthEndpoint string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_ENDPOINT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ENDPOINT
Deprecated: Use token_accessor.0.token_endpoint instead
OauthRedirectUrl string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_REDIRECT_URL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REDIRECT_URL
Deprecated: Use token_accessor.0.redirect_uri instead
OauthRefreshToken string: Token for use with OAuth. Setup and generation of the token is left to other tools. Should be used in conjunction with oauth_client_id, oauth_client_secret, oauth_endpoint, oauth_redirect_url. Cannot be used with browser_auth, private_key_path, oauth_access_token or password. Can also be sourced from SNOWFLAKE_OAUTH_REFRESH_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REFRESH_TOKEN
Deprecated: Use token_accessor.0.refresh_token instead
OcspFailOpen bool: True represents OCSP fail open mode. False represents OCSP fail closed mode. Fail open true by default. Can also be sourced from the SNOWFLAKE_OCSP_FAIL_OPEN environment variable.
OktaUrl string: The URL of the Okta server. e.g. https://example.okta.com. Can also be sourced from the SNOWFLAKE_OKTA_URL environment variable.
Params map[string]interface{}: Sets other connection (i.e. session) parameters. Parameters
Passcode string: Specifies the passcode provided by Duo when using multi-factor authentication (MFA) for login. Can also be sourced from the SNOWFLAKE_PASSCODE environment variable.
PasscodeInPassword bool: False by default. Set to true if the MFA passcode is embedded in the login password. Appends the MFA passcode to the end of the password. Can also be sourced from the SNOWFLAKE_PASSCODE_IN_PASSWORD environment variable.
Password string: Password for username+password auth. Cannot be used with browser_auth or private_key_path. Can also be sourced from the SNOWFLAKE_PASSWORD environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PASSWORD
Port int: Support custom port values to snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_PORT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PORT
PrivateKey string: Private Key for username+private-key auth. Cannot be used with browser_auth or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY environment variable.
PrivateKeyPassphrase string: Supports the encryption ciphers aes-128-cbc, aes-128-gcm, aes-192-cbc, aes-192-gcm, aes-256-cbc, aes-256-gcm, and des-ede3-cbc. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PASSPHRASE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PASSPHRASE
PrivateKeyPath string: Path to a private key for using keypair authentication. Cannot be used with browser_auth, oauth_access_token or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PATH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PATH
Deprecated: use the file Function instead
Profile string: Sets the profile to read from ~/.snowflake/config file. Can also be sourced from the SNOWFLAKE_PROFILE environment variable.
Protocol string: Either http or https, defaults to https. Can also be sourced from the SNOWFLAKE_PROTOCOL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PROTOCOL
Region string: Snowflake region, such as "eu-central-1", with this parameter. However, since this parameter is deprecated, it is best to specify the region as part of the account parameter. For details, see the description of the account parameter. Snowflake region to use. Required if using the legacy format for the account identifier in the form of <cloud_region_id>.<cloud>. Can also be sourced from the SNOWFLAKE_REGION environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_REGION
Deprecated: Specify the region as part of the account parameter
RequestTimeout int: request retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_REQUEST_TIMEOUT environment variable.
Role string: Specifies the role to use by default for accessing Snowflake objects in the client session. Can also be sourced from the SNOWFLAKE_ROLE environment variable. . It can also be sourced from the following environment variable: SNOWFLAKE_ROLE
SessionParams map[string]interface{}: Sets session parameters. Parameters
Deprecated: Use params instead
Token string: Token to use for OAuth and other forms of token based auth. Can also be sourced from the SNOWFLAKE_TOKEN environment variable.
TokenAccessor ProviderTokenAccessorArgs
User string: Username. Can also be sourced from the SNOWFLAKE_USER environment variable. Required unless using profile.
Username string: Username for username+password authentication. Can also be sourced from the SNOWFLAKE_USERNAME environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_USER
Deprecated: Use user instead of username
ValidateDefaultParameters bool: True by default. If false, disables the validation checks for Database, Schema, Warehouse and Role at the time a connection is established. Can also be sourced from the SNOWFLAKE_VALIDATE_DEFAULT_PARAMETERS environment variable.
Warehouse string: Specifies the virtual warehouse to use by default for queries, loading, etc. in the client session. Can also be sourced from the SNOWFLAKE_WAREHOUSE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_WAREHOUSE

