Docs
PackagesSnowflake v0.52.0 published on Thursday, Apr 18, 2024 by Pulumi
snowflake.GrantPrivilegesToAccountRole
Explore with Pulumi AI
Import
Import examples
Grant all privileges OnAccountObject (Database)
$ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole `"\"test_db_role\"|false|false|ALL|OnAccountObject|DATABASE|\"test_db\""`
Grant list of privileges OnAllSchemasInDatabase
$ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole `"\"test_db_role\"|false|false|CREATE TAG,CREATE TABLE|OnSchema|OnAllSchemasInDatabase|\"test_db\""`
Grant list of privileges on table
$ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole \"test_table\""`
Grant list of privileges OnAll tables in schema
$ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole \"test_schema\""`
Create GrantPrivilegesToAccountRole Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GrantPrivilegesToAccountRole(name: string, args: GrantPrivilegesToAccountRoleArgs, opts?: CustomResourceOptions);@overload
def GrantPrivilegesToAccountRole(resource_name: str,
args: GrantPrivilegesToAccountRoleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GrantPrivilegesToAccountRole(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_role_name: Optional[str] = None,
all_privileges: Optional[bool] = None,
always_apply: Optional[bool] = None,
always_apply_trigger: Optional[str] = None,
on_account: Optional[bool] = None,
on_account_object: Optional[GrantPrivilegesToAccountRoleOnAccountObjectArgs] = None,
on_schema: Optional[GrantPrivilegesToAccountRoleOnSchemaArgs] = None,
on_schema_object: Optional[GrantPrivilegesToAccountRoleOnSchemaObjectArgs] = None,
privileges: Optional[Sequence[str]] = None,
with_grant_option: Optional[bool] = None)func NewGrantPrivilegesToAccountRole(ctx *Context, name string, args GrantPrivilegesToAccountRoleArgs, opts ...ResourceOption) (*GrantPrivilegesToAccountRole, error)public GrantPrivilegesToAccountRole(string name, GrantPrivilegesToAccountRoleArgs args, CustomResourceOptions? opts = null)
public GrantPrivilegesToAccountRole(String name, GrantPrivilegesToAccountRoleArgs args)
public GrantPrivilegesToAccountRole(String name, GrantPrivilegesToAccountRoleArgs args, CustomResourceOptions options)
type: snowflake:GrantPrivilegesToAccountRole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GrantPrivilegesToAccountRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GrantPrivilegesToAccountRoleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GrantPrivilegesToAccountRoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GrantPrivilegesToAccountRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GrantPrivilegesToAccountRoleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var grantPrivilegesToAccountRoleResource = new Snowflake.GrantPrivilegesToAccountRole("grantPrivilegesToAccountRoleResource", new()
{
AccountRoleName = "string",
AllPrivileges = false,
AlwaysApply = false,
AlwaysApplyTrigger = "string",
OnAccount = false,
OnAccountObject = new Snowflake.Inputs.GrantPrivilegesToAccountRoleOnAccountObjectArgs
{
ObjectName = "string",
ObjectType = "string",
},
OnSchema = new Snowflake.Inputs.GrantPrivilegesToAccountRoleOnSchemaArgs
{
AllSchemasInDatabase = "string",
FutureSchemasInDatabase = "string",
SchemaName = "string",
},
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToAccountRoleOnSchemaObjectArgs
{
All = new Snowflake.Inputs.GrantPrivilegesToAccountRoleOnSchemaObjectAllArgs
{
ObjectTypePlural = "string",
InDatabase = "string",
InSchema = "string",
},
Future = new Snowflake.Inputs.GrantPrivilegesToAccountRoleOnSchemaObjectFutureArgs
{
ObjectTypePlural = "string",
InDatabase = "string",
InSchema = "string",
},
ObjectName = "string",
ObjectType = "string",
},
Privileges = new[]
{
"string",
},
WithGrantOption = false,
});
example, err := snowflake.NewGrantPrivilegesToAccountRole(ctx, "grantPrivilegesToAccountRoleResource", &snowflake.GrantPrivilegesToAccountRoleArgs{
AccountRoleName: pulumi.String("string"),
AllPrivileges: pulumi.Bool(false),
AlwaysApply: pulumi.Bool(false),
AlwaysApplyTrigger: pulumi.String("string"),
OnAccount: pulumi.Bool(false),
OnAccountObject: &snowflake.GrantPrivilegesToAccountRoleOnAccountObjectArgs{
ObjectName: pulumi.String("string"),
ObjectType: pulumi.String("string"),
},
OnSchema: &snowflake.GrantPrivilegesToAccountRoleOnSchemaArgs{
