Represents a {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration snowflake_external_oauth_integration}.
import { externalOauthIntegration } from '@cdktf/provider-snowflake'
new externalOauthIntegration.ExternalOauthIntegration(scope: Construct, id: string, config: ExternalOauthIntegrationConfig)
Name | Type | Description |
---|---|---|
scope |
constructs.Construct |
The scope in which to define this construct. |
id |
string |
The scoped construct ID. |
config |
ExternalOauthIntegrationConfig |
No description. |
- Type: constructs.Construct
The scope in which to define this construct.
- Type: string
The scoped construct ID.
Must be unique amongst siblings in the same scope
Name | Description |
---|---|
toString |
Returns a string representation of this construct. |
addOverride |
No description. |
overrideLogicalId |
Overrides the auto-generated logical ID with a specific ID. |
resetOverrideLogicalId |
Resets a previously passed logical Id to use the auto-generated logical id again. |
toHclTerraform |
No description. |
toMetadata |
No description. |
toTerraform |
Adds this resource to the terraform JSON output. |
addMoveTarget |
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move. |
getAnyMapAttribute |
No description. |
getBooleanAttribute |
No description. |
getBooleanMapAttribute |
No description. |
getListAttribute |
No description. |
getNumberAttribute |
No description. |
getNumberListAttribute |
No description. |
getNumberMapAttribute |
No description. |
getStringAttribute |
No description. |
getStringMapAttribute |
No description. |
hasResourceMove |
No description. |
importFrom |
No description. |
interpolationForAttribute |
No description. |
moveFromId |
Move the resource corresponding to "id" to this resource. |
moveTo |
Moves this resource to the target resource given by moveTarget. |
moveToId |
Moves this resource to the resource corresponding to "id". |
resetAllowedRoles |
No description. |
resetAnyRoleMode |
No description. |
resetAudienceUrls |
No description. |
resetBlockedRoles |
No description. |
resetComment |
No description. |
resetId |
No description. |
resetJwsKeysUrls |
No description. |
resetRsaPublicKey |
No description. |
resetRsaPublicKey2 |
No description. |
resetScopeDelimiter |
No description. |
resetScopeMappingAttribute |
No description. |
public toString(): string
Returns a string representation of this construct.
public addOverride(path: string, value: any): void
- Type: string
- Type: any
public overrideLogicalId(newLogicalId: string): void
Overrides the auto-generated logical ID with a specific ID.
- Type: string
The new logical ID to use for this stack element.
public resetOverrideLogicalId(): void
Resets a previously passed logical Id to use the auto-generated logical id again.
public toHclTerraform(): any
public toMetadata(): any
public toTerraform(): any
Adds this resource to the terraform JSON output.
public addMoveTarget(moveTarget: string): void
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
- Type: string
The string move target that will correspond to this resource.
public getAnyMapAttribute(terraformAttribute: string): {[ key: string ]: any}
- Type: string
public getBooleanAttribute(terraformAttribute: string): IResolvable
- Type: string
public getBooleanMapAttribute(terraformAttribute: string): {[ key: string ]: boolean}
- Type: string
public getListAttribute(terraformAttribute: string): string[]
- Type: string
public getNumberAttribute(terraformAttribute: string): number
- Type: string
public getNumberListAttribute(terraformAttribute: string): number[]
- Type: string
public getNumberMapAttribute(terraformAttribute: string): {[ key: string ]: number}
- Type: string
public getStringAttribute(terraformAttribute: string): string
- Type: string
public getStringMapAttribute(terraformAttribute: string): {[ key: string ]: string}
- Type: string
public hasResourceMove(): TerraformResourceMoveByTarget | TerraformResourceMoveById
public importFrom(id: string, provider?: TerraformProvider): void
- Type: string
- Type: cdktf.TerraformProvider
public interpolationForAttribute(terraformAttribute: string): IResolvable
- Type: string
public moveFromId(id: string): void
Move the resource corresponding to "id" to this resource.
Note that the resource being moved from must be marked as moved using it's instance function.
- Type: string
Full id of resource being moved from, e.g. "aws_s3_bucket.example".
public moveTo(moveTarget: string, index?: string | number): void
Moves this resource to the target resource given by moveTarget.
- Type: string
The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.
- Type: string | number
Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.
public moveToId(id: string): void
Moves this resource to the resource corresponding to "id".