account String: Specifies your Snowflake account identifier assigned, by Snowflake. For information about account identifiers, see the Snowflake documentation. Can also be sourced from the SNOWFLAKE_ACCOUNT environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_ACCOUNT
authenticator String: Specifies the authentication type to use when connecting to Snowflake. Valid values include: Snowflake, OAuth, ExternalBrowser, Okta, JWT, TokenAccessor, UsernamePasswordMFA. Can also be sourced from the SNOWFLAKE_AUTHENTICATOR environment variable. It has to be set explicitly to JWT for private key authentication.
browserAuth Boolean: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_USE_BROWSER_AUTH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_USE_BROWSER_AUTH
Deprecated: Use authenticator instead
clientIp String: IP address for network checks. Can also be sourced from the SNOWFLAKE_CLIENT_IP environment variable.
clientRequestMfaToken Boolean: When true the MFA token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_REQUEST_MFA_TOKEN environment variable.
clientStoreTemporaryCredential Boolean: When true the ID token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_STORE_TEMPORARY_CREDENTIAL environment variable.
clientTimeout Integer: The timeout in seconds for the client to complete the authentication. Default is 900 seconds. Can also be sourced from the SNOWFLAKE_CLIENT_TIMEOUT environment variable.
disableQueryContextCache Boolean: Should HTAP query context cache be disabled. Can also be sourced from the SNOWFLAKE_DISABLE_QUERY_CONTEXT_CACHE environment variable.
disableTelemetry Boolean: Indicates whether to disable telemetry. Can also be sourced from the SNOWFLAKE_DISABLE_TELEMETRY environment variable.
externalBrowserTimeout Integer: The timeout in seconds for the external browser to complete the authentication. Default is 120 seconds. Can also be sourced from the SNOWFLAKE_EXTERNAL_BROWSER_TIMEOUT environment variable.
host String: Supports passing in a custom host value to the snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_HOST environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_HOST
insecureMode Boolean: If true, bypass the Online Certificate Status Protocol (OCSP) certificate revocation check. IMPORTANT: Change the default value for testing or emergency situations only. Can also be sourced from the SNOWFLAKE_INSECURE_MODE environment variable.
jwtClientTimeout Integer: The timeout in seconds for the JWT client to complete the authentication. Default is 10 seconds. Can also be sourced from the SNOWFLAKE_JWT_CLIENT_TIMEOUT environment variable.
jwtExpireTimeout Integer: JWT expire after timeout in seconds. Can also be sourced from the SNOWFLAKE_JWT_EXPIRE_TIMEOUT environment variable.
keepSessionAlive Boolean: Enables the session to persist even after the connection is closed. Can also be sourced from the SNOWFLAKE_KEEP_SESSION_ALIVE environment variable.
loginTimeout Integer: Login retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_LOGIN_TIMEOUT environment variable.
oauthAccessToken String: Token for use with OAuth. Generating the token is left to other tools. Cannot be used with browser_auth, private_key_path, oauth_refresh_token or password. Can also be sourced from SNOWFLAKE_OAUTH_ACCESS_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ACCESS_TOKEN
Deprecated: Use token instead
oauthClientId String: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_ID environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_ID
Deprecated: Use token_accessor.0.client_id instead
oauthClientSecret String: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_SECRET environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_SECRET
Deprecated: Use token_accessor.0.client_secret instead
oauthEndpoint String: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_ENDPOINT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ENDPOINT
Deprecated: Use token_accessor.0.token_endpoint instead
oauthRedirectUrl String: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_REDIRECT_URL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REDIRECT_URL
Deprecated: Use token_accessor.0.redirect_uri instead
oauthRefreshToken String: Token for use with OAuth. Setup and generation of the token is left to other tools. Should be used in conjunction with oauth_client_id, oauth_client_secret, oauth_endpoint, oauth_redirect_url. Cannot be used with browser_auth, private_key_path, oauth_access_token or password. Can also be sourced from SNOWFLAKE_OAUTH_REFRESH_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REFRESH_TOKEN