AllSchemasInDatabase: pulumi.String("string"),
FutureSchemasInDatabase: pulumi.String("string"),
SchemaName: pulumi.String("string"),
},
OnSchemaObject: &snowflake.GrantPrivilegesToAccountRoleOnSchemaObjectArgs{
All: &snowflake.GrantPrivilegesToAccountRoleOnSchemaObjectAllArgs{
ObjectTypePlural: pulumi.String("string"),
InDatabase: pulumi.String("string"),
InSchema: pulumi.String("string"),
},
Future: &snowflake.GrantPrivilegesToAccountRoleOnSchemaObjectFutureArgs{
ObjectTypePlural: pulumi.String("string"),
InDatabase: pulumi.String("string"),
InSchema: pulumi.String("string"),
},
ObjectName: pulumi.String("string"),
ObjectType: pulumi.String("string"),
},
Privileges: pulumi.StringArray{
pulumi.String("string"),
},
WithGrantOption: pulumi.Bool(false),
})
var grantPrivilegesToAccountRoleResource = new GrantPrivilegesToAccountRole("grantPrivilegesToAccountRoleResource", GrantPrivilegesToAccountRoleArgs.builder()
.accountRoleName("string")
.allPrivileges(false)
.alwaysApply(false)
.alwaysApplyTrigger("string")
.onAccount(false)
.onAccountObject(GrantPrivilegesToAccountRoleOnAccountObjectArgs.builder()
.objectName("string")
.objectType("string")
.build())
.onSchema(GrantPrivilegesToAccountRoleOnSchemaArgs.builder()
.allSchemasInDatabase("string")
.futureSchemasInDatabase("string")
.schemaName("string")
.build())
.onSchemaObject(GrantPrivilegesToAccountRoleOnSchemaObjectArgs.builder()
.all(GrantPrivilegesToAccountRoleOnSchemaObjectAllArgs.builder()
.objectTypePlural("string")
.inDatabase("string")
.inSchema("string")
.build())
.future(GrantPrivilegesToAccountRoleOnSchemaObjectFutureArgs.builder()
.objectTypePlural("string")
.inDatabase("string")
.inSchema("string")
.build())
.objectName("string")
.objectType("string")
.build())
.privileges("string")
.withGrantOption(false)
.build());
grant_privileges_to_account_role_resource = snowflake.GrantPrivilegesToAccountRole("grantPrivilegesToAccountRoleResource",
account_role_name="string",
all_privileges=False,
always_apply=False,
always_apply_trigger="string",
on_account=False,
on_account_object=snowflake.GrantPrivilegesToAccountRoleOnAccountObjectArgs(
object_name="string",
object_type="string",
),
on_schema=snowflake.GrantPrivilegesToAccountRoleOnSchemaArgs(
all_schemas_in_database="string",
future_schemas_in_database="string",
schema_name="string",
),
on_schema_object=snowflake.GrantPrivilegesToAccountRoleOnSchemaObjectArgs(
all=snowflake.GrantPrivilegesToAccountRoleOnSchemaObjectAllArgs(
object_type_plural="string",
in_database="string",
in_schema="string",
),
future=snowflake.GrantPrivilegesToAccountRoleOnSchemaObjectFutureArgs(
object_type_plural="string",
in_database="string",
in_schema="string",
),
object_name="string",
object_type="string",
),
privileges=["string"],
with_grant_option=False)
const grantPrivilegesToAccountRoleResource = new snowflake.GrantPrivilegesToAccountRole("grantPrivilegesToAccountRoleResource", {
accountRoleName: "string",
allPrivileges: false,
alwaysApply: false,
alwaysApplyTrigger: "string",
onAccount: false,
onAccountObject: {
objectName: "string",
objectType: "string",
},
onSchema: {
allSchemasInDatabase: "string",
futureSchemasInDatabase: "string",
schemaName: "string",
},
onSchemaObject: {
all: {
objectTypePlural: "string",
inDatabase: "string",
inSchema: "string",
},
future: {
objectTypePlural: "string",
inDatabase: "string",
inSchema: "string",
},
objectName: "string",
objectType: "string",
},
privileges: ["string"],
withGrantOption: false,
});
type: snowflake:GrantPrivilegesToAccountRole
properties:
accountRoleName: string
allPrivileges: false
alwaysApply: false
alwaysApplyTrigger: string
onAccount: false
onAccountObject:
objectName: string
objectType: string
onSchema:
allSchemasInDatabase: string
futureSchemasInDatabase: string
schemaName: string
onSchemaObject:
all:
inDatabase: string
inSchema: string
objectTypePlural: string
future:
inDatabase: string
inSchema: string
objectTypePlural: string
objectName: string
objectType: string
privileges:
- string
withGrantOption: false
GrantPrivilegesToAccountRole Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The GrantPrivilegesToAccountRole resource accepts the following input properties:
- Account
Role stringName - The fully qualified name of the account role to which privileges will be granted.
