externalOauthIntegration.java.md

externalOauthIntegration Submodule

Constructs

ExternalOauthIntegration

Represents a {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration snowflake_external_oauth_integration}.

Initializers

import com.hashicorp.cdktf.providers.snowflake.external_oauth_integration.ExternalOauthIntegration;

ExternalOauthIntegration.Builder.create(Construct scope, java.lang.String id)
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .enabled(java.lang.Boolean)
    .enabled(IResolvable)
    .issuer(java.lang.String)
    .name(java.lang.String)
    .snowflakeUserMappingAttribute(java.lang.String)
    .tokenUserMappingClaims(java.util.List<java.lang.String>)
    .type(java.lang.String)
//  .allowedRoles(java.util.List<java.lang.String>)
//  .anyRoleMode(java.lang.String)
//  .audienceUrls(java.util.List<java.lang.String>)
//  .blockedRoles(java.util.List<java.lang.String>)
//  .comment(java.lang.String)
//  .id(java.lang.String)
//  .jwsKeysUrls(java.util.List<java.lang.String>)
//  .rsaPublicKey(java.lang.String)
//  .rsaPublicKey2(java.lang.String)
//  .scopeDelimiter(java.lang.String)
//  .scopeMappingAttribute(java.lang.String)
    .build();

Name	Type	Description
scope	software.constructs.Construct	The scope in which to define this construct.
id	java.lang.String	The scoped construct ID.
connection	com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection	No description.
count	java.lang.Number OR com.hashicorp.cdktf.TerraformCount	No description.
dependsOn	java.util.List<com.hashicorp.cdktf.ITerraformDependable>	No description.
forEach	com.hashicorp.cdktf.ITerraformIterator	No description.
lifecycle	com.hashicorp.cdktf.TerraformResourceLifecycle	No description.
provider	com.hashicorp.cdktf.TerraformProvider	No description.
provisioners	java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>	No description.
enabled	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	Specifies whether to initiate operation of the integration or suspend it.
issuer	java.lang.String	Specifies the URL to define the OAuth 2.0 authorization server.
name	java.lang.String	Specifies the name of the External Oath integration.
snowflakeUserMappingAttribute	java.lang.String	Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record.
tokenUserMappingClaims	java.util.List<java.lang.String>	Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record.
type	java.lang.String	Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server.
allowedRoles	java.util.List<java.lang.String>	Specifies the list of roles that the client can set as the primary role.
anyRoleMode	java.lang.String	Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token.
audienceUrls	java.util.List<java.lang.String>	Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL.
blockedRoles	java.util.List<java.lang.String>	Specifies the list of roles that a client cannot set as the primary role.
comment	java.lang.String	Specifies a comment for the OAuth integration.
id	java.lang.String	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#id ExternalOauthIntegration#id}.
jwsKeysUrls	java.util.List<java.lang.String>	Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token.
rsaPublicKey	java.lang.String	Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.
rsaPublicKey2	java.lang.String	Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.
scopeDelimiter	java.lang.String	Specifies the scope delimiter in the authorization token.
scopeMappingAttribute	java.lang.String	Specifies the access token claim to map the access token to an account role.

---

scope^Required

• Type: software.constructs.Construct

The scope in which to define this construct.

---

id^Required

• Type: java.lang.String

The scoped construct ID.

Must be unique amongst siblings in the same scope

---

connection^Optional

• Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

---

count^Optional

• Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

---

dependsOn^Optional

• Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

---

forEach^Optional

• Type: com.hashicorp.cdktf.ITerraformIterator

---

lifecycle^Optional

• Type: com.hashicorp.cdktf.TerraformResourceLifecycle

---

provider^Optional

• Type: com.hashicorp.cdktf.TerraformProvider

---

provisioners^Optional

• Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

---

enabled^Required

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Specifies whether to initiate operation of the integration or suspend it.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#enabled ExternalOauthIntegration#enabled}

---

issuer^Required

• Type: java.lang.String

Specifies the URL to define the OAuth 2.0 authorization server.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#issuer ExternalOauthIntegration#issuer}

---

name^Required

• Type: java.lang.String

Specifies the name of the External Oath integration.