Deprecated: Use token_accessor.0.refresh_token instead
ocspFailOpen Boolean: True represents OCSP fail open mode. False represents OCSP fail closed mode. Fail open true by default. Can also be sourced from the SNOWFLAKE_OCSP_FAIL_OPEN environment variable.
oktaUrl String: The URL of the Okta server. e.g. https://example.okta.com. Can also be sourced from the SNOWFLAKE_OKTA_URL environment variable.
params Map<String,Object>: Sets other connection (i.e. session) parameters. Parameters
passcode String: Specifies the passcode provided by Duo when using multi-factor authentication (MFA) for login. Can also be sourced from the SNOWFLAKE_PASSCODE environment variable.
passcodeInPassword Boolean: False by default. Set to true if the MFA passcode is embedded in the login password. Appends the MFA passcode to the end of the password. Can also be sourced from the SNOWFLAKE_PASSCODE_IN_PASSWORD environment variable.
password String: Password for username+password auth. Cannot be used with browser_auth or private_key_path. Can also be sourced from the SNOWFLAKE_PASSWORD environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PASSWORD
port Integer: Support custom port values to snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_PORT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PORT
privateKey String: Private Key for username+private-key auth. Cannot be used with browser_auth or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY environment variable.
privateKeyPassphrase String: Supports the encryption ciphers aes-128-cbc, aes-128-gcm, aes-192-cbc, aes-192-gcm, aes-256-cbc, aes-256-gcm, and des-ede3-cbc. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PASSPHRASE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PASSPHRASE
privateKeyPath String: Path to a private key for using keypair authentication. Cannot be used with browser_auth, oauth_access_token or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PATH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PATH
Deprecated: use the file Function instead
profile String: Sets the profile to read from ~/.snowflake/config file. Can also be sourced from the SNOWFLAKE_PROFILE environment variable.
protocol String: Either http or https, defaults to https. Can also be sourced from the SNOWFLAKE_PROTOCOL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PROTOCOL
region String: Snowflake region, such as "eu-central-1", with this parameter. However, since this parameter is deprecated, it is best to specify the region as part of the account parameter. For details, see the description of the account parameter. Snowflake region to use. Required if using the legacy format for the account identifier in the form of <cloud_region_id>.<cloud>. Can also be sourced from the SNOWFLAKE_REGION environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_REGION
Deprecated: Specify the region as part of the account parameter
requestTimeout Integer: request retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_REQUEST_TIMEOUT environment variable.
role String: Specifies the role to use by default for accessing Snowflake objects in the client session. Can also be sourced from the SNOWFLAKE_ROLE environment variable. . It can also be sourced from the following environment variable: SNOWFLAKE_ROLE
sessionParams Map<String,Object>: Sets session parameters. Parameters
Deprecated: Use params instead
token String: Token to use for OAuth and other forms of token based auth. Can also be sourced from the SNOWFLAKE_TOKEN environment variable.
tokenAccessor ProviderTokenAccessor
user String: Username. Can also be sourced from the SNOWFLAKE_USER environment variable. Required unless using profile.
username String: Username for username+password authentication. Can also be sourced from the SNOWFLAKE_USERNAME environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_USER
Deprecated: Use user instead of username
validateDefaultParameters Boolean: True by default. If false, disables the validation checks for Database, Schema, Warehouse and Role at the time a connection is established. Can also be sourced from the SNOWFLAKE_VALIDATE_DEFAULT_PARAMETERS environment variable.
warehouse String: Specifies the virtual warehouse to use by default for queries, loading, etc. in the client session. Can also be sourced from the SNOWFLAKE_WAREHOUSE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_WAREHOUSE

