Note Read more about PAT support in the provider in our Authentication Methods guide.
Note External changes to
mins_to_bypass_network_policy_requirementare not handled by the provider because the value changes continuously on Snowflake side after setting it.
Note External changes to
days_to_expiryare not handled by the provider because Snowflake returnsexpires_atwhich is the token expiration date. Also, the provider does not handle expired tokens automatically. Please change the value ofdays_to_expiryto force a new expiration date.
Note External changes to
tokenare not handled by the provider because the data in this field can be updated only when the token is created or rotated.
Note Rotating a token can be done by changing the value of
keeperfield. See an example below.
Note In order to authenticate with PAT with role restriction, you need to grant the role to the user. You can use the snowflake.GrantAccountRole resource to do this.
Resource used to manage user programmatic access tokens. For more information, check user programmatic access tokens documentation. A programmatic access token is a token that can be used to authenticate to an endpoint. See Using programmatic access tokens for authentication user guide for more details.
Example Usage
Note Instead of using fully_qualified_name, you can reference objects managed outside Terraform by constructing a correct ID, consult identifiers guide.
import * as pulumi from "@pulumi/pulumi";
import * as snowflake from "@pulumi/snowflake";
import * as time from "@pulumi/time";
// basic resource
const basic = new snowflake.UserProgrammaticAccessToken("basic", {
user: "USER",
name: "TOKEN",
});
// complete resource
const complete = new snowflake.UserProgrammaticAccessToken("complete", {
user: "USER",
name: "TOKEN",
roleRestriction: "ROLE",
daysToExpiry: 30,
minsToBypassNetworkPolicyRequirement: 10,
disabled: "false",
comment: "COMMENT",
});
// Set up dependencies and reference them from the token resource.
const role = new snowflake.AccountRole("role", {name: "ROLE"});
const user = new snowflake.User("user", {name: "USER"});
// Grant the role to the user. This is required to authenticate with PAT with role restriction.
const grantRoleToUser = new snowflake.GrantAccountRole("grant_role_to_user", {
roleName: role.name,
userName: user.name,
});
// complete resource with external references
const completeWithExternalReferences = new snowflake.UserProgrammaticAccessToken("complete_with_external_references", {
user: user.name,
name: "TOKEN",
roleRestriction: role.name,
daysToExpiry: 30,
minsToBypassNetworkPolicyRequirement: 10,
disabled: "false",
comment: "COMMENT",
});
export const token = complete.token;
// Note that the fields of this resource are updated only when Terraform is run.
// This means that the schedule may not be respected if Terraform is not run regularly.
const rotationSchedule = new time.index.Rotating("rotation_schedule", {rotationDays: 30});
// Rotate the token regularly using the keeper field and time_rotating resource.
const rotating = new snowflake.UserProgrammaticAccessToken("rotating", {
user: "USER",
name: "TOKEN",
keeper: rotationSchedule.rotationRfc3339,
});
import pulumi
import pulumi_snowflake as snowflake
import pulumi_time as time
# basic resource
basic = snowflake.UserProgrammaticAccessToken("basic",
user="USER",
name="TOKEN")
# complete resource
complete = snowflake.UserProgrammaticAccessToken("complete",
user="USER",
name="TOKEN",
role_restriction="ROLE",
days_to_expiry=30,
mins_to_bypass_network_policy_requirement=10,
disabled="false",
comment="COMMENT")
# Set up dependencies and reference them from the token resource.
role = snowflake.AccountRole("role", name="ROLE")
user = snowflake.User("user", name="USER")
# Grant the role to the user. This is required to authenticate with PAT with role restriction.
grant_role_to_user = snowflake.GrantAccountRole("grant_role_to_user",
role_name=role.name,
user_name=user.name)
# complete resource with external references
complete_with_external_references = snowflake.UserProgrammaticAccessToken("complete_with_external_references",
user=user.name,
name="TOKEN",
role_restriction=role.name,
days_to_expiry=30,
mins_to_bypass_network_policy_requirement=10,
disabled="false",
comment="COMMENT")
pulumi.export("token", complete.token)
