diff --git a/docs/SUMMARY.md b/docs/SUMMARY.md index ee976927..6bc3f460 100644 --- a/docs/SUMMARY.md +++ b/docs/SUMMARY.md @@ -9,15 +9,20 @@ ## Resources * [APIAuthenticationSecurityIntegration](resources/api_authentication_security_integration.md) -* [APIIntegration](resources/api_integration.md) +* [AWSAPIIntegration](resources/awsapi_integration.md) +* [AWSOutboundNotificationIntegration](resources/aws_outbound_notification_integration.md) * [AccountParameter](resources/account_parameter.md) * [AggregationPolicy](resources/aggregation_policy.md) * [Alert](resources/alert.md) * [AuthenticationPolicy](resources/authentication_policy.md) +* [AzureAPIIntegration](resources/azure_api_integration.md) +* [AzureInboundNotificationIntegration](resources/azure_inbound_notification_integration.md) +* [AzureOutboundNotificationIntegration](resources/azure_outbound_notification_integration.md) * [AzureStorageIntegration](resources/azure_storage_integration.md) * [ComputePool](resources/compute_pool.md) * [Database](resources/database.md) * [DatabaseRole](resources/database_role.md) +* [DatabaseRoleGrant](resources/database_role_grant.md) * [DynamicTable](resources/dynamic_table.md) * [EmailNotificationIntegration](resources/email_notification_integration.md) * [EventTable](resources/event_table.md) @@ -25,8 +30,12 @@ * [ExternalStage](resources/external_stage.md) * [FailoverGroup](resources/failover_group.md) * [FutureGrant](resources/future_grant.md) +* [GCPAPIIntegration](resources/gcpapi_integration.md) +* [GCPInboundNotificationIntegration](resources/gcp_inbound_notification_integration.md) +* [GCPOutboundNotificationIntegration](resources/gcp_outbound_notification_integration.md) * [GCSStorageIntegration](resources/gcs_storage_integration.md) * [GenericSecret](resources/generic_secret.md) +* [GitAPIIntegration](resources/git_api_integration.md) * [GlueCatalogIntegration](resources/glue_catalog_integration.md) * [Grant](resources/grant.md) * [GrantOnAll](resources/grant_on_all.md) diff --git a/docs/resources/aws_outbound_notification_integration.md b/docs/resources/aws_outbound_notification_integration.md new file mode 100644 index 00000000..05b78610 --- /dev/null +++ b/docs/resources/aws_outbound_notification_integration.md @@ -0,0 +1,59 @@ +--- +description: >- + +--- + +# AWSOutboundNotificationIntegration + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration) + +Manages the configuration for AWS SNS notification integrations within Snowflake. This integration +allows specifying an AWS SNS topic that will receive a notification. + + +## Examples + +### Python + +```python +sns_notification_integration = NotificationIntegration( + name="some_sns_notification_integration", + type="queue", + notification_provider="aws_sns", + enabled=True, + direction="outbound" + aws_sns_topic_arn="arn:aws:sns:::", + aws_sns_role_arn="arn:aws:iam:::role/", + comment="Example email notification integration" +) +``` + + +### YAML + +```yaml +notification_integrations: + - name: some_sns_notification_integration + type: QUEUE + notification_provider: AWS_SNS + enabled: true + direction: OUTBOUND + aws_sns_topic_arn: arn:aws:sns::: + aws_sns_role_arn: arn:aws:iam:::role/ + comment: Example sns notification integration +``` + + +## Fields + +* `name` (string, required) - The name of the AWS SNS notification integration. +* `type` (string, required) - Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. +* `notification_provider` (string, required) - Specifies AWS SNS as the 3rd party cloud message-queuing service. +* `enabled` (bool, required) - Specifies whether the notification integration is enabled. +* `direction` (string, required) - The direction of the notification integration ("OUTBOUND"). +* `aws_sns_topic_arn` (string, required) - The ARN of the SNS topic that notifications will be sent to. +* `aws_sns_role_arn` (string, required) - The ARN of the IAM role that has permissions to push messages to the SNS topic. +* `comment` (string) - An optional comment about the notification integration. +* `owner` (string or [Role](role.md)) - The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + diff --git a/docs/resources/api_integration.md b/docs/resources/awsapi_integration.md similarity index 98% rename from docs/resources/api_integration.md rename to docs/resources/awsapi_integration.md index 7b4f5639..1658e833 100644 --- a/docs/resources/api_integration.md +++ b/docs/resources/awsapi_integration.md @@ -3,7 +3,7 @@ description: >- --- -# APIIntegration +# AWSAPIIntegration [Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-api-integration) diff --git a/docs/resources/azure_api_integration.md b/docs/resources/azure_api_integration.md new file mode 100644 index 00000000..2b293419 --- /dev/null +++ b/docs/resources/azure_api_integration.md @@ -0,0 +1,54 @@ +--- +description: >- + +--- + +# AzureAPIIntegration + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-api-integration) + +Manages