Welcome to Pulumi Registry, your window into the cloud. Read the announcement.

Snowflake

v0.2.1 published on Monday, Sep 27, 2021 by Pulumi

RowAccessPolicy

Import

format is database name | schema name | policy name

 $ pulumi import snowflake:index/rowAccessPolicy:RowAccessPolicy example 'dbName|schemaName|policyName'

Example Usage

using Pulumi;
using Snowflake = Pulumi.Snowflake;

class MyStack : Stack
{
    public MyStack()
    {
        var exampleRowAccessPolicy = new Snowflake.RowAccessPolicy("exampleRowAccessPolicy", new Snowflake.RowAccessPolicyArgs
        {
            Database = "EXAMPLE_DB",
            RowAccessExpression = "case when current_role() in ('ANALYST') then true else false end",
            Schema = "EXAMPLE_SCHEMA",
            Signature = 
            {
                { "A", "VARCHAR" },
                { "B", "VARCHAR" },
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-snowflake/sdk/go/snowflake"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := snowflake.NewRowAccessPolicy(ctx, "exampleRowAccessPolicy", &snowflake.RowAccessPolicyArgs{
			Database:            pulumi.String("EXAMPLE_DB"),
			RowAccessExpression: pulumi.String("case when current_role() in ('ANALYST') then true else false end"),
			Schema:              pulumi.String("EXAMPLE_SCHEMA"),
			Signature: pulumi.StringMap{
				"A": pulumi.String("VARCHAR"),
				"B": pulumi.String("VARCHAR"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_snowflake as snowflake

example_row_access_policy = snowflake.RowAccessPolicy("exampleRowAccessPolicy",
    database="EXAMPLE_DB",
    row_access_expression="case when current_role() in ('ANALYST') then true else false end",
    schema="EXAMPLE_SCHEMA",
    signature={
        "A": "VARCHAR",
        "B": "VARCHAR",
    })
import * as pulumi from "@pulumi/pulumi";
import * as snowflake from "@pulumi/snowflake";

const exampleRowAccessPolicy = new snowflake.RowAccessPolicy("example_row_access_policy", {
    database: "EXAMPLE_DB",
    rowAccessExpression: "case when current_role() in ('ANALYST') then true else false end",
    schema: "EXAMPLE_SCHEMA",
    signature: {
        A: "VARCHAR",
        B: "VARCHAR",
    },
});

Create a RowAccessPolicy Resource

new RowAccessPolicy(name: string, args: RowAccessPolicyArgs, opts?: CustomResourceOptions);
@overload
def RowAccessPolicy(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    comment: Optional[str] = None,
                    database: Optional[str] = None,
                    name: Optional[str] = None,
                    row_access_expression: Optional[str] = None,
                    schema: Optional[str] = None,
                    signature: Optional[Mapping[str, str]] = None)
@overload
def RowAccessPolicy(resource_name: str,
                    args: RowAccessPolicyArgs,
                    opts: Optional[ResourceOptions] = None)
func NewRowAccessPolicy(ctx *Context, name string, args RowAccessPolicyArgs, opts ...ResourceOption) (*RowAccessPolicy, error)
public RowAccessPolicy(string name, RowAccessPolicyArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args RowAccessPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args RowAccessPolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args RowAccessPolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args RowAccessPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

RowAccessPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The RowAccessPolicy resource accepts the following input properties:

Database string
The database in which to create the row access policy.
RowAccessExpression string
Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
Schema string
The schema in which to create the row access policy.
Signature Dictionary<string, string>
Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
Comment string
Specifies a comment for the row access policy.
Name string
Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
Database string
The database in which to create the row access policy.
RowAccessExpression string
Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
Schema string
The schema in which to create the row access policy.
Signature map[string]string
Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
Comment string
Specifies a comment for the row access policy.
Name string
Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
database string
The database in which to create the row access policy.
rowAccessExpression string
Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema string
The schema in which to create the row access policy.
signature {[key: string]: string}
Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
comment string
Specifies a comment for the row access policy.
name string
Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
database str
The database in which to create the row access policy.
row_access_expression str
Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema str
The schema in which to create the row access policy.
signature Mapping[str, str]
Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
comment str
Specifies a comment for the row access policy.
name str
Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.

Outputs

All input properties are implicitly available as output properties. Additionally, the RowAccessPolicy resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing RowAccessPolicy Resource

Get an existing RowAccessPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RowAccessPolicyState, opts?: CustomResourceOptions): RowAccessPolicy
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        comment: Optional[str] = None,
        database: Optional[str] = None,
        name: Optional[str] = None,
        row_access_expression: Optional[str] = None,
        schema: Optional[str] = None,
        signature: Optional[Mapping[str, str]] = None) -> RowAccessPolicy
func GetRowAccessPolicy(ctx *Context, name string, id IDInput, state *RowAccessPolicyState, opts ...ResourceOption) (*RowAccessPolicy, error)
public static RowAccessPolicy Get(string name, Input<string> id, RowAccessPolicyState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Comment string
Specifies a comment for the row access policy.
Database string
The database in which to create the row access policy.
Name string
Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
RowAccessExpression string
Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
Schema string
The schema in which to create the row access policy.
Signature Dictionary<string, string>
Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
Comment string
Specifies a comment for the row access policy.
Database string
The database in which to create the row access policy.
Name string
Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
RowAccessExpression string
Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
Schema string
The schema in which to create the row access policy.
Signature map[string]string
Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
comment string
Specifies a comment for the row access policy.
database string
The database in which to create the row access policy.
name string
Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
rowAccessExpression string
Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema string
The schema in which to create the row access policy.
signature {[key: string]: string}
Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.
comment str
Specifies a comment for the row access policy.
database str
The database in which to create the row access policy.
name str
Specifies the identifier for the row access policy; must be unique for the database and schema in which the row access policy is created.
row_access_expression str
Specifies the SQL expression. The expression can be any boolean-valued SQL expression.
schema str
The schema in which to create the row access policy.
signature Mapping[str, str]
Specifies signature (arguments) for the row access policy (uppercase and sorted to avoid recreation of resource). A signature specifies a set of attributes that must be considered to determine whether the row is accessible. The attribute values come from the database object (e.g. table or view) to be protected by the row access policy.

Package Details

Repository
https://github.com/pulumi/pulumi-snowflake
License
Apache-2.0
Notes
This Pulumi package is based on the snowflake Terraform Provider.