# Note that the fields of this resource are updated only when Terraform is run.
# This means that the schedule may not be respected if Terraform is not run regularly.
rotation_schedule = time.index.Rotating("rotation_schedule", rotation_days=30)
# Rotate the token regularly using the keeper field and time_rotating resource.
rotating = snowflake.UserProgrammaticAccessToken("rotating",
user="USER",
name="TOKEN",
keeper=rotation_schedule["rotationRfc3339"])
package main
import (
"github.com/pulumi/pulumi-snowflake/sdk/v2/go/snowflake"
"github.com/pulumi/pulumi-time/sdk/go/time"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// basic resource
_, err := snowflake.NewUserProgrammaticAccessToken(ctx, "basic", &snowflake.UserProgrammaticAccessTokenArgs{
User: pulumi.String("USER"),
Name: pulumi.String("TOKEN"),
})
if err != nil {
return err
}
// complete resource
complete, err := snowflake.NewUserProgrammaticAccessToken(ctx, "complete", &snowflake.UserProgrammaticAccessTokenArgs{
User: pulumi.String("USER"),
Name: pulumi.String("TOKEN"),
RoleRestriction: pulumi.String("ROLE"),
DaysToExpiry: pulumi.Int(30),
MinsToBypassNetworkPolicyRequirement: pulumi.Int(10),
Disabled: pulumi.String("false"),
Comment: pulumi.String("COMMENT"),
})
if err != nil {
return err
}
// Set up dependencies and reference them from the token resource.
role, err := snowflake.NewAccountRole(ctx, "role", &snowflake.AccountRoleArgs{
Name: pulumi.String("ROLE"),
})
if err != nil {
return err
}
user, err := snowflake.NewUser(ctx, "user", &snowflake.UserArgs{
Name: pulumi.String("USER"),
})
if err != nil {
return err
}
// Grant the role to the user. This is required to authenticate with PAT with role restriction.
_, err = snowflake.NewGrantAccountRole(ctx, "grant_role_to_user", &snowflake.GrantAccountRoleArgs{
RoleName: role.Name,
UserName: user.Name,
})
if err != nil {
return err
}
// complete resource with external references
_, err = snowflake.NewUserProgrammaticAccessToken(ctx, "complete_with_external_references", &snowflake.UserProgrammaticAccessTokenArgs{
User: user.Name,
Name: pulumi.String("TOKEN"),
RoleRestriction: role.Name,
DaysToExpiry: pulumi.Int(30),
MinsToBypassNetworkPolicyRequirement: pulumi.Int(10),
Disabled: pulumi.String("false"),
Comment: pulumi.String("COMMENT"),
})
if err != nil {
return err
}
ctx.Export("token", complete.Token)
// Note that the fields of this resource are updated only when Terraform is run.
// This means that the schedule may not be respected if Terraform is not run regularly.
rotationSchedule, err := time.NewRotating(ctx, "rotation_schedule", &time.RotatingArgs{
RotationDays: 30,
})
if err != nil {
return err
}
// Rotate the token regularly using the keeper field and time_rotating resource.
_, err = snowflake.NewUserProgrammaticAccessToken(ctx, "rotating", &snowflake.UserProgrammaticAccessTokenArgs{
User: pulumi.String("USER"),
Name: pulumi.String("TOKEN"),
Keeper: rotationSchedule.RotationRfc3339,
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Snowflake = Pulumi.Snowflake;
using Time = Pulumi.Time;
return await Deployment.RunAsync(() =>
{
// basic resource
var basic = new Snowflake.UserProgrammaticAccessToken("basic", new()
{
User = "USER",
Name = "TOKEN",
});
// complete resource
var complete = new Snowflake.UserProgrammaticAccessToken("complete", new()
{
User = "USER",
Name = "TOKEN",
RoleRestriction = "ROLE",
DaysToExpiry = 30,
MinsToBypassNetworkPolicyRequirement = 10,
Disabled = "false",
Comment = "COMMENT",
});
// Set up dependencies and reference them from the token resource.
