Snowflake v0.52.0, Apr 18 24

Snowflake v0.52.0 published on Thursday, Apr 18, 2024 by Pulumi

snowflake.RowAccessPolicy

Explore with Pulumi AI

Snowflake v0.52.0 published on Thursday, Apr 18, 2024 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as snowflake from "@pulumi/snowflake";

const exampleRowAccessPolicy = new snowflake.RowAccessPolicy("exampleRowAccessPolicy", {
    database: "EXAMPLE_DB",
    rowAccessExpression: "case when current_role() in ('ANALYST') then true else false end",
    schema: "EXAMPLE_SCHEMA",
    signature: {
        A: "VARCHAR",
        B: "VARCHAR",
    },
});

import pulumi
import pulumi_snowflake as snowflake

example_row_access_policy = snowflake.RowAccessPolicy("exampleRowAccessPolicy",
    database="EXAMPLE_DB",
    row_access_expression="case when current_role() in ('ANALYST') then true else false end",
    schema="EXAMPLE_SCHEMA",
    signature={
        "A": "VARCHAR",
        "B": "VARCHAR",
    })

package main

import (
	"github.com/pulumi/pulumi-snowflake/sdk/go/snowflake"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := snowflake.NewRowAccessPolicy(ctx, "exampleRowAccessPolicy", &snowflake.RowAccessPolicyArgs{
			Database:            pulumi.String("EXAMPLE_DB"),
			RowAccessExpression: pulumi.String("case when current_role() in ('ANALYST') then true else false end"),
			Schema:              pulumi.String("EXAMPLE_SCHEMA"),
			Signature: pulumi.StringMap{
				"A": pulumi.String("VARCHAR"),
				"B": pulumi.String("VARCHAR"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Snowflake = Pulumi.Snowflake;

return await Deployment.RunAsync(() => 
{
    var exampleRowAccessPolicy = new Snowflake.RowAccessPolicy("exampleRowAccessPolicy", new()
    {
        Database = "EXAMPLE_DB",
        RowAccessExpression = "case when current_role() in ('ANALYST') then true else false end",
        Schema = "EXAMPLE_SCHEMA",
        Signature = 
        {
            { "A", "VARCHAR" },
            { "B", "VARCHAR" },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.snowflake.RowAccessPolicy;
import com.pulumi.snowflake.RowAccessPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleRowAccessPolicy = new RowAccessPolicy("exampleRowAccessPolicy", RowAccessPolicyArgs.builder()        
            .database("EXAMPLE_DB")
            .rowAccessExpression("case when current_role() in ('ANALYST') then true else false end")
            .schema("EXAMPLE_SCHEMA")
            .signature(Map.ofEntries(
                Map.entry("A", "VARCHAR"),
                Map.entry("B", "VARCHAR")
            ))
            .build());

    }
}

resources:
  exampleRowAccessPolicy:
    type: snowflake:RowAccessPolicy
    properties:
      database: EXAMPLE_DB
      rowAccessExpression: case when current_role() in ('ANALYST') then true else false end
      schema: EXAMPLE_SCHEMA
      signature:
        A: VARCHAR
        B: VARCHAR

Create RowAccessPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new RowAccessPolicy(name: string, args: RowAccessPolicyArgs, opts?: CustomResourceOptions);

@overload
def RowAccessPolicy(resource_name: str,
                    args: RowAccessPolicyArgs,
                    opts: Optional[ResourceOptions] = None)

@overload
def RowAccessPolicy(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    database: Optional[str] = None,
                    row_access_expression: Optional[str] = None,
                    schema: Optional[str] = None,
                    signature: Optional[Mapping[str, str]] = None,
                    comment: Optional[str] = None,
                    name: Optional[str] = None)

func NewRowAccessPolicy(ctx *Context, name string, args RowAccessPolicyArgs, opts ...ResourceOption) (*RowAccessPolicy, error)

public RowAccessPolicy(string name, RowAccessPolicyArgs args, CustomResourceOptions? opts = null)

public RowAccessPolicy(String name, RowAccessPolicyArgs args)
public RowAccessPolicy(String name, RowAccessPolicyArgs args, CustomResourceOptions options)

type: snowflake:RowAccessPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args RowAccessPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args RowAccessPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args RowAccessPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RowAccessPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args RowAccessPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Example

The following reference example uses placeholder values for all input properties.

var rowAccessPolicyResource = new Snowflake.RowAccessPolicy("rowAccessPolicyResource", new()
{
    Database = "string",
    RowAccessExpression = "string",
    Schema = "string",
    Signature = 
    {
        { "string", "string" },
    },
    Comment = "string",
    Name = "string",
});

example, err := snowflake.NewRowAccessPolicy(ctx, "rowAccessPolicyResource", &snowflake.RowAccessPolicyArgs{
	Database:            pulumi.String("string"),
	RowAccessExpression: pulumi.String("string"),
	Schema:              pulumi.String("string"),
	Signature: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Comment: pulumi.String("string"),
	Name:    pulumi.String("string"),
})

