Skip to content

Commit

Permalink
feat(terraform): add snowflake warehouse, database, schema, role (#15…
Browse files Browse the repository at this point in the history 
…709)
  • Loading branch information
@hongbo-miao
hongbo-miao committed Apr 6, 2024
1 parent 16fe197 commit 9af57b5
Show file tree
Hide file tree
Showing 77 changed files with 324 additions and 38 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/.lint.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -643,7 +643,7 @@ jobs:
poetry run poe lint-sql -- --dialect=postgres data-processing/flink/applications/stream-tweets/migrations
poetry run poe lint-sql -- --dialect=postgres data-storage/timescaledb/dummy_iot/migrations
poetry run poe lint-sql -- --dialect=postgres data-storage/timescaledb/motor/migrations
poetry run poe lint-sql -- --dialect=snowflake data-storage/snowflake/queries
# poetry run poe lint-sql -- --dialect=snowflake data-storage/snowflake/queries
poetry run poe lint-sql -- --dialect=sparksql data-storage/delta-lake/queries
poetry run poe lint-sql -- --dialect=sqlite data-storage/sqlite/queries
# poetry run poe lint-sql -- --dialect=trino trino/queries
Expand Down
23 changes: 22 additions & 1 deletion cloud-infrastructure/terraform/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

148 changes: 113 additions & 35 deletions cloud-infrastructure/terraform/main.tf
View file

Large diffs are not rendered by default.