var role = new Snowflake.AccountRole("role", new()
{
Name = "ROLE",
});
var user = new Snowflake.User("user", new()
{
Name = "USER",
});
// Grant the role to the user. This is required to authenticate with PAT with role restriction.
var grantRoleToUser = new Snowflake.GrantAccountRole("grant_role_to_user", new()
{
RoleName = role.Name,
UserName = user.Name,
});
// complete resource with external references
var completeWithExternalReferences = new Snowflake.UserProgrammaticAccessToken("complete_with_external_references", new()
{
User = user.Name,
Name = "TOKEN",
RoleRestriction = role.Name,
DaysToExpiry = 30,
MinsToBypassNetworkPolicyRequirement = 10,
Disabled = "false",
Comment = "COMMENT",
});
// Note that the fields of this resource are updated only when Terraform is run.
// This means that the schedule may not be respected if Terraform is not run regularly.
var rotationSchedule = new Time.Index.Rotating("rotation_schedule", new()
{
RotationDays = 30,
});
// Rotate the token regularly using the keeper field and time_rotating resource.
var rotating = new Snowflake.UserProgrammaticAccessToken("rotating", new()
{
User = "USER",
Name = "TOKEN",
Keeper = rotationSchedule.RotationRfc3339,
});
return new Dictionary<string, object?>
{
["token"] = complete.Token,
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.snowflake.UserProgrammaticAccessToken;
import com.pulumi.snowflake.UserProgrammaticAccessTokenArgs;
import com.pulumi.snowflake.AccountRole;
import com.pulumi.snowflake.AccountRoleArgs;
import com.pulumi.snowflake.User;
import com.pulumi.snowflake.UserArgs;
import com.pulumi.snowflake.GrantAccountRole;
import com.pulumi.snowflake.GrantAccountRoleArgs;
import com.pulumi.time.Rotating;
import com.pulumi.time.RotatingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// basic resource
var basic = new UserProgrammaticAccessToken("basic", UserProgrammaticAccessTokenArgs.builder()
.user("USER")
.name("TOKEN")
.build());
// complete resource
var complete = new UserProgrammaticAccessToken("complete", UserProgrammaticAccessTokenArgs.builder()
.user("USER")
.name("TOKEN")
.roleRestriction("ROLE")
.daysToExpiry(30)
.minsToBypassNetworkPolicyRequirement(10)
.disabled("false")
.comment("COMMENT")
.build());
// Set up dependencies and reference them from the token resource.
var role = new AccountRole("role", AccountRoleArgs.builder()
.name("ROLE")
.build());
var user = new User("user", UserArgs.builder()
.name("USER")
.build());
// Grant the role to the user. This is required to authenticate with PAT with role restriction.
var grantRoleToUser = new GrantAccountRole("grantRoleToUser", GrantAccountRoleArgs.builder()
.roleName(role.name())
.userName(user.name())
.build());
// complete resource with external references
var completeWithExternalReferences = new UserProgrammaticAccessToken("completeWithExternalReferences", UserProgrammaticAccessTokenArgs.builder()
.user(user.name())
.name("TOKEN")
.roleRestriction(role.name())
.daysToExpiry(30)
.minsToBypassNetworkPolicyRequirement(10)
.disabled("false")
.comment("COMMENT")
.build());
ctx.export("token", complete.token());
// Note that the fields of this resource are updated only when Terraform is run.
