Docs
PackagesSnowflake v0.52.0 published on Thursday, Apr 18, 2024 by Pulumi
snowflake.GrantPrivilegesToDatabaseRole
Explore with Pulumi AI
Note This is a preview resource. It’s ready for general use. In case of any errors, please file an issue in our GitHub repository.
!> Warning Be careful when using always_apply field. It will always produce a plan (even when no changes were made) and can be harmful in some setups. For more details why we decided to introduce it to go our document explaining those design decisions (coming soon).
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as snowflake from "@pulumi/snowflake";
const dbRole = new snowflake.DatabaseRole("dbRole", {database: "database"});
//#################################
//## on database privileges
//#################################
// list of privileges
const exampleGrantPrivilegesToDatabaseRole = new snowflake.GrantPrivilegesToDatabaseRole("exampleGrantPrivilegesToDatabaseRole", {
privileges: [
"CREATE",
"MONITOR",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onDatabase: dbRole.database,
});
// all privileges + grant option
const exampleIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole = new snowflake.GrantPrivilegesToDatabaseRole("exampleIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole", {
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onDatabase: dbRole.database,
allPrivileges: true,
withGrantOption: true,
});
// all privileges + grant option + always apply
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole", {
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onDatabase: dbRole.database,
alwaysApply: true,
allPrivileges: true,
withGrantOption: true,
});
//#################################
//## schema privileges
//#################################
// list of privileges
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1", {
privileges: [
"MODIFY",
"CREATE TABLE",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchema: {
schemaName: pulumi.interpolate`"${dbRole.database}"."my_schema"`,
},
});
// all privileges + grant option
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2", {
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchema: {
schemaName: pulumi.interpolate`"${dbRole.database}"."my_schema"`,
},
allPrivileges: true,
withGrantOption: true,
});
// all schemas in database
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3", {
privileges: [
"MODIFY",
"CREATE TABLE",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchema: {
allSchemasInDatabase: dbRole.database,
},
});
// future schemas in database
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4", {
privileges: [
"MODIFY",
"CREATE TABLE",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchema: {
futureSchemasInDatabase: dbRole.database,
},
});
//#################################
//## schema object privileges
//#################################
// list of privileges
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5", {
privileges: [
"SELECT",
"REFERENCES",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchemaObject: {
objectType: "VIEW",
objectName: pulumi.interpolate`"${dbRole.database}"."my_schema"."my_view"`,
},
});
// all privileges + grant option
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6", {
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchemaObject: {
objectType: "VIEW",
objectName: pulumi.interpolate`"${dbRole.database}"."my_schema"."my_view"`,
},
allPrivileges: true,
withGrantOption: true,
});
// all in database
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7", {
privileges: [
"SELECT",
"INSERT",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchemaObject: {
all: {
objectTypePlural: "TABLES",
inDatabase: dbRole.database,
},
},
});
// all in schema
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8", {
privileges: [
"SELECT",
"INSERT",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchemaObject: {
all: {
objectTypePlural: "TABLES",
inSchema: pulumi.interpolate`"${dbRole.database}"."my_schema"`,
},
},
});
// future in database
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9", {
privileges: [
"SELECT",
"INSERT",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchemaObject: {
future: {
objectTypePlural: "TABLES",
inDatabase: dbRole.database,
},
},
});
// future in schema
const exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10 = new snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10", {
privileges: [
"SELECT",
"INSERT",
],
databaseRoleName: pulumi.interpolate`"${dbRole.database}"."${dbRole.name}"`,
onSchemaObject: {
future: {
objectTypePlural: "TABLES",
inSchema: pulumi.interpolate`"${dbRole.database}"."my_schema"`,
},
},
});
import pulumi
import pulumi_snowflake as snowflake
db_role = snowflake.DatabaseRole("dbRole", database="database")
##################################
### on database privileges
##################################
# list of privileges
example_grant_privileges_to_database_role = snowflake.GrantPrivilegesToDatabaseRole("exampleGrantPrivilegesToDatabaseRole",
privileges=[
"CREATE",
"MONITOR",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_database=db_role.database)
# all privileges + grant option
example_index_grant_privileges_to_database_role_grant_privileges_to_database_role = snowflake.GrantPrivilegesToDatabaseRole("exampleIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole",
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_database=db_role.database,
all_privileges=True,
with_grant_option=True)
# all privileges + grant option + always apply
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole",
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_database=db_role.database,
always_apply=True,
all_privileges=True,
with_grant_option=True)
##################################
### schema privileges
##################################
# list of privileges
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role1 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1",
privileges=[
"MODIFY",
"CREATE TABLE",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs(
schema_name=db_role.database.apply(lambda database: f"\"{database}\".\"my_schema\""),
))
# all privileges + grant option
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role2 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2",
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs(
schema_name=db_role.database.apply(lambda database: f"\"{database}\".\"my_schema\""),
),
all_privileges=True,
with_grant_option=True)
# all schemas in database
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role3 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3",
privileges=[
"MODIFY",
"CREATE TABLE",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs(
all_schemas_in_database=db_role.database,
))
# future schemas in database
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role4 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4",
privileges=[