- Type: string
Full id of resource to move to, e.g. "aws_s3_bucket.example".
public resetAllowedRoles(): void
public resetAnyRoleMode(): void
public resetAudienceUrls(): void
public resetBlockedRoles(): void
public resetComment(): void
public resetId(): void
public resetJwsKeysUrls(): void
public resetRsaPublicKey(): void
public resetRsaPublicKey2(): void
public resetScopeDelimiter(): void
public resetScopeMappingAttribute(): void
Name | Description |
---|---|
isConstruct |
Checks if x is a construct. |
isTerraformElement |
No description. |
isTerraformResource |
No description. |
generateConfigForImport |
Generates CDKTF code for importing a ExternalOauthIntegration resource upon running "cdktf plan ". |
import { externalOauthIntegration } from '@cdktf/provider-snowflake'
externalOauthIntegration.ExternalOauthIntegration.isConstruct(x: any)
Checks if x
is a construct.
Use this method instead of instanceof
to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs
library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct
in each copy of the constructs
library
is seen as a different class, and an instance of one class will not test as
instanceof
the other class. npm install
will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof
will behave
unpredictably. It is safest to avoid using instanceof
, and using
this type-testing method instead.
- Type: any
Any object.
import { externalOauthIntegration } from '@cdktf/provider-snowflake'
externalOauthIntegration.ExternalOauthIntegration.isTerraformElement(x: any)
- Type: any
import { externalOauthIntegration } from '@cdktf/provider-snowflake'
externalOauthIntegration.ExternalOauthIntegration.isTerraformResource(x: any)
- Type: any
import { externalOauthIntegration } from '@cdktf/provider-snowflake'
externalOauthIntegration.ExternalOauthIntegration.generateConfigForImport(scope: Construct, importToId: string, importFromId: string, provider?: TerraformProvider)
Generates CDKTF code for importing a ExternalOauthIntegration resource upon running "cdktf plan ".
- Type: constructs.Construct
The scope in which to define this construct.
- Type: string
The construct id used in the generated config for the ExternalOauthIntegration to import.
- Type: string
The id of the existing ExternalOauthIntegration that should be imported.
Refer to the {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#import import section} in the documentation of this resource for the id to use
- Type: cdktf.TerraformProvider
? Optional instance of the provider where the ExternalOauthIntegration to import is found.
Name | Type | Description |
---|---|---|
node |
constructs.Node |
The tree node. |
cdktfStack |
cdktf.TerraformStack |
No description. |
fqn |
string |
No description. |
friendlyUniqueId |
string |
No description. |
terraformMetaArguments |
{[ key: string ]: any} |
No description. |
terraformResourceType |
string |
No description. |
terraformGeneratorMetadata |
cdktf.TerraformProviderGeneratorMetadata |
No description. |
connection |
cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection |
No description. |
count |
number | cdktf.TerraformCount |
No description. |
dependsOn |
string[] |
No description. |
forEach |
cdktf.ITerraformIterator |
No description. |
lifecycle |
cdktf.TerraformResourceLifecycle |
No description. |
provider |
cdktf.TerraformProvider |
No description. |
provisioners |
cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[] |
No description. |
createdOn |
string |
No description. |
allowedRolesInput |
string[] |
No description. |
anyRoleModeInput |
string |
No description. |
audienceUrlsInput |
string[] |
No description. |
blockedRolesInput |
string[] |
No description. |
commentInput |
string |
No description. |
enabledInput |
boolean | cdktf.IResolvable |
No description. |
idInput |
string |
No description. |
issuerInput |
string |
No description. |
jwsKeysUrlsInput |
string[] |
No description. |
nameInput |
string |
No description. |
rsaPublicKey2Input |
string |
No description. |
rsaPublicKeyInput |
string |
No description. |
scopeDelimiterInput |
string |
No description. |
scopeMappingAttributeInput |
string |
No description. |
snowflakeUserMappingAttributeInput |
string |
No description. |
tokenUserMappingClaimsInput |
string[] |
No description. |
typeInput |
string |
No description. |
allowedRoles |
string[] |
No description. |
anyRoleMode |
string |
No description. |
audienceUrls |
string[] |
No description. |
blockedRoles |
string[] |
No description. |
comment |
string |
No description. |
enabled |
boolean | cdktf.IResolvable |
No description. |
id |
string |
No description. |
issuer |
string |
No description. |
jwsKeysUrls |
string[] |
No description. |
name |
string |
No description. |
rsaPublicKey |
string |
No description. |
rsaPublicKey2 |
string |
No description. |
scopeDelimiter |
string |
No description. |
scopeMappingAttribute |
string |
No description. |
snowflakeUserMappingAttribute |
string |
No description. |
tokenUserMappingClaims |
string[] |
No description. |
type |
string |
No description. |
public readonly node: Node;
- Type: constructs.Node
The tree node.