API integrations in Snowflake, allowing external services to interact with Snowflake resources securely. +This class supports creating, replacing, and checking the existence of API integrations with various configurations. + + +## Examples + +### Python + +```python +api_integration = APIIntegration( + name="some_api_integration", + api_provider="GOOGLE_API_GATEWAU", + google_audience="", + enabled=True, + api_allowed_prefixes=["https://some_url.com"], + comment="Example GCP API integration" +) +``` + + +### YAML + +```yaml +api_integrations: + - name: some_api_integration + api_provider: GOOGLE_API_GATEWAY + google_audience: + enabled: true + api_allowed_prefixes: + - https://some_url.com + comment: "Example GCP API integration" +``` + + +## Fields + +* `name` (string, required) - The unique name of the API integration. +* `api_provider` (string or [ApiProvider](api_provider.md), required) - The provider of the API service. +* `google_audience` (string, required) - The audience claim when generating the JWT to authenticate with the Google API Gateway. +* `api_allowed_prefixes` (list, required) - The list of allowed prefixes for the API endpoints. +* `api_blocked_prefixes` (list) - The list of blocked prefixes for the API endpoints. +* `enabled` (bool, required) - Specifies if the API integration is enabled. Defaults to TRUE. +* `comment` (string) - A comment or description for the API integration. + + diff --git a/docs/resources/azure_inbound_notification_integration.md b/docs/resources/azure_inbound_notification_integration.md new file mode 100644 index 00000000..6ebf0126 --- /dev/null +++ b/docs/resources/azure_inbound_notification_integration.md @@ -0,0 +1,56 @@ +--- +description: >- + +--- + +# AzureInboundNotificationIntegration + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration) + +Manages the configuration for Azure Event Grid notification integrations within Snowflake. This integration +allows specifying an Azure Event Grid topic that will publish a notification to Snowflake. + + +## Examples + +### Python + +```python +event_grid_notification_integration = NotificationIntegration( + name="some_event_grid_notification_integration", + type="queue", + notification_provider="azure_event_grid", + enabled=True, + azure_storage_queue_primary_uri="https://.queue.core.windows.net/", + azure_tenant_id="", + comment="Example inbound event grid notification integration" +) +``` + + +### YAML + +```yaml +notification_integrations: + - name: some_event_grid_notification_integration + type: QUEUE + notification_provider: AZURE_EVENT_GRID + enabled: true + azure_storage_queue_primary_uri: https://.queue.core.windows.net/ + azure_tenant_id: + comment: Example inbound event grid notification integration +``` + + +## Fields + +* `name` (string, required) - The name of the notification integration. +* `type` (string, required) - Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. +* `notification_provider` (string, required) - Specifies Azure Event Grid as the 3rd party cloud message-queuing service. +* `enabled` (bool, required) - Specifies whether the notification integration is enabled. +* `azure_storage_queue_primary_uri` (string, required) - The URL for the Azure Queue Storage queue create for Event Grid notifications. +* `azure_tenant_id` (string, required) - The ID of the Azure AD tenant used for identity management. +* `comment` (string) - An optional comment about the notification integration. +* `owner` (string or [Role](role.md)) - The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + diff --git a/docs/resources/azure_outbound_notification_integration.md b/docs/resources/azure_outbound_notification_integration.md new file mode 100644 index 00000000..0e41da10 --- /dev/null +++ b/docs/resources/azure_outbound_notification_integration.md @@ -0,0 +1,59 @@ +--- +description: >- + +--- + +# AzureOutboundNotificationIntegration + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration) + +Manages the configuration for Azure Event Grid notification integrations within Snowflake. This integration +allows specifying an Azure Event Grid topic that will receive a notification. + + +## Examples + +### Python + +```python +event_grid_notification_integration = NotificationIntegration( + name="some_event_grid_notification_integration", + type="queue", + notification_provider="azure_event_grid", + enabled=True, + direction="outbound" + azure_event_grid_topic_endpoint="", + azure_tenant_id="", + comment="Example outbound event grid notification integration" +) +``` + + +### YAML + +```yaml +notification_integrations: + - name: some_event_grid_notification_integration + type: QUEUE + notification_provider: AZURE_EVENT_GRID + enabled: true + direction: OUTBOUND + azure_event_grid_topic_endpoint: + azure_tenant_id: + comment: Example outbound event grid notification integration +``` + + +## Fields + +* `name` (string, required) - The name of