account string: Specifies your Snowflake account identifier assigned, by Snowflake. For information about account identifiers, see the Snowflake documentation. Can also be sourced from the SNOWFLAKE_ACCOUNT environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_ACCOUNT
authenticator string: Specifies the authentication type to use when connecting to Snowflake. Valid values include: Snowflake, OAuth, ExternalBrowser, Okta, JWT, TokenAccessor, UsernamePasswordMFA. Can also be sourced from the SNOWFLAKE_AUTHENTICATOR environment variable. It has to be set explicitly to JWT for private key authentication.
browserAuth boolean: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_USE_BROWSER_AUTH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_USE_BROWSER_AUTH
Deprecated: Use authenticator instead
clientIp string: IP address for network checks. Can also be sourced from the SNOWFLAKE_CLIENT_IP environment variable.
clientRequestMfaToken boolean: When true the MFA token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_REQUEST_MFA_TOKEN environment variable.
clientStoreTemporaryCredential boolean: When true the ID token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_STORE_TEMPORARY_CREDENTIAL environment variable.
clientTimeout number: The timeout in seconds for the client to complete the authentication. Default is 900 seconds. Can also be sourced from the SNOWFLAKE_CLIENT_TIMEOUT environment variable.
disableQueryContextCache boolean: Should HTAP query context cache be disabled. Can also be sourced from the SNOWFLAKE_DISABLE_QUERY_CONTEXT_CACHE environment variable.
disableTelemetry boolean: Indicates whether to disable telemetry. Can also be sourced from the SNOWFLAKE_DISABLE_TELEMETRY environment variable.
externalBrowserTimeout number: The timeout in seconds for the external browser to complete the authentication. Default is 120 seconds. Can also be sourced from the SNOWFLAKE_EXTERNAL_BROWSER_TIMEOUT environment variable.
host string: Supports passing in a custom host value to the snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_HOST environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_HOST
insecureMode boolean: If true, bypass the Online Certificate Status Protocol (OCSP) certificate revocation check. IMPORTANT: Change the default value for testing or emergency situations only. Can also be sourced from the SNOWFLAKE_INSECURE_MODE environment variable.
jwtClientTimeout number: The timeout in seconds for the JWT client to complete the authentication. Default is 10 seconds. Can also be sourced from the SNOWFLAKE_JWT_CLIENT_TIMEOUT environment variable.
jwtExpireTimeout number: JWT expire after timeout in seconds. Can also be sourced from the SNOWFLAKE_JWT_EXPIRE_TIMEOUT environment variable.
keepSessionAlive boolean: Enables the session to persist even after the connection is closed. Can also be sourced from the SNOWFLAKE_KEEP_SESSION_ALIVE environment variable.
loginTimeout number: Login retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_LOGIN_TIMEOUT environment variable.
oauthAccessToken string: Token for use with OAuth. Generating the token is left to other tools. Cannot be used with browser_auth, private_key_path, oauth_refresh_token or password. Can also be sourced from SNOWFLAKE_OAUTH_ACCESS_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ACCESS_TOKEN
Deprecated: Use token instead
oauthClientId string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_ID environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_ID
Deprecated: Use token_accessor.0.client_id instead
oauthClientSecret string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_SECRET environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_SECRET
Deprecated: Use token_accessor.0.client_secret instead
oauthEndpoint string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_ENDPOINT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ENDPOINT
Deprecated: Use token_accessor.0.token_endpoint instead
oauthRedirectUrl string: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_REDIRECT_URL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REDIRECT_URL
Deprecated: Use token_accessor.0.redirect_uri instead
oauthRefreshToken string: Token for use with OAuth. Setup and generation of the token is left to other tools. Should be used in conjunction with oauth_client_id, oauth_client_secret, oauth_endpoint, oauth_redirect_url. Cannot be used with browser_auth, private_key_path, oauth_access_token or password. Can also be sourced from SNOWFLAKE_OAUTH_REFRESH_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REFRESH_TOKEN
Deprecated: Use token_accessor.0.refresh_token instead
ocspFailOpen boolean: True represents OCSP fail open mode. False represents OCSP fail closed mode. Fail open true by default. Can also be sourced from the SNOWFLAKE_OCSP_FAIL_OPEN environment variable.
oktaUrl string: The URL of the Okta server. e.g. https://example.okta.com. Can also be sourced from the SNOWFLAKE_OKTA_URL environment variable.
params {[key: string]: any}: Sets other connection (i.e. session) parameters. Parameters
passcode string: Specifies the passcode provided by Duo when using multi-factor authentication (MFA) for login. Can also be sourced from the SNOWFLAKE_PASSCODE environment variable.
passcodeInPassword boolean: False by default. Set to true if the MFA passcode is embedded in the login password. Appends the MFA passcode to the end of the password. Can also be sourced from the SNOWFLAKE_PASSCODE_IN_PASSWORD environment variable.
password string: Password for username+password auth. Cannot be used with browser_auth or private_key_path. Can also be sourced from the SNOWFLAKE_PASSWORD environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PASSWORD
port number: Support custom port values to snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_PORT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PORT
privateKey string: Private Key for username+private-key auth. Cannot be used with browser_auth or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY environment variable.
privateKeyPassphrase string: Supports the encryption ciphers aes-128-cbc, aes-128-gcm, aes-192-cbc, aes-192-gcm, aes-256-cbc, aes-256-gcm, and des-ede3-cbc. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PASSPHRASE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PASSPHRASE
privateKeyPath string: Path to a private key for using keypair authentication. Cannot be used with browser_auth, oauth_access_token or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PATH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PATH
Deprecated: use the file Function instead
profile string: Sets the profile to read from ~/.snowflake/config file. Can also be sourced from the SNOWFLAKE_PROFILE environment variable.
protocol string: Either http or https, defaults to https. Can also be sourced from the SNOWFLAKE_PROTOCOL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PROTOCOL
region string: Snowflake region, such as "eu-central-1", with this parameter. However, since this parameter is deprecated, it is best to specify the region as part of the account parameter. For details, see the description of the account parameter. Snowflake region to use. Required if using the legacy format for the account identifier in the form of <cloud_region_id>.<cloud>. Can also be sourced from the SNOWFLAKE_REGION environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_REGION
Deprecated: Specify the region as part of the account parameter
requestTimeout number: request retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_REQUEST_TIMEOUT environment variable.
role string: Specifies the role to use by default for accessing Snowflake objects in the client session. Can also be sourced from the SNOWFLAKE_ROLE environment variable. . It can also be sourced from the following environment variable: SNOWFLAKE_ROLE
sessionParams {[key: string]: any}: Sets session parameters. Parameters
Deprecated: Use params instead
token string: Token to use for OAuth and other forms of token based auth. Can also be sourced from the SNOWFLAKE_TOKEN environment variable.
tokenAccessor ProviderTokenAccessor
user string: Username. Can also be sourced from the SNOWFLAKE_USER environment variable. Required unless using profile.
username string: Username for username+password authentication. Can also be sourced from the SNOWFLAKE_USERNAME environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_USER
Deprecated: Use user instead of username
validateDefaultParameters boolean: True by default. If false, disables the validation checks for Database, Schema, Warehouse and Role at the time a connection is established. Can also be sourced from the SNOWFLAKE_VALIDATE_DEFAULT_PARAMETERS environment variable.
warehouse string: Specifies the virtual warehouse to use by default for queries, loading, etc. in the client session. Can also be sourced from the SNOWFLAKE_WAREHOUSE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_WAREHOUSE