// This means that the schedule may not be respected if Terraform is not run regularly.
var rotationSchedule = new Rotating("rotationSchedule", RotatingArgs.builder()
.rotationDays(30)
.build());
// Rotate the token regularly using the keeper field and time_rotating resource.
var rotating = new UserProgrammaticAccessToken("rotating", UserProgrammaticAccessTokenArgs.builder()
.user("USER")
.name("TOKEN")
.keeper(rotationSchedule.rotationRfc3339())
.build());
}
}
resources:
# basic resource
basic:
type: snowflake:UserProgrammaticAccessToken
properties:
user: USER
name: TOKEN
# complete resource
complete:
type: snowflake:UserProgrammaticAccessToken
properties:
user: USER
name: TOKEN
roleRestriction: ROLE
daysToExpiry: 30
minsToBypassNetworkPolicyRequirement: 10
disabled: false
comment: COMMENT
# Set up dependencies and reference them from the token resource.
role:
type: snowflake:AccountRole
properties:
name: ROLE
user:
type: snowflake:User
properties:
name: USER
# Grant the role to the user. This is required to authenticate with PAT with role restriction.
grantRoleToUser:
type: snowflake:GrantAccountRole
name: grant_role_to_user
properties:
roleName: ${role.name}
userName: ${user.name}
# complete resource with external references
completeWithExternalReferences:
type: snowflake:UserProgrammaticAccessToken
name: complete_with_external_references
properties:
user: ${user.name}
name: TOKEN
roleRestriction: ${role.name}
daysToExpiry: 30
minsToBypassNetworkPolicyRequirement: 10
disabled: false
comment: COMMENT
# Rotate the token regularly using the keeper field and time_rotating resource.
rotating:
type: snowflake:UserProgrammaticAccessToken
properties:
user: USER
name: TOKEN
keeper: ${rotationSchedule.rotationRfc3339}
# Note that the fields of this resource are updated only when Terraform is run.
# This means that the schedule may not be respected if Terraform is not run regularly.
rotationSchedule:
type: time:Rotating
name: rotation_schedule
properties:
rotationDays: 30
outputs:
# Use the token returned from Snowflake and remember to mark it as sensitive.
token: ${complete.token} # Token Rotation
Create UserProgrammaticAccessToken Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new UserProgrammaticAccessToken(name: string, args: UserProgrammaticAccessTokenArgs, opts?: CustomResourceOptions);@overload
def UserProgrammaticAccessToken(resource_name: str,
args: UserProgrammaticAccessTokenArgs,
opts: Optional[ResourceOptions] = None)
@overload
def UserProgrammaticAccessToken(resource_name: str,
opts: Optional[ResourceOptions] = None,
user: Optional[str] = None,
comment: Optional[str] = None,
days_to_expiry: Optional[int] = None,
disabled: Optional[str] = None,
expire_rotated_token_after_hours: Optional[int] = None,
keeper: Optional[str] = None,
mins_to_bypass_network_policy_requirement: Optional[int] = None,
name: Optional[str] = None,
role_restriction: Optional[str] = None)func NewUserProgrammaticAccessToken(ctx *Context, name string, args UserProgrammaticAccessTokenArgs, opts ...ResourceOption) (*UserProgrammaticAccessToken, error)public UserProgrammaticAccessToken(string name, UserProgrammaticAccessTokenArgs args, CustomResourceOptions? opts = null)
public UserProgrammaticAccessToken(String name, UserProgrammaticAccessTokenArgs args)
public UserProgrammaticAccessToken(String name, UserProgrammaticAccessTokenArgs args, CustomResourceOptions options)
type: snowflake:UserProgrammaticAccessToken
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args UserProgrammaticAccessTokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args UserProgrammaticAccessTokenArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args UserProgrammaticAccessTokenArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args UserProgrammaticAccessTokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args UserProgrammaticAccessTokenArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var userProgrammaticAccessTokenResource = new Snowflake.UserProgrammaticAccessToken("userProgrammaticAccessTokenResource", new()
{
User = "string",
Comment = "string",
DaysToExpiry = 0,
Disabled = "string",
ExpireRotatedTokenAfterHours = 0,
Keeper = "string",
MinsToBypassNetworkPolicyRequirement = 0,
Name = "string",
RoleRestriction = "string",
});
example, err := snowflake.NewUserProgrammaticAccessToken(ctx, "userProgrammaticAccessTokenResource", &snowflake.UserProgrammaticAccessTokenArgs{
User: pulumi.String("string"),
Comment: pulumi.String("string"),
DaysToExpiry: pulumi.Int(0),
Disabled: pulumi.String("string"),
ExpireRotatedTokenAfterHours: pulumi.Int(0),
Keeper: pulumi.String("string"),
MinsToBypassNetworkPolicyRequirement: pulumi.Int(0),
Name: pulumi.String("string"),
RoleRestriction: pulumi.String("string"),
})