public readonly cdktfStack: TerraformStack;
- Type: cdktf.TerraformStack
public readonly fqn: string;
- Type: string
public readonly friendlyUniqueId: string;
- Type: string
public readonly terraformMetaArguments: {[ key: string ]: any};
- Type: {[ key: string ]: any}
public readonly terraformResourceType: string;
- Type: string
public readonly terraformGeneratorMetadata: TerraformProviderGeneratorMetadata;
- Type: cdktf.TerraformProviderGeneratorMetadata
public readonly connection: SSHProvisionerConnection | WinrmProvisionerConnection;
- Type: cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection
public readonly count: number | TerraformCount;
- Type: number | cdktf.TerraformCount
public readonly dependsOn: string[];
- Type: string[]
public readonly forEach: ITerraformIterator;
- Type: cdktf.ITerraformIterator
public readonly lifecycle: TerraformResourceLifecycle;
- Type: cdktf.TerraformResourceLifecycle
public readonly provider: TerraformProvider;
- Type: cdktf.TerraformProvider
public readonly provisioners: FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner[];
- Type: cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[]
public readonly createdOn: string;
- Type: string
public readonly allowedRolesInput: string[];
- Type: string[]
public readonly anyRoleModeInput: string;
- Type: string
public readonly audienceUrlsInput: string[];
- Type: string[]
public readonly blockedRolesInput: string[];
- Type: string[]
public readonly commentInput: string;
- Type: string
public readonly enabledInput: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly idInput: string;
- Type: string
public readonly issuerInput: string;
- Type: string
public readonly jwsKeysUrlsInput: string[];
- Type: string[]
public readonly nameInput: string;
- Type: string
public readonly rsaPublicKey2Input: string;
- Type: string
public readonly rsaPublicKeyInput: string;
- Type: string
public readonly scopeDelimiterInput: string;
- Type: string
public readonly scopeMappingAttributeInput: string;
- Type: string
public readonly snowflakeUserMappingAttributeInput: string;
- Type: string
public readonly tokenUserMappingClaimsInput: string[];
- Type: string[]
public readonly typeInput: string;
- Type: string
public readonly allowedRoles: string[];
- Type: string[]
public readonly anyRoleMode: string;
- Type: string
public readonly audienceUrls: string[];
- Type: string[]
public readonly blockedRoles: string[];
- Type: string[]
public readonly comment: string;
- Type: string
public readonly enabled: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly id: string;
- Type: string
public readonly issuer: string;
- Type: string
public readonly jwsKeysUrls: string[];
- Type: string[]
public readonly name: string;
- Type: string
public readonly rsaPublicKey: string;
- Type: string
public readonly rsaPublicKey2: string;
- Type: string
public readonly scopeDelimiter: string;
- Type: string
public readonly scopeMappingAttribute: string;
- Type: string
public readonly snowflakeUserMappingAttribute: string;
- Type: string
public readonly tokenUserMappingClaims: string[];
- Type: string[]
public readonly type: string;
- Type: string
Name | Type | Description |
---|---|---|
tfResourceType |
string |
No description. |
public readonly tfResourceType: string;
- Type: string
import { externalOauthIntegration } from '@cdktf/provider-snowflake'
const externalOauthIntegrationConfig: externalOauthIntegration.ExternalOauthIntegrationConfig = { ... }
Name | Type | Description |
---|---|---|
connection |
cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection |
No description. |
count |
number | cdktf.TerraformCount |
No description. |
dependsOn |
cdktf.ITerraformDependable[] |
No description. |
forEach |
cdktf.ITerraformIterator |
No description. |
lifecycle |
cdktf.TerraformResourceLifecycle |
No description. |
provider |
cdktf.TerraformProvider |
No description. |
provisioners |
cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[] |
No description. |
enabled |
boolean | cdktf.IResolvable |
Specifies whether to initiate operation of the integration or suspend it. |
issuer |
string |
Specifies the URL to define the OAuth 2.0 authorization server. |
name |
string |
Specifies the name of the External Oath integration. |
snowflakeUserMappingAttribute |
string |
Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. |
tokenUserMappingClaims |
string[] |
Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. |
type |
string |
Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. |
allowedRoles |
string[] |
Specifies the list of roles that the client can set as the primary role. |
anyRoleMode |
string |
Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. |
audienceUrls |
string[] |
Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL. |
blockedRoles |
string[] |
Specifies the list of roles that a client cannot set as the primary role. |
comment |
string |