"MODIFY",
"CREATE TABLE",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs(
future_schemas_in_database=db_role.database,
))
##################################
### schema object privileges
##################################
# list of privileges
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role5 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5",
privileges=[
"SELECT",
"REFERENCES",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema_object=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs(
object_type="VIEW",
object_name=db_role.database.apply(lambda database: f"\"{database}\".\"my_schema\".\"my_view\""),
))
# all privileges + grant option
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role6 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6",
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema_object=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs(
object_type="VIEW",
object_name=db_role.database.apply(lambda database: f"\"{database}\".\"my_schema\".\"my_view\""),
),
all_privileges=True,
with_grant_option=True)
# all in database
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role7 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7",
privileges=[
"SELECT",
"INSERT",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema_object=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs(
all=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs(
object_type_plural="TABLES",
in_database=db_role.database,
),
))
# all in schema
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role8 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8",
privileges=[
"SELECT",
"INSERT",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema_object=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs(
all=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs(
object_type_plural="TABLES",
in_schema=db_role.database.apply(lambda database: f"\"{database}\".\"my_schema\""),
),
))
# future in database
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role9 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9",
privileges=[
"SELECT",
"INSERT",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema_object=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs(
future=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs(
object_type_plural="TABLES",
in_database=db_role.database,
),
))
# future in schema
example_snowflake_index_grant_privileges_to_database_role_grant_privileges_to_database_role10 = snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10",
privileges=[
"SELECT",
"INSERT",
],
database_role_name=pulumi.Output.all(db_role.database, db_role.name).apply(lambda database, name: f"\"{database}\".\"{name}\""),
on_schema_object=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs(
future=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs(
object_type_plural="TABLES",
in_schema=db_role.database.apply(lambda database: f"\"{database}\".\"my_schema\""),
),
))
package main
import (
"fmt"
"github.com/pulumi/pulumi-snowflake/sdk/go/snowflake"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
dbRole, err := snowflake.NewDatabaseRole(ctx, "dbRole", &snowflake.DatabaseRoleArgs{
Database: pulumi.String("database"),
})
if err != nil {
return err
}
// list of privileges
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleGrantPrivilegesToDatabaseRole", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("CREATE"),
pulumi.String("MONITOR"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnDatabase: dbRole.Database,
})
if err != nil {
return err
}
// all privileges + grant option
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnDatabase: dbRole.Database,
AllPrivileges: pulumi.Bool(true),
WithGrantOption: pulumi.Bool(true),
})
if err != nil {
return err
}
// all privileges + grant option + always apply
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnDatabase: dbRole.Database,
AlwaysApply: pulumi.Bool(true),
AllPrivileges: pulumi.Bool(true),
WithGrantOption: pulumi.Bool(true),
})
if err != nil {
return err
}
// list of privileges
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("MODIFY"),
pulumi.String("CREATE TABLE"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchema: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs{
SchemaName: dbRole.Database.ApplyT(func(database string) (string, error) {
return fmt.Sprintf("\"%v\".\"my_schema\"", database), nil
}).(pulumi.StringOutput),
},
})
if err != nil {
return err
}
// all privileges + grant option
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchema: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs{
SchemaName: dbRole.Database.ApplyT(func(database string) (string, error) {
return fmt.Sprintf("\"%v\".\"my_schema\"", database), nil
}).(pulumi.StringOutput),
},
AllPrivileges: pulumi.Bool(true),
WithGrantOption: pulumi.Bool(true),
})
if err != nil {
return err
}
// all schemas in database
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("MODIFY"),
pulumi.String("CREATE TABLE"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchema: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs{
AllSchemasInDatabase: dbRole.Database,
},
})
if err != nil {
return err
}
// future schemas in database
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("MODIFY"),
pulumi.String("CREATE TABLE"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchema: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs{
FutureSchemasInDatabase: dbRole.Database,
},
})
if err != nil {
return err
}
// list of privileges
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("REFERENCES"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchemaObject: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs{
ObjectType: pulumi.String("VIEW"),
ObjectName: dbRole.Database.ApplyT(func(database string) (string, error) {
return fmt.Sprintf("\"%v\".\"my_schema\".\"my_view\"", database), nil
}).(pulumi.StringOutput),
},
})
if err != nil {
return err
}
// all privileges + grant option
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchemaObject: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs{
ObjectType: pulumi.String("VIEW"),
ObjectName: dbRole.Database.ApplyT(func(database string) (string, error) {
return fmt.Sprintf("\"%v\".\"my_schema\".\"my_view\"", database), nil
}).(pulumi.StringOutput),
},
AllPrivileges: pulumi.Bool(true),
WithGrantOption: pulumi.Bool(true),
})
if err != nil {
return err
}
// all in database
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("INSERT"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchemaObject: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs{
All: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs{
ObjectTypePlural: pulumi.String("TABLES"),
InDatabase: dbRole.Database,
},
},
})
if err != nil {
return err
}
// all in schema
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("INSERT"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchemaObject: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs{