This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#name ExternalOauthIntegration#name}

---

snowflakeUserMappingAttribute^Required

• Type: java.lang.String

Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#snowflake_user_mapping_attribute ExternalOauthIntegration#snowflake_user_mapping_attribute}

---

tokenUserMappingClaims^Required

• Type: java.util.List<java.lang.String>

Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#token_user_mapping_claims ExternalOauthIntegration#token_user_mapping_claims}

---

type^Required

• Type: java.lang.String

Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#type ExternalOauthIntegration#type}

---

allowedRoles^Optional

• Type: java.util.List<java.lang.String>

Specifies the list of roles that the client can set as the primary role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#allowed_roles ExternalOauthIntegration#allowed_roles}

---

anyRoleMode^Optional

• Type: java.lang.String

Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#any_role_mode ExternalOauthIntegration#any_role_mode}

---

audienceUrls^Optional

• Type: java.util.List<java.lang.String>

Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#audience_urls ExternalOauthIntegration#audience_urls}

---

blockedRoles^Optional

• Type: java.util.List<java.lang.String>

Specifies the list of roles that a client cannot set as the primary role.

Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#blocked_roles ExternalOauthIntegration#blocked_roles}

---

comment^Optional

• Type: java.lang.String

Specifies a comment for the OAuth integration.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#comment ExternalOauthIntegration#comment}

---

id^Optional

• Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#id ExternalOauthIntegration#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

jwsKeysUrls^Optional

• Type: java.util.List<java.lang.String>

Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token.

The maximum number of URLs that can be specified in the list is 3.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#jws_keys_urls ExternalOauthIntegration#jws_keys_urls}

---

rsaPublicKey^Optional

• Type: java.lang.String

Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#rsa_public_key ExternalOauthIntegration#rsa_public_key}

---

rsaPublicKey2^Optional

• Type: java.lang.String

Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.

Used for key rotation.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#rsa_public_key_2 ExternalOauthIntegration#rsa_public_key_2}

---

scopeDelimiter^Optional

• Type: java.lang.String

Specifies the scope delimiter in the authorization token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#scope_delimiter ExternalOauthIntegration#scope_delimiter}

---

scopeMappingAttribute^Optional

• Type: java.lang.String

Specifies the access token claim to map the access token to an account role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#scope_mapping_attribute ExternalOauthIntegration#scope_mapping_attribute}

---

Methods

Name	Description
toString	Returns a string representation of this construct.
addOverride	No description.
overrideLogicalId	Overrides the auto-generated logical ID with a specific ID.
resetOverrideLogicalId	Resets a previously passed logical Id to use the auto-generated logical id again.
toHclTerraform	No description.
toMetadata	No description.
toTerraform	Adds this resource to the terraform JSON output.
addMoveTarget	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
getAnyMapAttribute	No description.
getBooleanAttribute	No description.
getBooleanMapAttribute	No description.
getListAttribute	No description.
getNumberAttribute	No description.
getNumberListAttribute	No description.
getNumberMapAttribute	No description.
getStringAttribute	No description.
getStringMapAttribute	No description.
hasResourceMove	No description.
importFrom	No description.
interpolationForAttribute	No description.
moveFromId	Move the resource corresponding to "id" to this resource.
moveTo	Moves this resource to the target resource given by moveTarget.
moveToId	Moves this resource to the resource corresponding to "id".
resetAllowedRoles	No description.
resetAnyRoleMode	No description.
resetAudienceUrls	No description.
resetBlockedRoles	No description.
resetComment	No description.
resetId	No description.
resetJwsKeysUrls	No description.
resetRsaPublicKey	No description.
resetRsaPublicKey2	No description.
resetScopeDelimiter	No description.
resetScopeMappingAttribute	No description.

---

toString

public java.lang.String toString()

Returns a string representation of this construct.

addOverride

public void addOverride(java.lang.String path, java.lang.Object value)

path^Required

• Type: java.lang.String

---

value^Required

• Type: java.lang.Object

---

overrideLogicalId

public void overrideLogicalId(java.lang.String newLogicalId)

Overrides the auto-generated logical ID with a specific ID.

newLogicalId^Required

• Type: java.lang.String

The new logical ID to use for this stack element.