var rowAccessPolicyResource = new RowAccessPolicy("rowAccessPolicyResource", RowAccessPolicyArgs.builder()        
    .database("string")
    .rowAccessExpression("string")
    .schema("string")
    .signature(Map.of("string", "string"))
    .comment("string")
    .name("string")
    .build());

row_access_policy_resource = snowflake.RowAccessPolicy("rowAccessPolicyResource",
    database="string",
    row_access_expression="string",
    schema="string",
    signature={
        "string": "string",
    },
    comment="string",
    name="string")

const rowAccessPolicyResource = new snowflake.RowAccessPolicy("rowAccessPolicyResource", {
    database: "string",
    rowAccessExpression: "string",
    schema: "string",
    signature: {
        string: "string",
    },
    comment: "string",
    name: "string",
});

type: snowflake:RowAccessPolicy
properties:
    comment: string
    database: string
    name: string
    rowAccessExpression: string
    schema: string
    signature:
        string: string

RowAccessPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The RowAccessPolicy resource accepts the following input properties:

Database string: The database in which to create the row access policy.
RowAccessExpression string: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
Schema string: The schema in which to create the row access policy.
Signature Dictionary<string, string>: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
Comment string: Specifies a comment for the row access policy.
Name string: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.

Database string: The database in which to create the row access policy.
RowAccessExpression string: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
Schema string: The schema in which to create the row access policy.
Signature map[string]string: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
Comment string: Specifies a comment for the row access policy.
Name string: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.

database String: The database in which to create the row access policy.
rowAccessExpression String: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema String: The schema in which to create the row access policy.
signature Map<String,String>: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
comment String: Specifies a comment for the row access policy.
name String: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.

database string: The database in which to create the row access policy.
rowAccessExpression string: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema string: The schema in which to create the row access policy.
signature {[key: string]: string}: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
comment string: Specifies a comment for the row access policy.
name string: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.

database str: The database in which to create the row access policy.
row_access_expression str: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema str: The schema in which to create the row access policy.
signature Mapping[str, str]: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
comment str: Specifies a comment for the row access policy.
name str: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.

database String: The database in which to create the row access policy.
rowAccessExpression String: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema String: The schema in which to create the row access policy.
signature Map<String>: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
comment String: Specifies a comment for the row access policy.
name String: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.

Outputs

All input properties are implicitly available as output properties. Additionally, the RowAccessPolicy resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing RowAccessPolicy Resource

Get an existing RowAccessPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RowAccessPolicyState, opts?: CustomResourceOptions): RowAccessPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        comment: Optional[str] = None,
        database: Optional[str] = None,
        name: Optional[str] = None,
        row_access_expression: Optional[str] = None,
        schema: Optional[str] = None,
        signature: Optional[Mapping[str, str]] = None) -> RowAccessPolicy

func GetRowAccessPolicy(ctx *Context, name string, id IDInput, state *RowAccessPolicyState, opts ...ResourceOption) (*RowAccessPolicy, error)

public static RowAccessPolicy Get(string name, Input<string> id, RowAccessPolicyState? state, CustomResourceOptions? opts = null)

public static RowAccessPolicy get(String name, Output<String> id, RowAccessPolicyState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Comment string: Specifies a comment for the row access policy.
Database string: The database in which to create the row access policy.
Name string: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
RowAccessExpression string: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
Schema string: The schema in which to create the row access policy.
Signature Dictionary<string, string>: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.

Comment string: Specifies a comment for the row access policy.
Database string: The database in which to create the row access policy.
Name string: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
RowAccessExpression string: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
Schema string: The schema in which to create the row access policy.
Signature map[string]string: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.

comment String: Specifies a comment for the row access policy.
database String: The database in which to create the row access policy.
name String: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
rowAccessExpression String: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema String: The schema in which to create the row access policy.
signature Map<String,String>: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.

comment string: Specifies a comment for the row access policy.
database string: The database in which to create the row access policy.
name string: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
rowAccessExpression string: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema string: The schema in which to create the row access policy.
signature {[key: string]: string}: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.

comment str: Specifies a comment for the row access policy.
database str: The database in which to create the row access policy.
name str: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
row_access_expression str: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema str: The schema in which to create the row access policy.
signature Mapping[str, str]: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.

comment String: Specifies a comment for the row access policy.
database String: The database in which to create the row access policy.
name String: Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
rowAccessExpression String: Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema String: The schema in which to create the row access policy.
signature Map<String>: Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.

Import

format is database name | schema name | policy name

$ pulumi import snowflake:index/rowAccessPolicy:RowAccessPolicy example 'dbName|schemaName|policyName'

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Snowflake pulumi/pulumi-snowflake
License: Apache-2.0
Notes: This Pulumi package is based on the snowflake Terraform Provider.

Snowflake v0.52.0 published on Thursday, Apr 18, 2024 by Pulumi

pulumi/pulumi-snowflake

snowflake.RowAccessPolicy

On this page

On this page

Example Usage

Create RowAccessPolicy Resource

Constructor syntax

Parameters

Example

RowAccessPolicy Resource Properties

Inputs

Outputs

Look up Existing RowAccessPolicy Resource

Import

Package Details

On this page

On this page