var userProgrammaticAccessTokenResource = new UserProgrammaticAccessToken("userProgrammaticAccessTokenResource", UserProgrammaticAccessTokenArgs.builder()
.user("string")
.comment("string")
.daysToExpiry(0)
.disabled("string")
.expireRotatedTokenAfterHours(0)
.keeper("string")
.minsToBypassNetworkPolicyRequirement(0)
.name("string")
.roleRestriction("string")
.build());
user_programmatic_access_token_resource = snowflake.UserProgrammaticAccessToken("userProgrammaticAccessTokenResource",
user="string",
comment="string",
days_to_expiry=0,
disabled="string",
expire_rotated_token_after_hours=0,
keeper="string",
mins_to_bypass_network_policy_requirement=0,
name="string",
role_restriction="string")
const userProgrammaticAccessTokenResource = new snowflake.UserProgrammaticAccessToken("userProgrammaticAccessTokenResource", {
user: "string",
comment: "string",
daysToExpiry: 0,
disabled: "string",
expireRotatedTokenAfterHours: 0,
keeper: "string",
minsToBypassNetworkPolicyRequirement: 0,
name: "string",
roleRestriction: "string",
});
type: snowflake:UserProgrammaticAccessToken
properties:
comment: string
daysToExpiry: 0
disabled: string
expireRotatedTokenAfterHours: 0
keeper: string
minsToBypassNetworkPolicyRequirement: 0
name: string
roleRestriction: string
user: string
UserProgrammaticAccessToken Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The UserProgrammaticAccessToken resource accepts the following input properties:
- User string
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - Comment string
- Descriptive comment about the programmatic access token.
- Days
To intExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - Disabled string
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - Expire
Rotated intToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - Keeper string
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - Mins
To intBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- Name string
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - Role
Restriction string - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- User string
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - Comment string
- Descriptive comment about the programmatic access token.
- Days
To intExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - Disabled string
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - Expire
Rotated intToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - Keeper string
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - Mins
To intBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- Name string
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - Role
Restriction string - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- user String
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - comment String
- Descriptive comment about the programmatic access token.
- days
To IntegerExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - disabled String
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - expire
Rotated IntegerToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - keeper String
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - mins
To IntegerBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- name String
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - role
Restriction String - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- user string
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - comment string
- Descriptive comment about the programmatic access token.
- days
To numberExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - disabled string
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - expire
Rotated numberToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - keeper string
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - mins
To numberBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- name string
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - role
Restriction string - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- user str
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - comment str
- Descriptive comment about the programmatic access token.
- days_
to_ intexpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - disabled str
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - expire_
rotated_ inttoken_ after_ hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - keeper str
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - mins_
to_ intbypass_ network_ policy_ requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- name str
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - role_
restriction str - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- user String
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - comment String
- Descriptive comment about the programmatic access token.