- All
Privileges bool - Grant all privileges on the account role.
- Always
Apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- Always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- On
Account bool - If true, the privileges will be granted on the account.
- On
Account GrantObject Privileges To Account Role On Account Object - Specifies the account object on which privileges will be granted
- On
Schema GrantPrivileges To Account Role On Schema - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Account Role On Schema Object - Specifies the schema object on which privileges will be granted.
- Privileges List<string>
- The privileges to grant on the account role.
- With
Grant boolOption - Specifies whether the grantee can grant the privileges to other users.
- Account
Role stringName - The fully qualified name of the account role to which privileges will be granted.
- All
Privileges bool - Grant all privileges on the account role.
- Always
Apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- Always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- On
Account bool - If true, the privileges will be granted on the account.
- On
Account GrantObject Privileges To Account Role On Account Object Args - Specifies the account object on which privileges will be granted
- On
Schema GrantPrivileges To Account Role On Schema Args - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Account Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- Privileges []string
- The privileges to grant on the account role.
- With
Grant boolOption - Specifies whether the grantee can grant the privileges to other users.
- account
Role StringName - The fully qualified name of the account role to which privileges will be granted.
- all
Privileges Boolean - Grant all privileges on the account role.
- always
Apply Boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply StringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Account Boolean - If true, the privileges will be granted on the account.
- on
Account GrantObject Privileges To Account Role On Account Object - Specifies the account object on which privileges will be granted
- on
Schema GrantPrivileges To Account Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Account Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the account role.
- with
Grant BooleanOption - Specifies whether the grantee can grant the privileges to other users.
- account
Role stringName - The fully qualified name of the account role to which privileges will be granted.
- all
Privileges boolean - Grant all privileges on the account role.
- always
Apply boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Account boolean - If true, the privileges will be granted on the account.
- on
Account GrantObject Privileges To Account Role On Account Object - Specifies the account object on which privileges will be granted
- on
Schema GrantPrivileges To Account Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Account Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges string[]
- The privileges to grant on the account role.
- with
Grant booleanOption - Specifies whether the grantee can grant the privileges to other users.
- account_
role_ strname - The fully qualified name of the account role to which privileges will be granted.
- all_
privileges bool - Grant all privileges on the account role.
- always_
apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always_
apply_ strtrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on_
account bool - If true, the privileges will be granted on the account.
- on_
account_ Grantobject Privileges To Account Role On Account Object Args - Specifies the account object on which privileges will be granted
- on_
schema GrantPrivileges To Account Role On Schema Args - Specifies the schema on which privileges will be granted.
- on_
schema_ Grantobject Privileges To Account Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- privileges Sequence[str]
- The privileges to grant on the account role.
- with_
grant_ booloption - Specifies whether the grantee can grant the privileges to other users.
- account
Role StringName - The fully qualified name of the account role to which privileges will be granted.
- all
Privileges Boolean - Grant all privileges on the account role.
- always
Apply Boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply StringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Account Boolean - If true, the privileges will be granted on the account.
- on
Account Property MapObject - Specifies the account object on which privileges will be granted
- on
Schema Property Map - Specifies the schema on which privileges will be granted.
- on
Schema Property MapObject - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the account role.