All: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs{
ObjectTypePlural: pulumi.String("TABLES"),
InSchema: dbRole.Database.ApplyT(func(database string) (string, error) {
return fmt.Sprintf("\"%v\".\"my_schema\"", database), nil
}).(pulumi.StringOutput),
},
},
})
if err != nil {
return err
}
// future in database
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("INSERT"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchemaObject: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs{
Future: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs{
ObjectTypePlural: pulumi.String("TABLES"),
InDatabase: dbRole.Database,
},
},
})
if err != nil {
return err
}
// future in schema
_, err = snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
pulumi.String("INSERT"),
},
DatabaseRoleName: pulumi.All(dbRole.Database, dbRole.Name).ApplyT(func(_args []interface{}) (string, error) {
database := _args[0].(string)
name := _args[1].(string)
return fmt.Sprintf("\"%v\".\"%v\"", database, name), nil
}).(pulumi.StringOutput),
OnSchemaObject: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs{
Future: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs{
ObjectTypePlural: pulumi.String("TABLES"),
InSchema: dbRole.Database.ApplyT(func(database string) (string, error) {
return fmt.Sprintf("\"%v\".\"my_schema\"", database), nil
}).(pulumi.StringOutput),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Snowflake = Pulumi.Snowflake;
return await Deployment.RunAsync(() =>
{
var dbRole = new Snowflake.DatabaseRole("dbRole", new()
{
Database = "database",
});
//#################################
//## on database privileges
//#################################
// list of privileges
var exampleGrantPrivilegesToDatabaseRole = new Snowflake.GrantPrivilegesToDatabaseRole("exampleGrantPrivilegesToDatabaseRole", new()
{
Privileges = new[]
{
"CREATE",
"MONITOR",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnDatabase = dbRole.Database,
});
// all privileges + grant option
var exampleIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole = new Snowflake.GrantPrivilegesToDatabaseRole("exampleIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole", new()
{
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnDatabase = dbRole.Database,
AllPrivileges = true,
WithGrantOption = true,
});
// all privileges + grant option + always apply
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole", new()
{
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnDatabase = dbRole.Database,
AlwaysApply = true,
AllPrivileges = true,
WithGrantOption = true,
});
//#################################
//## schema privileges
//#################################
// list of privileges
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1", new()
{
Privileges = new[]
{
"MODIFY",
"CREATE TABLE",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchema = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaArgs
{
SchemaName = dbRole.Database.Apply(database => $"\"{database}\".\"my_schema\""),
},
});
// all privileges + grant option
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2", new()
{
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchema = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaArgs
{
SchemaName = dbRole.Database.Apply(database => $"\"{database}\".\"my_schema\""),
},
AllPrivileges = true,
WithGrantOption = true,
});
// all schemas in database
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3", new()
{
Privileges = new[]
{
"MODIFY",
"CREATE TABLE",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchema = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaArgs
{
AllSchemasInDatabase = dbRole.Database,
},
});
// future schemas in database
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4", new()
{
Privileges = new[]
{
"MODIFY",
"CREATE TABLE",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchema = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaArgs
{
FutureSchemasInDatabase = dbRole.Database,
},
});
//#################################
//## schema object privileges
//#################################
// list of privileges
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5", new()
{
Privileges = new[]
{
"SELECT",
"REFERENCES",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs
{
ObjectType = "VIEW",
ObjectName = dbRole.Database.Apply(database => $"\"{database}\".\"my_schema\".\"my_view\""),
},
});
// all privileges + grant option
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6", new()
{
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs
{
ObjectType = "VIEW",
ObjectName = dbRole.Database.Apply(database => $"\"{database}\".\"my_schema\".\"my_view\""),
},
AllPrivileges = true,
WithGrantOption = true,
});
// all in database
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7", new()
{
Privileges = new[]
{
"SELECT",
"INSERT",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs
{
All = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs
{
ObjectTypePlural = "TABLES",
InDatabase = dbRole.Database,
},
},
});
// all in schema
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8", new()
{
Privileges = new[]
{
"SELECT",
"INSERT",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs
{
All = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs
{
ObjectTypePlural = "TABLES",
InSchema = dbRole.Database.Apply(database => $"\"{database}\".\"my_schema\""),
},
},
});
// future in database
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9", new()
{
Privileges = new[]
{
"SELECT",
"INSERT",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs
{
Future = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs
{
ObjectTypePlural = "TABLES",
InDatabase = dbRole.Database,
},
},
});
// future in schema
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10 = new Snowflake.GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10", new()
{
Privileges = new[]
{
"SELECT",
"INSERT",
},
DatabaseRoleName = Output.Tuple(dbRole.Database, dbRole.Name).Apply(values =>
{
var database = values.Item1;
var name = values.Item2;
return $"\"{database}\".\"{name}\"";
}),
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs
{
Future = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs
{
ObjectTypePlural = "TABLES",
InSchema = dbRole.Database.Apply(database => $"\"{database}\".\"my_schema\""),
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.snowflake.DatabaseRole;
import com.pulumi.snowflake.DatabaseRoleArgs;
import com.pulumi.snowflake.GrantPrivilegesToDatabaseRole;
import com.pulumi.snowflake.GrantPrivilegesToDatabaseRoleArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToDatabaseRoleOnSchemaArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs;
import com.pulumi.snowflake.inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var dbRole = new DatabaseRole("dbRole", DatabaseRoleArgs.builder()
.database("database")