account str: Specifies your Snowflake account identifier assigned, by Snowflake. For information about account identifiers, see the Snowflake documentation. Can also be sourced from the SNOWFLAKE_ACCOUNT environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_ACCOUNT
authenticator str: Specifies the authentication type to use when connecting to Snowflake. Valid values include: Snowflake, OAuth, ExternalBrowser, Okta, JWT, TokenAccessor, UsernamePasswordMFA. Can also be sourced from the SNOWFLAKE_AUTHENTICATOR environment variable. It has to be set explicitly to JWT for private key authentication.
browser_auth bool: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_USE_BROWSER_AUTH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_USE_BROWSER_AUTH
Deprecated: Use authenticator instead
client_ip str: IP address for network checks. Can also be sourced from the SNOWFLAKE_CLIENT_IP environment variable.
client_request_mfa_token bool: When true the MFA token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_REQUEST_MFA_TOKEN environment variable.
client_store_temporary_credential bool: When true the ID token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_STORE_TEMPORARY_CREDENTIAL environment variable.
client_timeout int: The timeout in seconds for the client to complete the authentication. Default is 900 seconds. Can also be sourced from the SNOWFLAKE_CLIENT_TIMEOUT environment variable.
disable_query_context_cache bool: Should HTAP query context cache be disabled. Can also be sourced from the SNOWFLAKE_DISABLE_QUERY_CONTEXT_CACHE environment variable.
disable_telemetry bool: Indicates whether to disable telemetry. Can also be sourced from the SNOWFLAKE_DISABLE_TELEMETRY environment variable.
external_browser_timeout int: The timeout in seconds for the external browser to complete the authentication. Default is 120 seconds. Can also be sourced from the SNOWFLAKE_EXTERNAL_BROWSER_TIMEOUT environment variable.
host str: Supports passing in a custom host value to the snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_HOST environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_HOST
insecure_mode bool: If true, bypass the Online Certificate Status Protocol (OCSP) certificate revocation check. IMPORTANT: Change the default value for testing or emergency situations only. Can also be sourced from the SNOWFLAKE_INSECURE_MODE environment variable.
jwt_client_timeout int: The timeout in seconds for the JWT client to complete the authentication. Default is 10 seconds. Can also be sourced from the SNOWFLAKE_JWT_CLIENT_TIMEOUT environment variable.
jwt_expire_timeout int: JWT expire after timeout in seconds. Can also be sourced from the SNOWFLAKE_JWT_EXPIRE_TIMEOUT environment variable.
keep_session_alive bool: Enables the session to persist even after the connection is closed. Can also be sourced from the SNOWFLAKE_KEEP_SESSION_ALIVE environment variable.
login_timeout int: Login retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_LOGIN_TIMEOUT environment variable.
oauth_access_token str: Token for use with OAuth. Generating the token is left to other tools. Cannot be used with browser_auth, private_key_path, oauth_refresh_token or password. Can also be sourced from SNOWFLAKE_OAUTH_ACCESS_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ACCESS_TOKEN
Deprecated: Use token instead
oauth_client_id str: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_ID environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_ID
Deprecated: Use token_accessor.0.client_id instead
oauth_client_secret str: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_SECRET environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_SECRET
Deprecated: Use token_accessor.0.client_secret instead
oauth_endpoint str: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_ENDPOINT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ENDPOINT
Deprecated: Use token_accessor.0.token_endpoint instead
oauth_redirect_url str: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_REDIRECT_URL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REDIRECT_URL
Deprecated: Use token_accessor.0.redirect_uri instead
oauth_refresh_token str: Token for use with OAuth. Setup and generation of the token is left to other tools. Should be used in conjunction with oauth_client_id, oauth_client_secret, oauth_endpoint, oauth_redirect_url. Cannot be used with browser_auth, private_key_path, oauth_access_token or password. Can also be sourced from SNOWFLAKE_OAUTH_REFRESH_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REFRESH_TOKEN
Deprecated: Use token_accessor.0.refresh_token instead
ocsp_fail_open bool: True represents OCSP fail open mode. False represents OCSP fail closed mode. Fail open true by default. Can also be sourced from the SNOWFLAKE_OCSP_FAIL_OPEN environment variable.
okta_url str: The URL of the Okta server. e.g. https://example.okta.com. Can also be sourced from the SNOWFLAKE_OKTA_URL environment variable.
params Mapping[str, Any]: Sets other connection (i.e. session) parameters. Parameters
passcode str: Specifies the passcode provided by Duo when using multi-factor authentication (MFA) for login. Can also be sourced from the SNOWFLAKE_PASSCODE environment variable.
passcode_in_password bool: False by default. Set to true if the MFA passcode is embedded in the login password. Appends the MFA passcode to the end of the password. Can also be sourced from the SNOWFLAKE_PASSCODE_IN_PASSWORD environment variable.
password str: Password for username+password auth. Cannot be used with browser_auth or private_key_path. Can also be sourced from the SNOWFLAKE_PASSWORD environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PASSWORD
port int: Support custom port values to snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_PORT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PORT
private_key str: Private Key for username+private-key auth. Cannot be used with browser_auth or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY environment variable.
private_key_passphrase str: Supports the encryption ciphers aes-128-cbc, aes-128-gcm, aes-192-cbc, aes-192-gcm, aes-256-cbc, aes-256-gcm, and des-ede3-cbc. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PASSPHRASE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PASSPHRASE
private_key_path str: Path to a private key for using keypair authentication. Cannot be used with browser_auth, oauth_access_token or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PATH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PATH
Deprecated: use the file Function instead
profile str: Sets the profile to read from ~/.snowflake/config file. Can also be sourced from the SNOWFLAKE_PROFILE environment variable.
protocol str: Either http or https, defaults to https. Can also be sourced from the SNOWFLAKE_PROTOCOL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PROTOCOL
region str: Snowflake region, such as "eu-central-1", with this parameter. However, since this parameter is deprecated, it is best to specify the region as part of the account parameter. For details, see the description of the account parameter. Snowflake region to use. Required if using the legacy format for the account identifier in the form of <cloud_region_id>.<cloud>. Can also be sourced from the SNOWFLAKE_REGION environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_REGION
Deprecated: Specify the region as part of the account parameter
request_timeout int: request retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_REQUEST_TIMEOUT environment variable.
role str: Specifies the role to use by default for accessing Snowflake objects in the client session. Can also be sourced from the SNOWFLAKE_ROLE environment variable. . It can also be sourced from the following environment variable: SNOWFLAKE_ROLE
session_params Mapping[str, Any]: Sets session parameters. Parameters
Deprecated: Use params instead
token str: Token to use for OAuth and other forms of token based auth. Can also be sourced from the SNOWFLAKE_TOKEN environment variable.
token_accessor ProviderTokenAccessorArgs
user str: Username. Can also be sourced from the SNOWFLAKE_USER environment variable. Required unless using profile.
username str: Username for username+password authentication. Can also be sourced from the SNOWFLAKE_USERNAME environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_USER
Deprecated: Use user instead of username
validate_default_parameters bool: True by default. If false, disables the validation checks for Database, Schema, Warehouse and Role at the time a connection is established. Can also be sourced from the SNOWFLAKE_VALIDATE_DEFAULT_PARAMETERS environment variable.
warehouse str: Specifies the virtual warehouse to use by default for queries, loading, etc. in the client session. Can also be sourced from the SNOWFLAKE_WAREHOUSE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_WAREHOUSE