- with
Grant BooleanOption - Specifies whether the grantee can grant the privileges to other users.
Outputs
All input properties are implicitly available as output properties. Additionally, the GrantPrivilegesToAccountRole resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing GrantPrivilegesToAccountRole Resource
Get an existing GrantPrivilegesToAccountRole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GrantPrivilegesToAccountRoleState, opts?: CustomResourceOptions): GrantPrivilegesToAccountRole@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_role_name: Optional[str] = None,
all_privileges: Optional[bool] = None,
always_apply: Optional[bool] = None,
always_apply_trigger: Optional[str] = None,
on_account: Optional[bool] = None,
on_account_object: Optional[GrantPrivilegesToAccountRoleOnAccountObjectArgs] = None,
on_schema: Optional[GrantPrivilegesToAccountRoleOnSchemaArgs] = None,
on_schema_object: Optional[GrantPrivilegesToAccountRoleOnSchemaObjectArgs] = None,
privileges: Optional[Sequence[str]] = None,
with_grant_option: Optional[bool] = None) -> GrantPrivilegesToAccountRolefunc GetGrantPrivilegesToAccountRole(ctx *Context, name string, id IDInput, state *GrantPrivilegesToAccountRoleState, opts ...ResourceOption) (*GrantPrivilegesToAccountRole, error)public static GrantPrivilegesToAccountRole Get(string name, Input<string> id, GrantPrivilegesToAccountRoleState? state, CustomResourceOptions? opts = null)public static GrantPrivilegesToAccountRole get(String name, Output<String> id, GrantPrivilegesToAccountRoleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Role stringName - The fully qualified name of the account role to which privileges will be granted.
- All
Privileges bool - Grant all privileges on the account role.
- Always
Apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- Always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- On
Account bool - If true, the privileges will be granted on the account.
- On
Account GrantObject Privileges To Account Role On Account Object - Specifies the account object on which privileges will be granted
- On
Schema GrantPrivileges To Account Role On Schema - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Account Role On Schema Object - Specifies the schema object on which privileges will be granted.
- Privileges List<string>
- The privileges to grant on the account role.
- With
Grant boolOption - Specifies whether the grantee can grant the privileges to other users.
- Account
Role stringName - The fully qualified name of the account role to which privileges will be granted.
- All
Privileges bool - Grant all privileges on the account role.
- Always
Apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- Always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- On
Account bool - If true, the privileges will be granted on the account.
- On
Account GrantObject Privileges To Account Role On Account Object Args - Specifies the account object on which privileges will be granted
- On
Schema GrantPrivileges To Account Role On Schema Args - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Account Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- Privileges []string
- The privileges to grant on the account role.
- With
Grant boolOption - Specifies whether the grantee can grant the privileges to other users.
- account
Role StringName - The fully qualified name of the account role to which privileges will be granted.
- all
Privileges Boolean - Grant all privileges on the account role.
- always
Apply Boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply StringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Account Boolean - If true, the privileges will be granted on the account.
- on
Account GrantObject Privileges To Account Role On Account Object - Specifies the account object on which privileges will be granted
- on
Schema GrantPrivileges To Account Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Account Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the account role.
- with
Grant BooleanOption - Specifies whether the grantee can grant the privileges to other users.
- account
Role stringName - The fully qualified name of the account role to which privileges will be granted.
- all
Privileges boolean - Grant all privileges on the account role.
- always
Apply boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Account boolean - If true, the privileges will be granted on the account.
- on
Account GrantObject Privileges To Account Role On Account Object - Specifies the account object on which privileges will be granted
- on
Schema GrantPrivileges To Account Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Account Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges string[]
- The privileges to grant on the account role.
- with
Grant booleanOption - Specifies whether the grantee can grant the privileges to other users.
- account_
role_ strname - The fully qualified name of the account role to which privileges will be granted.
- all_
privileges bool - Grant all privileges on the account role.
- always_
apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always_
apply_ strtrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on_
account bool - If true, the privileges will be granted on the account.
- on_
account_ Grantobject Privileges To Account Role On Account Object Args - Specifies the account object on which privileges will be granted
- on_
schema GrantPrivileges To Account Role On Schema Args - Specifies the schema on which privileges will be granted.
- on_
schema_ Grantobject Privileges To Account Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- privileges Sequence[str]
- The privileges to grant on the account role.