.build());
//#################################
//## on database privileges
//#################################
// list of privileges
var exampleGrantPrivilegesToDatabaseRole = new GrantPrivilegesToDatabaseRole("exampleGrantPrivilegesToDatabaseRole", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"CREATE",
"MONITOR")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onDatabase(dbRole.database())
.build());
// all privileges + grant option
var exampleIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole = new GrantPrivilegesToDatabaseRole("exampleIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole", GrantPrivilegesToDatabaseRoleArgs.builder()
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onDatabase(dbRole.database())
.allPrivileges(true)
.withGrantOption(true)
.build());
// all privileges + grant option + always apply
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole", GrantPrivilegesToDatabaseRoleArgs.builder()
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onDatabase(dbRole.database())
.alwaysApply(true)
.allPrivileges(true)
.withGrantOption(true)
.build());
//#################################
//## schema privileges
//#################################
// list of privileges
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"MODIFY",
"CREATE TABLE")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchema(GrantPrivilegesToDatabaseRoleOnSchemaArgs.builder()
.schemaName(dbRole.database().applyValue(database -> String.format("\"%s\".\"my_schema\"", database)))
.build())
.build());
// all privileges + grant option
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2", GrantPrivilegesToDatabaseRoleArgs.builder()
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchema(GrantPrivilegesToDatabaseRoleOnSchemaArgs.builder()
.schemaName(dbRole.database().applyValue(database -> String.format("\"%s\".\"my_schema\"", database)))
.build())
.allPrivileges(true)
.withGrantOption(true)
.build());
// all schemas in database
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"MODIFY",
"CREATE TABLE")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchema(GrantPrivilegesToDatabaseRoleOnSchemaArgs.builder()
.allSchemasInDatabase(dbRole.database())
.build())
.build());
// future schemas in database
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"MODIFY",
"CREATE TABLE")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchema(GrantPrivilegesToDatabaseRoleOnSchemaArgs.builder()
.futureSchemasInDatabase(dbRole.database())
.build())
.build());
//#################################
//## schema object privileges
//#################################
// list of privileges
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"SELECT",
"REFERENCES")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchemaObject(GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs.builder()
.objectType("VIEW")
.objectName(dbRole.database().applyValue(database -> String.format("\"%s\".\"my_schema\".\"my_view\"", database)))
.build())
.build());
// all privileges + grant option
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6", GrantPrivilegesToDatabaseRoleArgs.builder()
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchemaObject(GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs.builder()
.objectType("VIEW")
.objectName(dbRole.database().applyValue(database -> String.format("\"%s\".\"my_schema\".\"my_view\"", database)))
.build())
.allPrivileges(true)
.withGrantOption(true)
.build());
// all in database
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"SELECT",
"INSERT")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchemaObject(GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs.builder()
.all(GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs.builder()
.objectTypePlural("TABLES")
.inDatabase(dbRole.database())
.build())
.build())
.build());
// all in schema
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"SELECT",
"INSERT")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchemaObject(GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs.builder()
.all(GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs.builder()
.objectTypePlural("TABLES")
.inSchema(dbRole.database().applyValue(database -> String.format("\"%s\".\"my_schema\"", database)))
.build())
.build())
.build());
// future in database
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"SELECT",
"INSERT")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchemaObject(GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs.builder()
.future(GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs.builder()
.objectTypePlural("TABLES")
.inDatabase(dbRole.database())
.build())
.build())
.build());
// future in schema
var exampleSnowflakeIndex_grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10 = new GrantPrivilegesToDatabaseRole("exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10", GrantPrivilegesToDatabaseRoleArgs.builder()
.privileges(
"SELECT",
"INSERT")
.databaseRoleName(Output.tuple(dbRole.database(), dbRole.name()).applyValue(values -> {
var database = values.t1;
var name = values.t2;
return String.format("\"%s\".\"%s\"", database,name);
}))
.onSchemaObject(GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs.builder()
.future(GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs.builder()
.objectTypePlural("TABLES")
.inSchema(dbRole.database().applyValue(database -> String.format("\"%s\".\"my_schema\"", database)))
.build())
.build())
.build());
}
}
resources:
dbRole: ##################################
### on database privileges
##################################
type: snowflake:DatabaseRole
properties:
database: database
# list of privileges
exampleGrantPrivilegesToDatabaseRole:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- CREATE
- MONITOR
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onDatabase: ${dbRole.database}
# all privileges + grant option
exampleIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onDatabase: ${dbRole.database}
allPrivileges: true
withGrantOption: true
# all privileges + grant option + always apply
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole: ##################################
### schema privileges
##################################
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onDatabase: ${dbRole.database}
alwaysApply: true
allPrivileges: true
withGrantOption: true
# list of privileges
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole1:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- MODIFY
- CREATE TABLE
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchema:
schemaName: '"${dbRole.database}"."my_schema"'
# all privileges + grant option
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole2:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchema:
schemaName: '"${dbRole.database}"."my_schema"'
allPrivileges: true
withGrantOption: true