account String: Specifies your Snowflake account identifier assigned, by Snowflake. For information about account identifiers, see the Snowflake documentation. Can also be sourced from the SNOWFLAKE_ACCOUNT environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_ACCOUNT
authenticator String: Specifies the authentication type to use when connecting to Snowflake. Valid values include: Snowflake, OAuth, ExternalBrowser, Okta, JWT, TokenAccessor, UsernamePasswordMFA. Can also be sourced from the SNOWFLAKE_AUTHENTICATOR environment variable. It has to be set explicitly to JWT for private key authentication.
browserAuth Boolean: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_USE_BROWSER_AUTH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_USE_BROWSER_AUTH
Deprecated: Use authenticator instead
clientIp String: IP address for network checks. Can also be sourced from the SNOWFLAKE_CLIENT_IP environment variable.
clientRequestMfaToken Boolean: When true the MFA token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_REQUEST_MFA_TOKEN environment variable.
clientStoreTemporaryCredential Boolean: When true the ID token is cached in the credential manager. True by default in Windows/OSX. False for Linux. Can also be sourced from the SNOWFLAKE_CLIENT_STORE_TEMPORARY_CREDENTIAL environment variable.
clientTimeout Number: The timeout in seconds for the client to complete the authentication. Default is 900 seconds. Can also be sourced from the SNOWFLAKE_CLIENT_TIMEOUT environment variable.
disableQueryContextCache Boolean: Should HTAP query context cache be disabled. Can also be sourced from the SNOWFLAKE_DISABLE_QUERY_CONTEXT_CACHE environment variable.
disableTelemetry Boolean: Indicates whether to disable telemetry. Can also be sourced from the SNOWFLAKE_DISABLE_TELEMETRY environment variable.
externalBrowserTimeout Number: The timeout in seconds for the external browser to complete the authentication. Default is 120 seconds. Can also be sourced from the SNOWFLAKE_EXTERNAL_BROWSER_TIMEOUT environment variable.
host String: Supports passing in a custom host value to the snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_HOST environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_HOST
insecureMode Boolean: If true, bypass the Online Certificate Status Protocol (OCSP) certificate revocation check. IMPORTANT: Change the default value for testing or emergency situations only. Can also be sourced from the SNOWFLAKE_INSECURE_MODE environment variable.
jwtClientTimeout Number: The timeout in seconds for the JWT client to complete the authentication. Default is 10 seconds. Can also be sourced from the SNOWFLAKE_JWT_CLIENT_TIMEOUT environment variable.
jwtExpireTimeout Number: JWT expire after timeout in seconds. Can also be sourced from the SNOWFLAKE_JWT_EXPIRE_TIMEOUT environment variable.
keepSessionAlive Boolean: Enables the session to persist even after the connection is closed. Can also be sourced from the SNOWFLAKE_KEEP_SESSION_ALIVE environment variable.
loginTimeout Number: Login retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_LOGIN_TIMEOUT environment variable.
oauthAccessToken String: Token for use with OAuth. Generating the token is left to other tools. Cannot be used with browser_auth, private_key_path, oauth_refresh_token or password. Can also be sourced from SNOWFLAKE_OAUTH_ACCESS_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ACCESS_TOKEN
Deprecated: Use token instead
oauthClientId String: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_ID environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_ID
Deprecated: Use token_accessor.0.client_id instead
oauthClientSecret String: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_CLIENT_SECRET environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_CLIENT_SECRET
Deprecated: Use token_accessor.0.client_secret instead
oauthEndpoint String: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_ENDPOINT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_ENDPOINT
Deprecated: Use token_accessor.0.token_endpoint instead
oauthRedirectUrl String: Required when oauth_refresh_token is used. Can also be sourced from SNOWFLAKE_OAUTH_REDIRECT_URL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REDIRECT_URL
Deprecated: Use token_accessor.0.redirect_uri instead
oauthRefreshToken String: Token for use with OAuth. Setup and generation of the token is left to other tools. Should be used in conjunction with oauth_client_id, oauth_client_secret, oauth_endpoint, oauth_redirect_url. Cannot be used with browser_auth, private_key_path, oauth_access_token or password. Can also be sourced from SNOWFLAKE_OAUTH_REFRESH_TOKEN environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_OAUTH_REFRESH_TOKEN