- days
To NumberExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - disabled String
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - expire
Rotated NumberToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - keeper String
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - mins
To NumberBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- name String
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - role
Restriction String - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
Outputs
All input properties are implicitly available as output properties. Additionally, the UserProgrammaticAccessToken resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Rotated
Token stringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- Show
Outputs List<UserProgrammatic Access Token Show Output> - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - Token string
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- Id string
- The provider-assigned unique ID for this managed resource.
- Rotated
Token stringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- Show
Outputs []UserProgrammatic Access Token Show Output - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - Token string
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- id String
- The provider-assigned unique ID for this managed resource.
- rotated
Token StringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- show
Outputs List<UserProgrammatic Access Token Show Output> - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - token String
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- id string
- The provider-assigned unique ID for this managed resource.
- rotated
Token stringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- show
Outputs UserProgrammatic Access Token Show Output[] - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - token string
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- id str
- The provider-assigned unique ID for this managed resource.
- rotated_
token_ strname - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- show_
outputs Sequence[UserProgrammatic Access Token Show Output] - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - token str
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- id String
- The provider-assigned unique ID for this managed resource.
- rotated
Token StringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- show
Outputs List<Property Map> - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - token String
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
Look up Existing UserProgrammaticAccessToken Resource
Get an existing UserProgrammaticAccessToken resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: UserProgrammaticAccessTokenState, opts?: CustomResourceOptions): UserProgrammaticAccessToken@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
comment: Optional[str] = None,
days_to_expiry: Optional[int] = None,
disabled: Optional[str] = None,
expire_rotated_token_after_hours: Optional[int] = None,
keeper: Optional[str] = None,
mins_to_bypass_network_policy_requirement: Optional[int] = None,
name: Optional[str] = None,
role_restriction: Optional[str] = None,
rotated_token_name: Optional[str] = None,
show_outputs: Optional[Sequence[UserProgrammaticAccessTokenShowOutputArgs]] = None,
token: Optional[str] = None,
user: Optional[str] = None) -> UserProgrammaticAccessTokenfunc GetUserProgrammaticAccessToken(ctx *Context, name string, id IDInput, state *UserProgrammaticAccessTokenState, opts ...ResourceOption) (*UserProgrammaticAccessToken, error)public static UserProgrammaticAccessToken Get(string name, Input<string> id, UserProgrammaticAccessTokenState? state, CustomResourceOptions? opts = null)public static UserProgrammaticAccessToken get(String name, Output<String> id, UserProgrammaticAccessTokenState state, CustomResourceOptions options)resources: _: type: snowflake:UserProgrammaticAccessToken get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Comment string
- Descriptive comment about the programmatic access token.
- Days
To intExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - Disabled string
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - Expire
Rotated intToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - Keeper string
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - Mins
To intBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- Name string
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - Role
Restriction string - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - Rotated
Token stringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- Show
Outputs List<UserProgrammatic Access Token Show Output> - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - Token string
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- User string
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- Comment string
- Descriptive comment about the programmatic access token.
- Days
To intExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - Disabled string
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - Expire
Rotated intToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - Keeper string
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - Mins
To intBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- Name string
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - Role
Restriction string - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - Rotated
Token stringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- Show
Outputs []UserProgrammatic Access Token Show Output Args - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - Token string
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- User string
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- comment String
- Descriptive comment about the programmatic access token.
- days
To IntegerExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - disabled String
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - expire
Rotated IntegerToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - keeper String
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - mins
To IntegerBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- name String
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - role
Restriction String - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - rotated
Token StringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- show
Outputs List<UserProgrammatic Access Token Show Output> - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - token String
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- user String
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- comment string
- Descriptive comment about the programmatic access token.
- days
To numberExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - disabled string
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - expire
Rotated numberToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - keeper string
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - mins
To numberBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- name string
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - role
Restriction string - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - rotated
Token stringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- show
Outputs UserProgrammatic Access Token Show Output[] - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - token string
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- user string
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- comment str
- Descriptive comment about the programmatic access token.