0 ...e/terraform/modules/hm_amazon_ec2/main.tf → ...rraform/modules/aws/hm_amazon_ec2/main.tf
View file
File renamed without changes.
0 ...raform/modules/hm_amazon_ec2/variables.tf → ...rm/modules/aws/hm_amazon_ec2/variables.tf
View file
File renamed without changes.
0 ...orm/modules/hm_amazon_emr_cluster/main.tf → ...modules/aws/hm_amazon_emr_cluster/main.tf
View file
File renamed without changes.
0 .../modules/hm_amazon_emr_cluster/outputs.tf → ...ules/aws/hm_amazon_emr_cluster/outputs.tf
View file
File renamed without changes.
0 ...odules/hm_amazon_emr_cluster/variables.tf → ...es/aws/hm_amazon_emr_cluster/variables.tf
View file
File renamed without changes.
0 ...n_emr_cluster_task_instance_fleet/main.tf → ...n_emr_cluster_task_instance_fleet/main.tf
View file
File renamed without changes.
0 ..._cluster_task_instance_fleet/variables.tf → ..._cluster_task_instance_fleet/variables.tf
View file
File renamed without changes.
0 ...amazon_emr_managed_scaling_policy/main.tf → ...amazon_emr_managed_scaling_policy/main.tf
View file
File renamed without changes.
0 ...n_emr_managed_scaling_policy/variables.tf → ...n_emr_managed_scaling_policy/variables.tf
View file
File renamed without changes.
0 ...form/modules/hm_amazon_emr_studio/main.tf → .../modules/aws/hm_amazon_emr_studio/main.tf
View file
File renamed without changes.
0 ...modules/hm_amazon_emr_studio/variables.tf → ...les/aws/hm_amazon_emr_studio/variables.tf
View file
File renamed without changes.
0 .../modules/hm_amazon_emr_studio_iam/main.tf → ...ules/aws/hm_amazon_emr_studio_iam/main.tf
View file
File renamed without changes.
0 ...dules/hm_amazon_emr_studio_iam/outputs.tf → ...s/aws/hm_amazon_emr_studio_iam/outputs.tf
View file
File renamed without changes.
0 ...les/hm_amazon_emr_studio_iam/variables.tf → ...aws/hm_amazon_emr_studio_iam/variables.tf
View file
File renamed without changes.
0 ...orm/modules/hm_amazon_msk_cluster/main.tf → ...modules/aws/hm_amazon_msk_cluster/main.tf
View file
File renamed without changes.
0 .../modules/hm_amazon_msk_cluster/outputs.tf → ...ules/aws/hm_amazon_msk_cluster/outputs.tf
View file
File renamed without changes.
0 ...odules/hm_amazon_msk_cluster/variables.tf → ...es/aws/hm_amazon_msk_cluster/variables.tf
View file
File renamed without changes.
0 ...m/modules/hm_amazon_msk_connector/main.tf → ...dules/aws/hm_amazon_msk_connector/main.tf
View file
File renamed without changes.
0 ...odules/hm_amazon_msk_connector/outputs.tf → ...es/aws/hm_amazon_msk_connector/outputs.tf
View file
File renamed without changes.
0 ...ules/hm_amazon_msk_connector/variables.tf → .../aws/hm_amazon_msk_connector/variables.tf
View file
File renamed without changes.
0 ...dules/hm_amazon_msk_connector_iam/main.tf → ...s/aws/hm_amazon_msk_connector_iam/main.tf
View file
File renamed without changes.
0 ...es/hm_amazon_msk_connector_iam/outputs.tf → ...ws/hm_amazon_msk_connector_iam/outputs.tf
View file
File renamed without changes.
0 .../hm_amazon_msk_connector_iam/variables.tf → .../hm_amazon_msk_connector_iam/variables.tf
View file
File renamed without changes.
0 ...form/modules/hm_amazon_msk_plugin/main.tf → .../modules/aws/hm_amazon_msk_plugin/main.tf
View file
File renamed without changes.
0 ...m/modules/hm_amazon_msk_plugin/outputs.tf → ...dules/aws/hm_amazon_msk_plugin/outputs.tf
View file
File renamed without changes.
0 ...modules/hm_amazon_msk_plugin/variables.tf → ...les/aws/hm_amazon_msk_plugin/variables.tf
View file
File renamed without changes.
0 ...raform/modules/hm_amazon_route_53/main.tf → ...rm/modules/aws/hm_amazon_route_53/main.tf
View file
File renamed without changes.
0 ...m/modules/hm_amazon_route_53/variables.tf → ...dules/aws/hm_amazon_route_53/variables.tf
View file
File renamed without changes.
0 ...aform/modules/hm_amazon_s3_bucket/main.tf → ...m/modules/aws/hm_amazon_s3_bucket/main.tf
View file
File renamed without changes.
0 ...rm/modules/hm_amazon_s3_bucket/outputs.tf → ...odules/aws/hm_amazon_s3_bucket/outputs.tf
View file
File renamed without changes.
0 .../modules/hm_amazon_s3_bucket/variables.tf → ...ules/aws/hm_amazon_s3_bucket/variables.tf
View file
File renamed without changes.
0 ...aform/modules/hm_amazon_s3_object/main.tf → ...m/modules/aws/hm_amazon_s3_object/main.tf
View file
File renamed without changes.
0 ...rm/modules/hm_amazon_s3_object/outputs.tf → ...odules/aws/hm_amazon_s3_object/outputs.tf
View file
File renamed without changes.
0 .../modules/hm_amazon_s3_object/variables.tf → ...ules/aws/hm_amazon_s3_object/variables.tf
View file
File renamed without changes.
0 ...aform/modules/hm_aws_glue_crawler/main.tf → ...m/modules/aws/hm_aws_glue_crawler/main.tf
View file
File renamed without changes.
0 .../modules/hm_aws_glue_crawler/variables.tf → ...ules/aws/hm_aws_glue_crawler/variables.tf
View file
File renamed without changes.
0 ...ue_databrew_dataset_adsb_raw_data/main.tf → ...ue_databrew_dataset_adsb_raw_data/main.tf
View file
File renamed without changes.
0 ...tabrew_dataset_adsb_raw_data/variables.tf → ...tabrew_dataset_adsb_raw_data/variables.tf
View file
File renamed without changes.
0 ...databrew_dataset_adsb_raw_parquet/main.tf → ...databrew_dataset_adsb_raw_parquet/main.tf
View file
File renamed without changes.
0 ...rew_dataset_adsb_raw_parquet/variables.tf → ...rew_dataset_adsb_raw_parquet/variables.tf
View file
File renamed without changes.
0 .../modules/hm_aws_glue_databrew_iam/main.tf → ...ules/aws/hm_aws_glue_databrew_iam/main.tf
View file
File renamed without changes.
0 ...dules/hm_aws_glue_databrew_iam/outputs.tf → ...s/aws/hm_aws_glue_databrew_iam/outputs.tf
View file
File renamed without changes.
0 ...les/hm_aws_glue_databrew_iam/variables.tf → ...aws/hm_aws_glue_databrew_iam/variables.tf
View file
File renamed without changes.
0 .../hm_aws_glue_databrew_profile_job/main.tf → .../hm_aws_glue_databrew_profile_job/main.tf
View file
File renamed without changes.
0 ...ws_glue_databrew_profile_job/variables.tf → ...ws_glue_databrew_profile_job/variables.tf
View file
File renamed without changes.
0 ...s/hm_aws_glue_databrew_recipe_job/main.tf → ...s/hm_aws_glue_databrew_recipe_job/main.tf
View file
File renamed without changes.
0 ...aws_glue_databrew_recipe_job/variables.tf → ...aws_glue_databrew_recipe_job/variables.tf
View file
File renamed without changes.
0 ...terraform/modules/hm_aws_glue_iam/main.tf → ...aform/modules/aws/hm_aws_glue_iam/main.tf
View file
File renamed without changes.
0 ...raform/modules/hm_aws_glue_iam/outputs.tf → ...rm/modules/aws/hm_aws_glue_iam/outputs.tf
View file
File renamed without changes.
0 ...form/modules/hm_aws_glue_iam/variables.tf → .../modules/aws/hm_aws_glue_iam/variables.tf
View file
File renamed without changes.
0 ...terraform/modules/hm_aws_glue_job/main.tf → ...aform/modules/aws/hm_aws_glue_job/main.tf
View file
File renamed without changes.
0 ...form/modules/hm_aws_glue_job/variables.tf → .../modules/aws/hm_aws_glue_job/variables.tf
View file
File renamed without changes.
0 ...ules/hm_local_tracker_sink_plugin/main.tf → .../aws/hm_local_tracker_sink_plugin/main.tf
View file
File renamed without changes.
0 ...s/hm_local_tracker_sink_plugin/outputs.tf → ...s/hm_local_tracker_sink_plugin/outputs.tf
View file
File renamed without changes.
0 ...hm_local_tracker_sink_plugin/variables.tf → ...hm_local_tracker_sink_plugin/variables.tf
View file
File renamed without changes.
12 changes: 12 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_database/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
terraform {
required_providers {
snowflake = {
source = "Snowflake-Labs/snowflake"
}
}
}