Deprecated: Use token_accessor.0.refresh_token instead
ocspFailOpen Boolean: True represents OCSP fail open mode. False represents OCSP fail closed mode. Fail open true by default. Can also be sourced from the SNOWFLAKE_OCSP_FAIL_OPEN environment variable.
oktaUrl String: The URL of the Okta server. e.g. https://example.okta.com. Can also be sourced from the SNOWFLAKE_OKTA_URL environment variable.
params Map<Any>: Sets other connection (i.e. session) parameters. Parameters
passcode String: Specifies the passcode provided by Duo when using multi-factor authentication (MFA) for login. Can also be sourced from the SNOWFLAKE_PASSCODE environment variable.
passcodeInPassword Boolean: False by default. Set to true if the MFA passcode is embedded in the login password. Appends the MFA passcode to the end of the password. Can also be sourced from the SNOWFLAKE_PASSCODE_IN_PASSWORD environment variable.
password String: Password for username+password auth. Cannot be used with browser_auth or private_key_path. Can also be sourced from the SNOWFLAKE_PASSWORD environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PASSWORD
port Number: Support custom port values to snowflake go driver for use with privatelink. Can also be sourced from the SNOWFLAKE_PORT environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PORT
privateKey String: Private Key for username+private-key auth. Cannot be used with browser_auth or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY environment variable.
privateKeyPassphrase String: Supports the encryption ciphers aes-128-cbc, aes-128-gcm, aes-192-cbc, aes-192-gcm, aes-256-cbc, aes-256-gcm, and des-ede3-cbc. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PASSPHRASE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PASSPHRASE
privateKeyPath String: Path to a private key for using keypair authentication. Cannot be used with browser_auth, oauth_access_token or password. Can also be sourced from SNOWFLAKE_PRIVATE_KEY_PATH environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PRIVATE_KEY_PATH
Deprecated: use the file Function instead
profile String: Sets the profile to read from ~/.snowflake/config file. Can also be sourced from the SNOWFLAKE_PROFILE environment variable.
protocol String: Either http or https, defaults to https. Can also be sourced from the SNOWFLAKE_PROTOCOL environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_PROTOCOL
region String: Snowflake region, such as "eu-central-1", with this parameter. However, since this parameter is deprecated, it is best to specify the region as part of the account parameter. For details, see the description of the account parameter. Snowflake region to use. Required if using the legacy format for the account identifier in the form of <cloud_region_id>.<cloud>. Can also be sourced from the SNOWFLAKE_REGION environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_REGION
Deprecated: Specify the region as part of the account parameter
requestTimeout Number: request retry timeout EXCLUDING network roundtrip and read out http response. Can also be sourced from the SNOWFLAKE_REQUEST_TIMEOUT environment variable.
role String: Specifies the role to use by default for accessing Snowflake objects in the client session. Can also be sourced from the SNOWFLAKE_ROLE environment variable. . It can also be sourced from the following environment variable: SNOWFLAKE_ROLE
sessionParams Map<Any>: Sets session parameters. Parameters
Deprecated: Use params instead
token String: Token to use for OAuth and other forms of token based auth. Can also be sourced from the SNOWFLAKE_TOKEN environment variable.
tokenAccessor Property Map
user String: Username. Can also be sourced from the SNOWFLAKE_USER environment variable. Required unless using profile.
username String: Username for username+password authentication. Can also be sourced from the SNOWFLAKE_USERNAME environment variable. Required unless using profile. It can also be sourced from the following environment variable: SNOWFLAKE_USER
Deprecated: Use user instead of username
validateDefaultParameters Boolean: True by default. If false, disables the validation checks for Database, Schema, Warehouse and Role at the time a connection is established. Can also be sourced from the SNOWFLAKE_VALIDATE_DEFAULT_PARAMETERS environment variable.
warehouse String: Specifies the virtual warehouse to use by default for queries, loading, etc. in the client session. Can also be sourced from the SNOWFLAKE_WAREHOUSE environment variable. It can also be sourced from the following environment variable: SNOWFLAKE_WAREHOUSE