---

resetOverrideLogicalId

public void resetOverrideLogicalId()

Resets a previously passed logical Id to use the auto-generated logical id again.

toHclTerraform

public java.lang.Object toHclTerraform()

toMetadata

public java.lang.Object toMetadata()

toTerraform

public java.lang.Object toTerraform()

Adds this resource to the terraform JSON output.

addMoveTarget

public void addMoveTarget(java.lang.String moveTarget)

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

moveTarget^Required

• Type: java.lang.String

The string move target that will correspond to this resource.

---

getAnyMapAttribute

public java.util.Map<java.lang.String, java.lang.Object> getAnyMapAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getBooleanAttribute

public IResolvable getBooleanAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getBooleanMapAttribute

public java.util.Map<java.lang.String, java.lang.Boolean> getBooleanMapAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getListAttribute

public java.util.List<java.lang.String> getListAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getNumberAttribute

public java.lang.Number getNumberAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getNumberListAttribute

public java.util.List<java.lang.Number> getNumberListAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getNumberMapAttribute

public java.util.Map<java.lang.String, java.lang.Number> getNumberMapAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getStringAttribute

public java.lang.String getStringAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getStringMapAttribute

public java.util.Map<java.lang.String, java.lang.String> getStringMapAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

hasResourceMove

public TerraformResourceMoveByTarget OR TerraformResourceMoveById hasResourceMove()

importFrom

public void importFrom(java.lang.String id)
public void importFrom(java.lang.String id, TerraformProvider provider)

id^Required

• Type: java.lang.String

---

provider^Optional

• Type: com.hashicorp.cdktf.TerraformProvider

---

interpolationForAttribute

public IResolvable interpolationForAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

moveFromId

public void moveFromId(java.lang.String id)

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

id^Required

• Type: java.lang.String

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

---

moveTo

public void moveTo(java.lang.String moveTarget)
public void moveTo(java.lang.String moveTarget, java.lang.String OR java.lang.Number index)

Moves this resource to the target resource given by moveTarget.

moveTarget^Required

• Type: java.lang.String

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

---

index^Optional

• Type: java.lang.String OR java.lang.Number

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

---

moveToId

public void moveToId(java.lang.String id)

Moves this resource to the resource corresponding to "id".

id^Required

• Type: java.lang.String

Full id of resource to move to, e.g. "aws_s3_bucket.example".

---

resetAllowedRoles

public void resetAllowedRoles()

resetAnyRoleMode

public void resetAnyRoleMode()

resetAudienceUrls

public void resetAudienceUrls()

resetBlockedRoles

public void resetBlockedRoles()

resetComment

public void resetComment()

resetId

public void resetId()

resetJwsKeysUrls

public void resetJwsKeysUrls()

resetRsaPublicKey

public void resetRsaPublicKey()

resetRsaPublicKey2

public void resetRsaPublicKey2()

resetScopeDelimiter

public void resetScopeDelimiter()

resetScopeMappingAttribute

public void resetScopeMappingAttribute()

Static Functions

Name	Description
isConstruct	Checks if x is a construct.
isTerraformElement	No description.
isTerraformResource	No description.
generateConfigForImport	Generates CDKTF code for importing a ExternalOauthIntegration resource upon running "cdktf plan ".

---

isConstruct

import com.hashicorp.cdktf.providers.snowflake.external_oauth_integration.ExternalOauthIntegration;

ExternalOauthIntegration.isConstruct(java.lang.Object x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: java.lang.Object

Any object.

---

isTerraformElement

import com.hashicorp.cdktf.providers.snowflake.external_oauth_integration.ExternalOauthIntegration;

ExternalOauthIntegration.isTerraformElement(java.lang.Object x)

x^Required

• Type: java.lang.Object

---

isTerraformResource

import com.hashicorp.cdktf.providers.snowflake.external_oauth_integration.ExternalOauthIntegration;

ExternalOauthIntegration.isTerraformResource(java.lang.Object x)

x^Required

• Type: java.lang.Object

---

generateConfigForImport

import com.hashicorp.cdktf.providers.snowflake.external_oauth_integration.ExternalOauthIntegration;

ExternalOauthIntegration.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId),ExternalOauthIntegration.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId, TerraformProvider provider)

Generates CDKTF code for importing a ExternalOauthIntegration resource upon running "cdktf plan ".

scope^Required

• Type: software.constructs.Construct

The scope in which to define this construct.