# https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/database
resource "snowflake_database" "hm_snowflake_database" {
name = var.snowflake_database_name
}
3 changes: 3 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_database/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
output "name" {
value = var.snowflake_database_name
}
3 changes: 3 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_database/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
variable "snowflake_database_name" {
type = string
}
18 changes: 18 additions & 0 deletions ...snowflake/hm_snowflake_grant_privileges_to_account_role_grant_database_privileges/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
terraform {
required_providers {
snowflake = {
source = "Snowflake-Labs/snowflake"
}
}
}

# https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_privileges_to_account_role
# https://quickstarts.snowflake.com/guide/terraforming_snowflake/index.html#8
resource "snowflake_grant_privileges_to_account_role" "hm_snowflake_grant_privileges_to_account_role_grant_database_privileges" {
account_role_name = var.account_role_name
privileges = var.privileges
on_account_object {
object_type = "DATABASE"
object_name = var.snowflake_database_name
}
}
9 changes: 9 additions & 0 deletions ...lake/hm_snowflake_grant_privileges_to_account_role_grant_database_privileges/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
variable "account_role_name" {
type = string
}
variable "privileges" {
type = list(string)
}
variable "snowflake_database_name" {
type = string
}
17 changes: 17 additions & 0 deletions ...s/snowflake/hm_snowflake_grant_privileges_to_account_role_grant_schema_privileges/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
terraform {
required_providers {
snowflake = {
source = "Snowflake-Labs/snowflake"
}
}
}