# all schemas in database
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole3:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- MODIFY
- CREATE TABLE
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchema:
allSchemasInDatabase: ${dbRole.database}
# future schemas in database
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole4: ##################################
### schema object privileges
##################################
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- MODIFY
- CREATE TABLE
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchema:
futureSchemasInDatabase: ${dbRole.database}
# list of privileges
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole5:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- SELECT
- REFERENCES
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchemaObject:
objectType: VIEW
objectName: '"${dbRole.database}"."my_schema"."my_view"'
# all privileges + grant option
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole6:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchemaObject:
objectType: VIEW
objectName: '"${dbRole.database}"."my_schema"."my_view"'
allPrivileges: true
withGrantOption: true
# all in database
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole7:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- SELECT
- INSERT
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchemaObject:
all:
objectTypePlural: TABLES
inDatabase: ${dbRole.database}
# all in schema
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole8:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- SELECT
- INSERT
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchemaObject:
all:
objectTypePlural: TABLES
inSchema: '"${dbRole.database}"."my_schema"'
# future in database
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole9:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- SELECT
- INSERT
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchemaObject:
future:
objectTypePlural: TABLES
inDatabase: ${dbRole.database}
# future in schema
exampleSnowflakeIndex/grantPrivilegesToDatabaseRoleGrantPrivilegesToDatabaseRole10:
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
privileges:
- SELECT
- INSERT
databaseRoleName: '"${dbRole.database}"."${dbRole.name}"'
onSchemaObject:
future:
objectTypePlural: TABLES
inSchema: '"${dbRole.database}"."my_schema"'
Create GrantPrivilegesToDatabaseRole Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GrantPrivilegesToDatabaseRole(name: string, args: GrantPrivilegesToDatabaseRoleArgs, opts?: CustomResourceOptions);@overload
def GrantPrivilegesToDatabaseRole(resource_name: str,
args: GrantPrivilegesToDatabaseRoleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GrantPrivilegesToDatabaseRole(resource_name: str,
opts: Optional[ResourceOptions] = None,
database_role_name: Optional[str] = None,
all_privileges: Optional[bool] = None,
always_apply: Optional[bool] = None,
always_apply_trigger: Optional[str] = None,
on_database: Optional[str] = None,
on_schema: Optional[GrantPrivilegesToDatabaseRoleOnSchemaArgs] = None,
on_schema_object: Optional[GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs] = None,
privileges: Optional[Sequence[str]] = None,
with_grant_option: Optional[bool] = None)func NewGrantPrivilegesToDatabaseRole(ctx *Context, name string, args GrantPrivilegesToDatabaseRoleArgs, opts ...ResourceOption) (*GrantPrivilegesToDatabaseRole, error)public GrantPrivilegesToDatabaseRole(string name, GrantPrivilegesToDatabaseRoleArgs args, CustomResourceOptions? opts = null)
public GrantPrivilegesToDatabaseRole(String name, GrantPrivilegesToDatabaseRoleArgs args)
public GrantPrivilegesToDatabaseRole(String name, GrantPrivilegesToDatabaseRoleArgs args, CustomResourceOptions options)
type: snowflake:GrantPrivilegesToDatabaseRole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GrantPrivilegesToDatabaseRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GrantPrivilegesToDatabaseRoleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GrantPrivilegesToDatabaseRoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GrantPrivilegesToDatabaseRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GrantPrivilegesToDatabaseRoleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var grantPrivilegesToDatabaseRoleResource = new Snowflake.GrantPrivilegesToDatabaseRole("grantPrivilegesToDatabaseRoleResource", new()
{
DatabaseRoleName = "string",
AllPrivileges = false,
AlwaysApply = false,
AlwaysApplyTrigger = "string",
OnDatabase = "string",
OnSchema = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaArgs
{
AllSchemasInDatabase = "string",
FutureSchemasInDatabase = "string",
SchemaName = "string",
},
OnSchemaObject = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs
{
All = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs
{
ObjectTypePlural = "string",
InDatabase = "string",
InSchema = "string",
},
Future = new Snowflake.Inputs.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs
{
ObjectTypePlural = "string",
InDatabase = "string",
InSchema = "string",
},
ObjectName = "string",
ObjectType = "string",
},
Privileges = new[]
{
"string",
},
WithGrantOption = false,
});
example, err := snowflake.NewGrantPrivilegesToDatabaseRole(ctx, "grantPrivilegesToDatabaseRoleResource", &snowflake.GrantPrivilegesToDatabaseRoleArgs{
DatabaseRoleName: pulumi.String("string"),
AllPrivileges: pulumi.Bool(false),
AlwaysApply: pulumi.Bool(false),
AlwaysApplyTrigger: pulumi.String("string"),
OnDatabase: pulumi.String("string"),
OnSchema: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs{
AllSchemasInDatabase: pulumi.String("string"),
FutureSchemasInDatabase: pulumi.String("string"),
SchemaName: pulumi.String("string"),
},
OnSchemaObject: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs{
All: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs{
ObjectTypePlural: pulumi.String("string"),
InDatabase: pulumi.String("string"),
InSchema: pulumi.String("string"),
},
Future: &snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs{
ObjectTypePlural: pulumi.String("string"),
InDatabase: pulumi.String("string"),
InSchema: pulumi.String("string"),
},
ObjectName: pulumi.String("string"),
ObjectType: pulumi.String("string"),
},
Privileges: pulumi.StringArray{
pulumi.String("string"),
},
WithGrantOption: pulumi.Bool(false),
})
var grantPrivilegesToDatabaseRoleResource = new GrantPrivilegesToDatabaseRole("grantPrivilegesToDatabaseRoleResource", GrantPrivilegesToDatabaseRoleArgs.builder()
.databaseRoleName("string")
.allPrivileges(false)
.alwaysApply(false)
.alwaysApplyTrigger("string")
.onDatabase("string")
.onSchema(GrantPrivilegesToDatabaseRoleOnSchemaArgs.builder()
.allSchemasInDatabase("string")
.futureSchemasInDatabase("string")
.schemaName("string")
.build())
.onSchemaObject(GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs.builder()
.all(GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs.builder()
.objectTypePlural("string")