Outputs

All input properties are implicitly available as output properties. Additionally, the Provider resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Supporting Types

ProviderTokenAccessor, ProviderTokenAccessorArgs

ClientId string: The client ID for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_ID environment variable.
ClientSecret string: The client secret for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_SECRET environment variable.
RedirectUri string: The redirect URI for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REDIRECT_URI environment variable.
RefreshToken string: The refresh token for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REFRESH_TOKEN environment variable.
TokenEndpoint string: The token endpoint for the OAuth provider e.g. https://{yourDomain}/oauth/token when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_TOKEN_ENDPOINT environment variable.

ClientId string: The client ID for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_ID environment variable.
ClientSecret string: The client secret for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_SECRET environment variable.
RedirectUri string: The redirect URI for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REDIRECT_URI environment variable.
RefreshToken string: The refresh token for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REFRESH_TOKEN environment variable.
TokenEndpoint string: The token endpoint for the OAuth provider e.g. https://{yourDomain}/oauth/token when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_TOKEN_ENDPOINT environment variable.

clientId String: The client ID for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_ID environment variable.
clientSecret String: The client secret for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_SECRET environment variable.
redirectUri String: The redirect URI for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REDIRECT_URI environment variable.
refreshToken String: The refresh token for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REFRESH_TOKEN environment variable.
tokenEndpoint String: The token endpoint for the OAuth provider e.g. https://{yourDomain}/oauth/token when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_TOKEN_ENDPOINT environment variable.

clientId string: The client ID for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_ID environment variable.
clientSecret string: The client secret for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_SECRET environment variable.
redirectUri string: The redirect URI for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REDIRECT_URI environment variable.
refreshToken string: The refresh token for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REFRESH_TOKEN environment variable.
tokenEndpoint string: The token endpoint for the OAuth provider e.g. https://{yourDomain}/oauth/token when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_TOKEN_ENDPOINT environment variable.

client_id str: The client ID for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_ID environment variable.
client_secret str: The client secret for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_SECRET environment variable.
redirect_uri str: The redirect URI for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REDIRECT_URI environment variable.
refresh_token str: The refresh token for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REFRESH_TOKEN environment variable.
token_endpoint str: The token endpoint for the OAuth provider e.g. https://{yourDomain}/oauth/token when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_TOKEN_ENDPOINT environment variable.

clientId String: The client ID for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_ID environment variable.
clientSecret String: The client secret for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_SECRET environment variable.
redirectUri String: The redirect URI for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REDIRECT_URI environment variable.
refreshToken String: The refresh token for the OAuth provider when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_REFRESH_TOKEN environment variable.
tokenEndpoint String: The token endpoint for the OAuth provider e.g. https://{yourDomain}/oauth/token when using a refresh token to renew access token. Can also be sourced from the SNOWFLAKE_TOKEN_ACCESSOR_TOKEN_ENDPOINT environment variable.

Package Details

Repository: Snowflake pulumi/pulumi-snowflake
License: Apache-2.0
Notes: This Pulumi package is based on the snowflake Terraform Provider.

Snowflake v0.55.0 published on Friday, Jun 7, 2024 by Pulumi

pulumi/pulumi-snowflake

snowflake.Provider

On this page

On this page

Create Provider Resource

Constructor syntax

Parameters

Provider Resource Properties

Inputs

Outputs

Supporting Types

ProviderTokenAccessor, ProviderTokenAccessorArgs

Package Details

On this page

On this page