- days_
to_ intexpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - disabled str
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - expire_
rotated_ inttoken_ after_ hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - keeper str
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - mins_
to_ intbypass_ network_ policy_ requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- name str
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - role_
restriction str - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - rotated_
token_ strname - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- show_
outputs Sequence[UserProgrammatic Access Token Show Output Args] - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - token str
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- user str
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
- comment String
- Descriptive comment about the programmatic access token.
- days
To NumberExpiry - The number of days that the programmatic access token can be used for authentication. This field cannot be altered after the token is created. Instead, you must rotate the token with the
keeperfield. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint". - disabled String
- (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
default)) Disables or enables the programmatic access token. Available options are: "true" or "false". When the value is not set in the configuration the provider will put "default" there which means to use the Snowflake default for this value. - expire
Rotated NumberToken After Hours - (Default: fallback to Snowflake default - uses special value that cannot be set in the configuration manually (
-1)) This field is only used when the token is rotated by changing thekeeperfield. Sets the expiration time of the existing token secret to expire after the specified number of hours. You can set this to a value of 0 to expire the current token secret immediately. - keeper String
- Arbitrary string that, if and only if, changed from a non-empty to a different non-empty value (or known after apply), will trigger a key to be rotated. When you add this field to the configuration, or remove it from the configuration, the rotation is not triggered. When the token is rotated, the
tokenandrotated_token_namefields are marked as computed. - mins
To NumberBypass Network Policy Requirement - The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. External changes for this field won't be detected. In case you want to apply external changes, you can re-create the resource manually using "terraform taint".
- name String
- Specifies the name for the programmatic access token; must be unique for the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - role
Restriction String - The name of the role used for privilege evaluation and object creation. This must be one of the roles that has already been granted to the user. Due to technical limitations (read more here), avoid using the following characters:
|,.,". - rotated
Token StringName - Name of the token that represents the prior secret. This field is updated only when the token is rotated. In this case, the field is marked as computed.
- show
Outputs List<Property Map> - Outputs the result of
SHOW USER PROGRAMMATIC ACCESS TOKENSfor the given user programmatic access token. - token String
- The token itself. Use this to authenticate to an endpoint. The data in this field is updated only when the token is created or rotated. In this case, the field is marked as computed.
- user String
- The name of the user that the token is associated with. A user cannot use another user's programmatic access token to authenticate. Due to technical limitations (read more here), avoid using the following characters:
|,.,".
Supporting Types
UserProgrammaticAccessTokenShowOutput, UserProgrammaticAccessTokenShowOutputArgs
- Comment string
- Created
By string - Created
On string - Expires
At string - Mins
To intBypass Network Policy Requirement - Name string
- Role
Restriction string - Rotated
To string - Status string
- User
Name string
- Comment string
- Created
By string - Created
On string - Expires
At string - Mins
To intBypass Network Policy Requirement - Name string
- Role
Restriction string - Rotated
To string - Status string
- User
Name string
- comment String
- created
By String - created
On String - expires
At String - mins
To IntegerBypass Network Policy Requirement - name String
- role
Restriction String - rotated
To String - status String
- user
Name String
- comment string
- created
By string - created
On string - expires
At string - mins
To numberBypass Network Policy Requirement - name string
- role
Restriction string - rotated
To string - status string
- user
Name string
- comment str
- created_
by str - created_
on str - expires_
at str - mins_
to_ intbypass_ network_ policy_ requirement - name str
- role_
restriction str - rotated_
to str - status str
- user_
name str
- comment String
- created
By String - created
On String - expires
At String - mins
To NumberBypass Network Policy Requirement - name String
- role
Restriction String - rotated
To String - status String
- user
Name String
Import
$ pulumi import snowflake:index/userProgrammaticAccessToken:UserProgrammaticAccessToken example '"<user_name>"|"<token_name>"'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Snowflake pulumi/pulumi-snowflake
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
snowflakeTerraform Provider.