.inDatabase("string")
.inSchema("string")
.build())
.future(GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs.builder()
.objectTypePlural("string")
.inDatabase("string")
.inSchema("string")
.build())
.objectName("string")
.objectType("string")
.build())
.privileges("string")
.withGrantOption(false)
.build());
grant_privileges_to_database_role_resource = snowflake.GrantPrivilegesToDatabaseRole("grantPrivilegesToDatabaseRoleResource",
database_role_name="string",
all_privileges=False,
always_apply=False,
always_apply_trigger="string",
on_database="string",
on_schema=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaArgs(
all_schemas_in_database="string",
future_schemas_in_database="string",
schema_name="string",
),
on_schema_object=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs(
all=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs(
object_type_plural="string",
in_database="string",
in_schema="string",
),
future=snowflake.GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs(
object_type_plural="string",
in_database="string",
in_schema="string",
),
object_name="string",
object_type="string",
),
privileges=["string"],
with_grant_option=False)
const grantPrivilegesToDatabaseRoleResource = new snowflake.GrantPrivilegesToDatabaseRole("grantPrivilegesToDatabaseRoleResource", {
databaseRoleName: "string",
allPrivileges: false,
alwaysApply: false,
alwaysApplyTrigger: "string",
onDatabase: "string",
onSchema: {
allSchemasInDatabase: "string",
futureSchemasInDatabase: "string",
schemaName: "string",
},
onSchemaObject: {
all: {
objectTypePlural: "string",
inDatabase: "string",
inSchema: "string",
},
future: {
objectTypePlural: "string",
inDatabase: "string",
inSchema: "string",
},
objectName: "string",
objectType: "string",
},
privileges: ["string"],
withGrantOption: false,
});
type: snowflake:GrantPrivilegesToDatabaseRole
properties:
allPrivileges: false
alwaysApply: false
alwaysApplyTrigger: string
databaseRoleName: string
onDatabase: string
onSchema:
allSchemasInDatabase: string
futureSchemasInDatabase: string
schemaName: string
onSchemaObject:
all:
inDatabase: string
inSchema: string
objectTypePlural: string
future:
inDatabase: string
inSchema: string
objectTypePlural: string
objectName: string
objectType: string
privileges:
- string
withGrantOption: false
GrantPrivilegesToDatabaseRole Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The GrantPrivilegesToDatabaseRole resource accepts the following input properties:
- Database
Role stringName - The fully qualified name of the database role to which privileges will be granted.
- All
Privileges bool - Grant all privileges on the database role.
- Always
Apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- Always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- On
Database string - The fully qualified name of the database on which privileges will be granted.
- On
Schema GrantPrivileges To Database Role On Schema - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Database Role On Schema Object - Specifies the schema object on which privileges will be granted.
- Privileges List<string>
- The privileges to grant on the database role.
- With
Grant boolOption - If specified, allows the recipient role to grant the privileges to other roles.
- Database
Role stringName - The fully qualified name of the database role to which privileges will be granted.
- All
Privileges bool - Grant all privileges on the database role.
- Always
Apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- Always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- On
Database string - The fully qualified name of the database on which privileges will be granted.
- On
Schema GrantPrivileges To Database Role On Schema Args - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Database Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- Privileges []string
- The privileges to grant on the database role.
- With
Grant boolOption - If specified, allows the recipient role to grant the privileges to other roles.
- database
Role StringName - The fully qualified name of the database role to which privileges will be granted.
- all
Privileges Boolean - Grant all privileges on the database role.
- always
Apply Boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply StringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Database String - The fully qualified name of the database on which privileges will be granted.
- on
Schema GrantPrivileges To Database Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Database Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the database role.
- with
Grant BooleanOption - If specified, allows the recipient role to grant the privileges to other roles.
- database
Role stringName - The fully qualified name of the database role to which privileges will be granted.
- all
Privileges boolean - Grant all privileges on the database role.
- always
Apply boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Database string - The fully qualified name of the database on which privileges will be granted.
- on
Schema GrantPrivileges To Database Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Database Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges string[]
- The privileges to grant on the database role.
- with
Grant booleanOption - If specified, allows the recipient role to grant the privileges to other roles.
- database_
role_ strname - The fully qualified name of the database role to which privileges will be granted.
- all_
privileges bool - Grant all privileges on the database role.
- always_
apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always_
apply_ strtrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on_
database str - The fully qualified name of the database on which privileges will be granted.
- on_
schema GrantPrivileges To Database Role On Schema Args - Specifies the schema on which privileges will be granted.
- on_
schema_ Grantobject Privileges To Database Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- privileges Sequence[str]
- The privileges to grant on the database role.
- with_
grant_ booloption - If specified, allows the recipient role to grant the privileges to other roles.
- database
Role StringName - The fully qualified name of the database role to which privileges will be granted.
- all
Privileges Boolean - Grant all privileges on the database role.
- always
Apply Boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply StringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- on
Database String - The fully qualified name of the database on which privileges will be granted.
- on
Schema Property Map - Specifies the schema on which privileges will be granted.
- on
Schema Property MapObject - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the database role.
- with
Grant BooleanOption - If specified, allows the recipient role to grant the privileges to other roles.