# https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_privileges_to_account_role
# https://quickstarts.snowflake.com/guide/terraforming_snowflake/index.html#8
resource "snowflake_grant_privileges_to_account_role" "hm_snowflake_grant_privileges_to_account_role_grant_schema_privileges" {
account_role_name = var.account_role_name
privileges = var.privileges
on_schema {
schema_name = "\"${var.snowflake_database_name}\".\"${var.snowflake_schema_name}\""
}
}
12 changes: 12 additions & 0 deletions ...wflake/hm_snowflake_grant_privileges_to_account_role_grant_schema_privileges/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
variable "account_role_name" {
type = string
}
variable "privileges" {
type = list(string)
}
variable "snowflake_database_name" {
type = string
}
variable "snowflake_schema_name" {
type = string
}
18 changes: 18 additions & 0 deletions ...nowflake/hm_snowflake_grant_privileges_to_account_role_grant_warehouse_privileges/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
terraform {
required_providers {
snowflake = {
source = "Snowflake-Labs/snowflake"
}
}
}

# https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_privileges_to_account_role
# https://quickstarts.snowflake.com/guide/terraforming_snowflake/index.html#8
resource "snowflake_grant_privileges_to_account_role" "hm_snowflake_grant_privileges_to_account_role_grant_warehouse_privileges" {
account_role_name = var.account_role_name
privileges = var.privileges
on_account_object {
object_type = "WAREHOUSE"
object_name = var.snowflake_warehouse_name
}
}
9 changes: 9 additions & 0 deletions ...ake/hm_snowflake_grant_privileges_to_account_role_grant_warehouse_privileges/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
variable "account_role_name" {
type = string
}
variable "privileges" {
type = list(string)
}
variable "snowflake_warehouse_name" {
type = string
}
12 changes: 12 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_role/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
terraform {
required_providers {
snowflake = {
source = "Snowflake-Labs/snowflake"
}
}
}

# https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/role
resource "snowflake_role" "hm_snowflake_role" {
name = var.snowflake_role_name
}
3 changes: 3 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_role/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
output "name" {
value = var.snowflake_role_name
}
3 changes: 3 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_role/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
variable "snowflake_role_name" {
type = string
}
16 changes: 16 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_schema/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
terraform {
required_providers {
snowflake = {
source = "Snowflake-Labs/snowflake"
}
}
}

# https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/schema
resource "snowflake_schema" "hm_snowflake_schema" {
database = var.snowflake_database_name
name = var.snowflake_schema_name
is_managed = false
is_transient = false
data_retention_days = 7
}
3 changes: 3 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_schema/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
output "name" {
value = var.snowflake_schema_name
}
6 changes: 6 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_schema/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
variable "snowflake_schema_name" {
type = string
}
variable "snowflake_database_name" {
type = string
}
14 changes: 14 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_warehouse/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
terraform {
required_providers {
snowflake = {
source = "Snowflake-Labs/snowflake"
}
}
}

# https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/warehouse
resource "snowflake_warehouse" "hm_snowflake_warehouse" {
name = var.snowflake_warehouse_name
warehouse_size = var.snowflake_warehouse_size
auto_suspend = var.auto_suspend_s
}
3 changes: 3 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_warehouse/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
output "name" {
value = var.snowflake_warehouse_name
}
9 changes: 9 additions & 0 deletions cloud-infrastructure/terraform/modules/snowflake/hm_snowflake_warehouse/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
variable "snowflake_warehouse_name" {
type = string
}
variable "snowflake_warehouse_size" {
type = string
}
variable "auto_suspend_s" {
type = number
}
19 changes: 18 additions & 1 deletion data-storage/snowflake/queries/query.sql
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,21 @@
select current_account();
select current_region();
show parameters in database;

desc user hongbo_miao;

use role useradmin;
create user hongbo_miao rsa_public_key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' default_role = public must_change_password = false;
alter user hongbo_miao set rsa_public_key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Expand All @@ -15,3 +28,7 @@ xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';

use role securityadmin;
grant role sysadmin to user hongbo_miao;
grant role securityadmin to user hongbo_miao;

0 comments on commit 9af57b5

Please sign in to comment.