- with_
grant_ booloption - Specifies whether the grantee can grant the privileges to other users.
- account
Role StringName - The fully qualified name of the account role to which privileges will be granted.
- all
Privileges Boolean - Grant all privileges on the account role.
- always
Apply Boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply StringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Account Boolean - If true, the privileges will be granted on the account.
- on
Account Property MapObject - Specifies the account object on which privileges will be granted
- on
Schema Property Map - Specifies the schema on which privileges will be granted.
- on
Schema Property MapObject - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the account role.
- with
Grant BooleanOption - Specifies whether the grantee can grant the privileges to other users.
Supporting Types
GrantPrivilegesToAccountRoleOnAccountObject, GrantPrivilegesToAccountRoleOnAccountObjectArgs
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | COMPUTE POOL | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | COMPUTE POOL | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | COMPUTE POOL | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- object
Name string - The fully qualified name of the object on which privileges will be granted.
- object
Type string - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | COMPUTE POOL | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- object_
name str - The fully qualified name of the object on which privileges will be granted.
- object_
type str - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | COMPUTE POOL | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the account object on which privileges will be granted. Valid values are: USER | RESOURCE MONITOR | WAREHOUSE | COMPUTE POOL | DATABASE | INTEGRATION | FAILOVER GROUP | REPLICATION GROUP | EXTERNAL VOLUME
GrantPrivilegesToAccountRoleOnSchema, GrantPrivilegesToAccountRoleOnSchemaArgs
- All
Schemas stringIn Database - The fully qualified name of the database.
- Future
Schemas stringIn Database - The fully qualified name of the database.
- Schema
Name string - The fully qualified name of the schema.
- All
Schemas stringIn Database - The fully qualified name of the database.
- Future
Schemas stringIn Database - The fully qualified name of the database.
- Schema
Name string - The fully qualified name of the schema.
- all
Schemas StringIn Database - The fully qualified name of the database.
- future
Schemas StringIn Database - The fully qualified name of the database.
- schema
Name String - The fully qualified name of the schema.
- all
Schemas stringIn Database - The fully qualified name of the database.
- future
Schemas stringIn Database - The fully qualified name of the database.
- schema
Name string - The fully qualified name of the schema.
- all_
schemas_ strin_ database - The fully qualified name of the database.
- future_
schemas_ strin_ database - The fully qualified name of the database.
- schema_
name str - The fully qualified name of the schema.
- all
Schemas StringIn Database - The fully qualified name of the database.
- future
Schemas StringIn Database - The fully qualified name of the database.
- schema
Name String - The fully qualified name of the schema.
GrantPrivilegesToAccountRoleOnSchemaObject, GrantPrivilegesToAccountRoleOnSchemaObjectArgs
- All
Grant
Privileges To Account Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- Future
Grant
Privileges To Account Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- All
Grant
Privileges To Account Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- Future
Grant
Privileges To Account Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Account Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- future
Grant
Privileges To Account Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Account Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- future
Grant
Privileges To Account Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- object
Name string - The fully qualified name of the object on which privileges will be granted.
- object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Account Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- future
Grant
Privileges To Account Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- object_
name str - The fully qualified name of the object on which privileges will be granted.
- object_
type str - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all Property Map
- Configures the privilege to be granted on all objects in either a database or schema.
- future Property Map
- Configures the privilege to be granted on future objects in either a database or schema.
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
GrantPrivilegesToAccountRoleOnSchemaObjectAll, GrantPrivilegesToAccountRoleOnSchemaObjectAllArgs
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- In
Database string - In
Schema string
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- In
Database string - In
Schema string
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database String - in
Schema String
- object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database string - in
Schema string
- object_
type_ strplural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in_
database str - in_
schema str
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database String - in
Schema String
GrantPrivilegesToAccountRoleOnSchemaObjectFuture, GrantPrivilegesToAccountRoleOnSchemaObjectFutureArgs
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- In
Database string - In
Schema string
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- In
Database string - In
Schema string
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database String - in
Schema String
- object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database string - in
Schema string
- object_
type_ strplural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in_
database str - in_
schema str
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database String - in
Schema String
Package Details
- Repository
- Snowflake pulumi/pulumi-snowflake
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
snowflakeTerraform Provider.