---

importToId^Required

• Type: java.lang.String

The construct id used in the generated config for the ExternalOauthIntegration to import.

---

importFromId^Required

• Type: java.lang.String

The id of the existing ExternalOauthIntegration that should be imported.

Refer to the {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#import import section} in the documentation of this resource for the id to use

---

provider^Optional

• Type: com.hashicorp.cdktf.TerraformProvider

? Optional instance of the provider where the ExternalOauthIntegration to import is found.

---

Properties

Name	Type	Description
node	software.constructs.Node	The tree node.
cdktfStack	com.hashicorp.cdktf.TerraformStack	No description.
fqn	java.lang.String	No description.
friendlyUniqueId	java.lang.String	No description.
terraformMetaArguments	java.util.Map<java.lang.String, java.lang.Object>	No description.
terraformResourceType	java.lang.String	No description.
terraformGeneratorMetadata	com.hashicorp.cdktf.TerraformProviderGeneratorMetadata	No description.
connection	com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection	No description.
count	java.lang.Number OR com.hashicorp.cdktf.TerraformCount	No description.
dependsOn	java.util.List<java.lang.String>	No description.
forEach	com.hashicorp.cdktf.ITerraformIterator	No description.
lifecycle	com.hashicorp.cdktf.TerraformResourceLifecycle	No description.
provider	com.hashicorp.cdktf.TerraformProvider	No description.
provisioners	java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>	No description.
createdOn	java.lang.String	No description.
allowedRolesInput	java.util.List<java.lang.String>	No description.
anyRoleModeInput	java.lang.String	No description.
audienceUrlsInput	java.util.List<java.lang.String>	No description.
blockedRolesInput	java.util.List<java.lang.String>	No description.
commentInput	java.lang.String	No description.
enabledInput	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
idInput	java.lang.String	No description.
issuerInput	java.lang.String	No description.
jwsKeysUrlsInput	java.util.List<java.lang.String>	No description.
nameInput	java.lang.String	No description.
rsaPublicKey2Input	java.lang.String	No description.
rsaPublicKeyInput	java.lang.String	No description.
scopeDelimiterInput	java.lang.String	No description.
scopeMappingAttributeInput	java.lang.String	No description.
snowflakeUserMappingAttributeInput	java.lang.String	No description.
tokenUserMappingClaimsInput	java.util.List<java.lang.String>	No description.
typeInput	java.lang.String	No description.
allowedRoles	java.util.List<java.lang.String>	No description.
anyRoleMode	java.lang.String	No description.
audienceUrls	java.util.List<java.lang.String>	No description.
blockedRoles	java.util.List<java.lang.String>	No description.
comment	java.lang.String	No description.
enabled	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
id	java.lang.String	No description.
issuer	java.lang.String	No description.
jwsKeysUrls	java.util.List<java.lang.String>	No description.
name	java.lang.String	No description.
rsaPublicKey	java.lang.String	No description.
rsaPublicKey2	java.lang.String	No description.
scopeDelimiter	java.lang.String	No description.
scopeMappingAttribute	java.lang.String	No description.
snowflakeUserMappingAttribute	java.lang.String	No description.
tokenUserMappingClaims	java.util.List<java.lang.String>	No description.
type	java.lang.String	No description.

---

node^Required

public Node getNode();

• Type: software.constructs.Node

The tree node.