Outputs
All input properties are implicitly available as output properties. Additionally, the GrantPrivilegesToDatabaseRole resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing GrantPrivilegesToDatabaseRole Resource
Get an existing GrantPrivilegesToDatabaseRole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GrantPrivilegesToDatabaseRoleState, opts?: CustomResourceOptions): GrantPrivilegesToDatabaseRole@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
all_privileges: Optional[bool] = None,
always_apply: Optional[bool] = None,
always_apply_trigger: Optional[str] = None,
database_role_name: Optional[str] = None,
on_database: Optional[str] = None,
on_schema: Optional[GrantPrivilegesToDatabaseRoleOnSchemaArgs] = None,
on_schema_object: Optional[GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs] = None,
privileges: Optional[Sequence[str]] = None,
with_grant_option: Optional[bool] = None) -> GrantPrivilegesToDatabaseRolefunc GetGrantPrivilegesToDatabaseRole(ctx *Context, name string, id IDInput, state *GrantPrivilegesToDatabaseRoleState, opts ...ResourceOption) (*GrantPrivilegesToDatabaseRole, error)public static GrantPrivilegesToDatabaseRole Get(string name, Input<string> id, GrantPrivilegesToDatabaseRoleState? state, CustomResourceOptions? opts = null)public static GrantPrivilegesToDatabaseRole get(String name, Output<String> id, GrantPrivilegesToDatabaseRoleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- All
Privileges bool - Grant all privileges on the database role.
- Always
Apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- Always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- Database
Role stringName - The fully qualified name of the database role to which privileges will be granted.
- On
Database string - The fully qualified name of the database on which privileges will be granted.
- On
Schema GrantPrivileges To Database Role On Schema - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Database Role On Schema Object - Specifies the schema object on which privileges will be granted.
- Privileges List<string>
- The privileges to grant on the database role.
- With
Grant boolOption - If specified, allows the recipient role to grant the privileges to other roles.
- All
Privileges bool - Grant all privileges on the database role.
- Always
Apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- Always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- Database
Role stringName - The fully qualified name of the database role to which privileges will be granted.
- On
Database string - The fully qualified name of the database on which privileges will be granted.
- On
Schema GrantPrivileges To Database Role On Schema Args - Specifies the schema on which privileges will be granted.
- On
Schema GrantObject Privileges To Database Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- Privileges []string
- The privileges to grant on the database role.
- With
Grant boolOption - If specified, allows the recipient role to grant the privileges to other roles.
- all
Privileges Boolean - Grant all privileges on the database role.
- always
Apply Boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply StringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- database
Role StringName - The fully qualified name of the database role to which privileges will be granted.
- on
Database String - The fully qualified name of the database on which privileges will be granted.
- on
Schema GrantPrivileges To Database Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Database Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the database role.
- with
Grant BooleanOption - If specified, allows the recipient role to grant the privileges to other roles.
- all
Privileges boolean - Grant all privileges on the database role.
- always
Apply boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply stringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- database
Role stringName - The fully qualified name of the database role to which privileges will be granted.
- on
Database string - The fully qualified name of the database on which privileges will be granted.
- on
Schema GrantPrivileges To Database Role On Schema - Specifies the schema on which privileges will be granted.
- on
Schema GrantObject Privileges To Database Role On Schema Object - Specifies the schema object on which privileges will be granted.
- privileges string[]
- The privileges to grant on the database role.
- with
Grant booleanOption - If specified, allows the recipient role to grant the privileges to other roles.
- all_
privileges bool - Grant all privileges on the database role.
- always_
apply bool - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always_
apply_ strtrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- database_
role_ strname - The fully qualified name of the database role to which privileges will be granted.
- on_
database str - The fully qualified name of the database on which privileges will be granted.
- on_
schema GrantPrivileges To Database Role On Schema Args - Specifies the schema on which privileges will be granted.
- on_
schema_ Grantobject Privileges To Database Role On Schema Object Args - Specifies the schema object on which privileges will be granted.
- privileges Sequence[str]
- The privileges to grant on the database role.
- with_
grant_ booloption - If specified, allows the recipient role to grant the privileges to other roles.
- all
Privileges Boolean - Grant all privileges on the database role.
- always
Apply Boolean - If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions of the config being eventually convergent (producing an empty plan).
- always
Apply StringTrigger - This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
- database
Role StringName - The fully qualified name of the database role to which privileges will be granted.
- on
Database String - The fully qualified name of the database on which privileges will be granted.
- on
Schema Property Map - Specifies the schema on which privileges will be granted.
- on
Schema Property MapObject - Specifies the schema object on which privileges will be granted.
- privileges List<String>
- The privileges to grant on the database role.
- with
Grant BooleanOption - If specified, allows the recipient role to grant the privileges to other roles.
Supporting Types
GrantPrivilegesToDatabaseRoleOnSchema, GrantPrivilegesToDatabaseRoleOnSchemaArgs
- All
Schemas stringIn Database - The fully qualified name of the database.
- Future
Schemas stringIn Database - The fully qualified name of the database.
- Schema
Name string - The fully qualified name of the schema.
- All
Schemas stringIn Database - The fully qualified name of the database.
- Future
Schemas stringIn Database - The fully qualified name of the database.
- Schema
Name string - The fully qualified name of the schema.
- all
Schemas StringIn Database - The fully qualified name of the database.
- future
Schemas StringIn Database - The fully qualified name of the database.
- schema
Name String - The fully qualified name of the schema.
- all
Schemas stringIn Database - The fully qualified name of the database.
- future
Schemas stringIn Database - The fully qualified name of the database.
- schema
Name string - The fully qualified name of the schema.
- all_
schemas_ strin_ database - The fully qualified name of the database.
- future_
schemas_ strin_ database - The fully qualified name of the database.
- schema_
name str - The fully qualified name of the schema.
- all
Schemas StringIn Database - The fully qualified name of the database.
- future
Schemas StringIn Database - The fully qualified name of the database.