Specifies a comment for the OAuth integration. |
id |
string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#id ExternalOauthIntegration#id}. |
jwsKeysUrls |
string[] |
Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. |
rsaPublicKey |
string |
Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. |
rsaPublicKey2 |
string |
Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. |
scopeDelimiter |
string |
Specifies the scope delimiter in the authorization token. |
scopeMappingAttribute |
string |
Specifies the access token claim to map the access token to an account role. |
public readonly connection: SSHProvisionerConnection | WinrmProvisionerConnection;
- Type: cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection
public readonly count: number | TerraformCount;
- Type: number | cdktf.TerraformCount
public readonly dependsOn: ITerraformDependable[];
- Type: cdktf.ITerraformDependable[]
public readonly forEach: ITerraformIterator;
- Type: cdktf.ITerraformIterator
public readonly lifecycle: TerraformResourceLifecycle;
- Type: cdktf.TerraformResourceLifecycle
public readonly provider: TerraformProvider;
- Type: cdktf.TerraformProvider
public readonly provisioners: FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner[];
- Type: cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[]
public readonly enabled: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
Specifies whether to initiate operation of the integration or suspend it.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#enabled ExternalOauthIntegration#enabled}
public readonly issuer: string;
- Type: string
Specifies the URL to define the OAuth 2.0 authorization server.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#issuer ExternalOauthIntegration#issuer}
public readonly name: string;
- Type: string
Specifies the name of the External Oath integration.
This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#name ExternalOauthIntegration#name}
public readonly snowflakeUserMappingAttribute: string;
- Type: string
Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#snowflake_user_mapping_attribute ExternalOauthIntegration#snowflake_user_mapping_attribute}
public readonly tokenUserMappingClaims: string[];
- Type: string[]
Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#token_user_mapping_claims ExternalOauthIntegration#token_user_mapping_claims}
public readonly type: string;
- Type: string
Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#type ExternalOauthIntegration#type}
public readonly allowedRoles: string[];
- Type: string[]
Specifies the list of roles that the client can set as the primary role.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#allowed_roles ExternalOauthIntegration#allowed_roles}
public readonly anyRoleMode: string;
- Type: string
Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#any_role_mode ExternalOauthIntegration#any_role_mode}
public readonly audienceUrls: string[];
- Type: string[]
Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#audience_urls ExternalOauthIntegration#audience_urls}
public readonly blockedRoles: string[];
- Type: string[]
Specifies the list of roles that a client cannot set as the primary role.
Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#blocked_roles ExternalOauthIntegration#blocked_roles}
public readonly comment: string;
- Type: string
Specifies a comment for the OAuth integration.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#comment ExternalOauthIntegration#comment}
public readonly id: string;
- Type: string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#id ExternalOauthIntegration#id}.
Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
public readonly jwsKeysUrls: string[];
- Type: string[]
Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token.
The maximum number of URLs that can be specified in the list is 3.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#jws_keys_urls ExternalOauthIntegration#jws_keys_urls}
public readonly rsaPublicKey: string;
- Type: string
Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#rsa_public_key ExternalOauthIntegration#rsa_public_key}
public readonly rsaPublicKey2: string;
- Type: string
Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers.
Used for key rotation.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#rsa_public_key_2 ExternalOauthIntegration#rsa_public_key_2}
public readonly scopeDelimiter: string;
- Type: string
Specifies the scope delimiter in the authorization token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#scope_delimiter ExternalOauthIntegration#scope_delimiter}
public readonly scopeMappingAttribute: string;
- Type: string
Specifies the access token claim to map the access token to an account role.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/snowflake-labs/snowflake/0.91.0/docs/resources/external_oauth_integration#scope_mapping_attribute ExternalOauthIntegration#scope_mapping_attribute}