---

cdktfStack^Required

public TerraformStack getCdktfStack();

• Type: com.hashicorp.cdktf.TerraformStack

---

fqn^Required

public java.lang.String getFqn();

• Type: java.lang.String

---

friendlyUniqueId^Required

public java.lang.String getFriendlyUniqueId();

• Type: java.lang.String

---

terraformMetaArguments^Required

public java.util.Map<java.lang.String, java.lang.Object> getTerraformMetaArguments();

• Type: java.util.Map<java.lang.String, java.lang.Object>

---

terraformResourceType^Required

public java.lang.String getTerraformResourceType();

• Type: java.lang.String

---

terraformGeneratorMetadata^Optional

public TerraformProviderGeneratorMetadata getTerraformGeneratorMetadata();

• Type: com.hashicorp.cdktf.TerraformProviderGeneratorMetadata

---

connection^Optional

public java.lang.Object getConnection();

• Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

---

count^Optional

public java.lang.Object getCount();

• Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

---

dependsOn^Optional

public java.util.List<java.lang.String> getDependsOn();

• Type: java.util.List<java.lang.String>

---

forEach^Optional

public ITerraformIterator getForEach();

• Type: com.hashicorp.cdktf.ITerraformIterator

---

lifecycle^Optional

public TerraformResourceLifecycle getLifecycle();

• Type: com.hashicorp.cdktf.TerraformResourceLifecycle

---

provider^Optional

public TerraformProvider getProvider();

• Type: com.hashicorp.cdktf.TerraformProvider

---

provisioners^Optional

public java.lang.Object getProvisioners();

• Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

---

createdOn^Required

public java.lang.String getCreatedOn();

• Type: java.lang.String

---

allowedRolesInput^Optional

public java.util.List<java.lang.String> getAllowedRolesInput();

• Type: java.util.List<java.lang.String>

---

anyRoleModeInput^Optional

public java.lang.String getAnyRoleModeInput();

• Type: java.lang.String

---

audienceUrlsInput^Optional

public java.util.List<java.lang.String> getAudienceUrlsInput();

• Type: java.util.List<java.lang.String>

---

blockedRolesInput^Optional

public java.util.List<java.lang.String> getBlockedRolesInput();

• Type: java.util.List<java.lang.String>

---

commentInput^Optional

public java.lang.String getCommentInput();

• Type: java.lang.String

---

enabledInput^Optional

public java.lang.Object getEnabledInput();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

idInput^Optional

public java.lang.String getIdInput();

• Type: java.lang.String

---

issuerInput^Optional

public java.lang.String getIssuerInput();

• Type: java.lang.String

---

jwsKeysUrlsInput^Optional

public java.util.List<java.lang.String> getJwsKeysUrlsInput();

• Type: java.util.List<java.lang.String>

---

nameInput^Optional

public java.lang.String getNameInput();

• Type: java.lang.String

---

rsaPublicKey2Input^Optional

public java.lang.String getRsaPublicKey2Input();

• Type: java.lang.String

---

rsaPublicKeyInput^Optional

public java.lang.String getRsaPublicKeyInput();

• Type: java.lang.String

---

scopeDelimiterInput^Optional

public java.lang.String getScopeDelimiterInput();

• Type: java.lang.String

---

scopeMappingAttributeInput^Optional

public java.lang.String getScopeMappingAttributeInput();

• Type: java.lang.String

---

snowflakeUserMappingAttributeInput^Optional

public java.lang.String getSnowflakeUserMappingAttributeInput();

• Type: java.lang.String

---

tokenUserMappingClaimsInput^Optional

public java.util.List<java.lang.String> getTokenUserMappingClaimsInput();

• Type: java.util.List<java.lang.String>

---

typeInput^Optional

public java.lang.String getTypeInput();

• Type: java.lang.String

---

allowedRoles^Required

public java.util.List<java.lang.String> getAllowedRoles();

• Type: java.util.List<java.lang.String>

---

anyRoleMode^Required

public java.lang.String getAnyRoleMode();

• Type: java.lang.String

---

audienceUrls^Required

public java.util.List<java.lang.String> getAudienceUrls();

• Type: java.util.List<java.lang.String>

---

blockedRoles^Required

public java.util.List<java.lang.String> getBlockedRoles();

• Type: java.util.List<java.lang.String>

---

comment^Required

public java.lang.String getComment();

• Type: java.lang.String

---

enabled^Required

public java.lang.Object getEnabled();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

id^Required

public java.lang.String getId();

• Type: java.lang.String

---

issuer^Required

public java.lang.String getIssuer();

• Type: java.lang.String

---

jwsKeysUrls^Required

public java.util.List<java.lang.String> getJwsKeysUrls();