- schema
Name String - The fully qualified name of the schema.
GrantPrivilegesToDatabaseRoleOnSchemaObject, GrantPrivilegesToDatabaseRoleOnSchemaObjectArgs
- All
Grant
Privileges To Database Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- Future
Grant
Privileges To Database Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- All
Grant
Privileges To Database Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- Future
Grant
Privileges To Database Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- Object
Name string - The fully qualified name of the object on which privileges will be granted.
- Object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Database Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- future
Grant
Privileges To Database Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Database Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- future
Grant
Privileges To Database Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- object
Name string - The fully qualified name of the object on which privileges will be granted.
- object
Type string - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all
Grant
Privileges To Database Role On Schema Object All - Configures the privilege to be granted on all objects in either a database or schema.
- future
Grant
Privileges To Database Role On Schema Object Future - Configures the privilege to be granted on future objects in either a database or schema.
- object_
name str - The fully qualified name of the object on which privileges will be granted.
- object_
type str - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
- all Property Map
- Configures the privilege to be granted on all objects in either a database or schema.
- future Property Map
- Configures the privilege to be granted on future objects in either a database or schema.
- object
Name String - The fully qualified name of the object on which privileges will be granted.
- object
Type String - The object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICY | ALERT | AUTHENTICATION POLICY | DATA METRIC FUNCTION | DYNAMIC TABLE | EVENT TABLE | EXTERNAL TABLE | FILE FORMAT | FUNCTION | GIT REPOSITORY | HYBRID TABLE | IMAGE REPOSITORY | ICEBERG TABLE | MASKING POLICY | MATERIALIZED VIEW | MODEL | NETWORK RULE | PACKAGES POLICY | PASSWORD POLICY | PIPE | PROCEDURE | PROJECTION POLICY | ROW ACCESS POLICY | SECRET | SERVICE | SESSION POLICY | SEQUENCE | STAGE | STREAM | TABLE | TAG | TASK | VIEW | STREAMLIT
GrantPrivilegesToDatabaseRoleOnSchemaObjectAll, GrantPrivilegesToDatabaseRoleOnSchemaObjectAllArgs
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- In
Database string - The fully qualified name of the database.
- In
Schema string - The fully qualified name of the schema.
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- In
Database string - The fully qualified name of the database.
- In
Schema string - The fully qualified name of the schema.
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database String - The fully qualified name of the database.
- in
Schema String - The fully qualified name of the schema.
- object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database string - The fully qualified name of the database.
- in
Schema string - The fully qualified name of the schema.
- object_
type_ strplural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in_
database str - The fully qualified name of the database.
- in_
schema str - The fully qualified name of the schema.
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database String - The fully qualified name of the database.
- in
Schema String - The fully qualified name of the schema.
GrantPrivilegesToDatabaseRoleOnSchemaObjectFuture, GrantPrivilegesToDatabaseRoleOnSchemaObjectFutureArgs
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- In
Database string - The fully qualified name of the database.
- In
Schema string - The fully qualified name of the schema.
- Object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- In
Database string - The fully qualified name of the database.
- In
Schema string - The fully qualified name of the schema.
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database String - The fully qualified name of the database.
- in
Schema String - The fully qualified name of the schema.
- object
Type stringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database string - The fully qualified name of the database.
- in
Schema string - The fully qualified name of the schema.
- object_
type_ strplural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in_
database str - The fully qualified name of the database.
- in_
schema str - The fully qualified name of the schema.
- object
Type StringPlural - The plural object type of the schema object on which privileges will be granted. Valid values are: AGGREGATION POLICIES | ALERTS | AUTHENTICATION POLICIES | DATA METRIC FUNCTIONS | DYNAMIC TABLES | EVENT TABLES | EXTERNAL TABLES | FILE FORMATS | FUNCTIONS | GIT REPOSITORIES | HYBRID TABLES | IMAGE REPOSITORIES | ICEBERG TABLES | MASKING POLICIES | MATERIALIZED VIEWS | MODELS | NETWORK RULES | PACKAGES POLICIES | PASSWORD POLICIES | PIPES | PROCEDURES | PROJECTION POLICIES | ROW ACCESS POLICIES | SECRETS | SERVICES | SESSION POLICIES | SEQUENCES | STAGES | STREAMS | TABLES | TAGS | TASKS | VIEWS | STREAMLITS.
- in
Database String - The fully qualified name of the database.
- in
Schema String - The fully qualified name of the schema.
Import
Import examples
Grant all privileges OnDatabase
$ pulumi import snowflake:index/grantPrivilegesToDatabaseRole:GrantPrivilegesToDatabaseRole \"test_db_role\"|false|false|ALL|OnDatabase|\"test_db\""`
Grant list of privileges OnAllSchemasInDatabase
$ pulumi import snowflake:index/grantPrivilegesToDatabaseRole:GrantPrivilegesToDatabaseRole \"test_db_role\"|false|false|CREATE TAG,CREATE TABLE|OnSchema|OnAllSchemasInDatabase|\"test_db\""`
Grant list of privileges on table
$ pulumi import snowflake:index/grantPrivilegesToDatabaseRole:GrantPrivilegesToDatabaseRole \"test_table\""`
Grant list of privileges OnAll tables in schema
$ pulumi import snowflake:index/grantPrivilegesToDatabaseRole:GrantPrivilegesToDatabaseRole \"test_schema\""`
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Snowflake pulumi/pulumi-snowflake
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
snowflakeTerraform Provider.