• Type: java.util.List<java.lang.String>

---

name^Required

public java.lang.String getName();

• Type: java.lang.String

---

rsaPublicKey^Required

public java.lang.String getRsaPublicKey();

• Type: java.lang.String

---

rsaPublicKey2^Required

public java.lang.String getRsaPublicKey2();

• Type: java.lang.String

---

scopeDelimiter^Required

public java.lang.String getScopeDelimiter();

• Type: java.lang.String

---

scopeMappingAttribute^Required

public java.lang.String getScopeMappingAttribute();

• Type: java.lang.String

---

snowflakeUserMappingAttribute^Required

public java.lang.String getSnowflakeUserMappingAttribute();

• Type: java.lang.String

---

tokenUserMappingClaims^Required

public java.util.List<java.lang.String> getTokenUserMappingClaims();

• Type: java.util.List<java.lang.String>

---

type^Required

public java.lang.String getType();

• Type: java.lang.String

---

Constants

Name	Type	Description
tfResourceType	java.lang.String	No description.

---

tfResourceType^Required

public java.lang.String getTfResourceType();

• Type: java.lang.String

---

Structs

ExternalOauthIntegrationConfig

Initializer

import com.hashicorp.cdktf.providers.snowflake.external_oauth_integration.ExternalOauthIntegrationConfig;

ExternalOauthIntegrationConfig.builder()
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .enabled(java.lang.Boolean)
    .enabled(IResolvable)
    .issuer(java.lang.String)
    .name(java.lang.String)
    .snowflakeUserMappingAttribute(java.lang.String)
    .tokenUserMappingClaims(java.util.List<java.lang.String>)
    .type(java.lang.String)
//  .allowedRoles(java.util.List<java.lang.String>)
//  .anyRoleMode(java.lang.String)
//  .audienceUrls(java.util.List<java.lang.String>)
//  .blockedRoles(java.util.List<java.lang.String>)
//  .comment(java.lang.String)
//  .id(java.lang.String)
//  .jwsKeysUrls(java.util.List<java.lang.String>)
//  .rsaPublicKey(java.lang.String)
//  .rsaPublicKey2(java.lang.String)
//  .scopeDelimiter(java.lang.String)
//  .scopeMappingAttribute(java.lang.String)
    .build();

Properties

Name	Type	Description
connection	com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection	No description.
count	java.lang.Number OR com.hashicorp.cdktf.TerraformCount	No description.
dependsOn	java.util.List<com.hashicorp.cdktf.ITerraformDependable>	No description.
forEach	com.hashicorp.cdktf.ITerraformIterator	No description.
lifecycle	com.hashicorp.cdktf.TerraformResourceLifecycle	No description.
provider	com.hashicorp.cdktf.TerraformProvider	No description.
provisioners	java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>	No description.
enabled	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	Specifies whether to initiate operation of the integration or suspend it.
issuer	java.lang.String	Specifies the URL to define the OAuth 2.0 authorization server.
name	java.lang.String	Specifies the name of the External Oath integration.
snowflakeUserMappingAttribute	java.lang.String	Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record.
tokenUserMappingClaims	java.util.List<java.lang.String>	Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record.
type	java.lang.String	Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server.
allowedRoles	java.util.List<java.lang.String>	Specifies the list of roles that the client can set as the primary role.
anyRoleMode	java.lang.String	Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token.
audienceUrls	java.util.List<java.lang.String>	Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL.
blockedRoles	java.util.List<java.lang.String>	Specifies the list of roles that a client cannot set as the primary role.
comment	java.lang.String	Specifies a comment for the OAuth integration.
id	java.lang.String	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#id ExternalOauthIntegration#id}.
jwsKeysUrls	java.util.List<java.lang.String>	Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token.
rsaPublicKey	java.lang.String	Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.
rsaPublicKey2	java.lang.String	Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.
scopeDelimiter	java.lang.String	Specifies the scope delimiter in the authorization token.
scopeMappingAttribute	java.lang.String	Specifies the access token claim to map the access token to an account role.

---

connection^Optional

public java.lang.Object getConnection();

• Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

---

count^Optional

public java.lang.Object getCount();

• Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

---

dependsOn^Optional

public java.util.List<ITerraformDependable> getDependsOn();

• Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

---

forEach^Optional

public ITerraformIterator getForEach();

• Type: com.hashicorp.cdktf.ITerraformIterator

---

lifecycle^Optional

public TerraformResourceLifecycle getLifecycle();

• Type: com.hashicorp.cdktf.TerraformResourceLifecycle

---

provider^Optional

public TerraformProvider getProvider();

• Type: com.hashicorp.cdktf.TerraformProvider

---

provisioners^Optional

public java.lang.Object getProvisioners();

• Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

---

enabled^Required

public java.lang.Object getEnabled();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Specifies whether to initiate operation of the integration or suspend it.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#enabled ExternalOauthIntegration#enabled}

---

issuer^Required

public java.lang.String getIssuer();

• Type: java.lang.String

Specifies the URL to define the OAuth 2.0 authorization server.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#issuer ExternalOauthIntegration#issuer}

---

name^Required

public java.lang.String getName();

• Type: java.lang.String

Specifies the name of the External Oath integration.

This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#name ExternalOauthIntegration#name}

---

snowflakeUserMappingAttribute^Required

public java.lang.String getSnowflakeUserMappingAttribute();

• Type: java.lang.String

Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#snowflake_user_mapping_attribute ExternalOauthIntegration#snowflake_user_mapping_attribute}

---

tokenUserMappingClaims^Required

public java.util.List<java.lang.String> getTokenUserMappingClaims();

• Type: java.util.List<java.lang.String>

Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#token_user_mapping_claims ExternalOauthIntegration#token_user_mapping_claims}

---

type^Required

public java.lang.String getType();

• Type: java.lang.String

Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#type ExternalOauthIntegration#type}

---

allowedRoles^Optional

public java.util.List<java.lang.String> getAllowedRoles();

• Type: java.util.List<java.lang.String>

Specifies the list of roles that the client can set as the primary role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#allowed_roles ExternalOauthIntegration#allowed_roles}

---

anyRoleMode^Optional

public java.lang.String getAnyRoleMode();

• Type: java.lang.String

Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#any_role_mode ExternalOauthIntegration#any_role_mode}

---

audienceUrls^Optional

public java.util.List<java.lang.String> getAudienceUrls();

• Type: java.util.List<java.lang.String>

Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#audience_urls ExternalOauthIntegration#audience_urls}

---

blockedRoles^Optional

public java.util.List<java.lang.String> getBlockedRoles();

• Type: java.util.List<java.lang.String>

Specifies the list of roles that a client cannot set as the primary role.

Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#blocked_roles ExternalOauthIntegration#blocked_roles}

---

comment^Optional

public java.lang.String getComment();

• Type: java.lang.String

Specifies a comment for the OAuth integration.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#comment ExternalOauthIntegration#comment}

---

id^Optional

public java.lang.String getId();

• Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#id ExternalOauthIntegration#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

jwsKeysUrls^Optional

public java.util.List<java.lang.String> getJwsKeysUrls();

• Type: java.util.List<java.lang.String>

Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token.

The maximum number of URLs that can be specified in the list is 3.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#jws_keys_urls ExternalOauthIntegration#jws_keys_urls}

---

rsaPublicKey^Optional

public java.lang.String getRsaPublicKey();

• Type: java.lang.String

Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#rsa_public_key ExternalOauthIntegration#rsa_public_key}

---

rsaPublicKey2^Optional

public java.lang.String getRsaPublicKey2();

• Type: java.lang.String

Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.

Used for key rotation.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#rsa_public_key_2 ExternalOauthIntegration#rsa_public_key_2}

---

scopeDelimiter^Optional

public java.lang.String getScopeDelimiter();

• Type: java.lang.String

Specifies the scope delimiter in the authorization token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#scope_delimiter ExternalOauthIntegration#scope_delimiter}

---

scopeMappingAttribute^Optional

public java.lang.String getScopeMappingAttribute();

• Type: java.lang.String

Specifies the access token claim to map the access token to an account role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#scope_mapping_attribute ExternalOauthIntegration#scope_mapping_attribute}

---