the notification integration. +* `type` (string, required) - Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. +* `notification_provider` (string, required) - Specifies Azure Event Grid as the 3rd party cloud message-queuing service. +* `enabled` (bool, required) - Specifies whether the notification integration is enabled. +* `direction` (string, required) - The direction of the notification integration ("OUTBOUND"). +* `azure_event_grid_topic_endpoint` (string, required) - The endpoint of the Event Grid topic that notifications will be sent to. +* `azure_tenant_id` (string, required) - The ID of the Azure AD tenant used for identity management. +* `comment` (string) - An optional comment about the notification integration. +* `owner` (string or [Role](role.md)) - The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + diff --git a/docs/resources/compute_pool.md b/docs/resources/compute_pool.md index c7f7c870..6dc679cc 100644 --- a/docs/resources/compute_pool.md +++ b/docs/resources/compute_pool.md @@ -51,7 +51,7 @@ compute_pools: * `owner` (string or [Role](role.md)) - The owner of the compute pool. Defaults to "ACCOUNTADMIN". * `min_nodes` (int) - The minimum number of nodes in the compute pool. * `max_nodes` (int) - The maximum number of nodes in the compute pool. -* `instance_family` (string or [InstanceFamily](instance_family.md)) - The family of instances to use for the compute nodes. +* `instance_family` (string) - The family of instances to use for the compute nodes. * `auto_resume` (bool) - Whether the compute pool should automatically resume when queries are submitted. Defaults to True. * `initially_suspended` (bool) - Whether the compute pool should start in a suspended state. * `auto_suspend_secs` (int) - The number of seconds of inactivity after which the compute pool should automatically suspend. Defaults to 3600. diff --git a/docs/resources/database_role_grant.md b/docs/resources/database_role_grant.md new file mode 100644 index 00000000..2ad0f0bc --- /dev/null +++ b/docs/resources/database_role_grant.md @@ -0,0 +1,44 @@ +--- +description: >- + +--- + +# DatabaseRoleGrant + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/grant-database-role) + +Represents a grant of a database role to another role or database role in Snowflake. + + +## Examples + +### Python + +```python +# Grant to Database Role: +role_grant = DatabaseRoleGrant(database_role="somedb.somerole", to_database_role="somedb.someotherrole") +role_grant = DatabaseRoleGrant(database_role="somedb.somerole", to=DatabaseRole(database="somedb", name="someotherrole")) +# Grant to Role: +role_grant = DatabaseRoleGrant(database_role="somedb.somerole", to_role="somerole") +role_grant = DatabaseRoleGrant(database_role="somedb.somerole", to=Role(name="somerole")) +``` + + +### YAML + +```yaml +database_role_grants: + - database_role: somedb.somerole + to_database_role: somedb.someotherrole + - database_role: somedb.somerole + to_role: somerole +``` + + +## Fields + +* `database_role` (string or [Role](role.md), required) - The database role to be granted. +* `to_role` (string or [Role](role.md)) - The role to which the database role is granted. +* `to_database_role` (string or [User](user.md)) - The database role to which the database role is granted. + + diff --git a/docs/resources/email_notification_integration.md b/docs/resources/email_notification_integration.md index 5405e4f3..0385da33 100644 --- a/docs/resources/email_notification_integration.md +++ b/docs/resources/email_notification_integration.md @@ -16,8 +16,9 @@ allows specifying recipients who will receive notifications via email. ### Python ```python -email_notification_integration = EmailNotificationIntegration( +email_notification_integration = NotificationIntegration( name="some_email_notification_integration", + type="email", enabled=True, allowed_recipients=["user1@example.com", "user2@example.com"], comment="Example email notification integration" @@ -28,8 +29,9 @@ email_notification_integration = EmailNotificationIntegration( ### YAML ```yaml -email_notification_integrations: +notification_integrations: - name: some_email_notification_integration + type: EMAIL enabled: true allowed_recipients: - user1@example.com @@ -41,6 +43,7 @@ email_notification_integrations: ## Fields * `name` (string, required) - The name of the email notification integration. +* `type` (string, required) - Specifies that this is an email notification integration. * `enabled` (bool, required) - Specifies whether the notification integration is enabled. * `allowed_recipients` (list) - A list of email addresses that are allowed to receive notifications. * `comment` (string) - An optional comment about the notification integration. diff --git a/docs/resources/gcp_inbound_notification_integration.md b/docs/resources/gcp_inbound_notification_integration.md new file mode 100644 index 00000000..5f3bbe12 --- /dev/null +++ b/docs/resources/gcp_inbound_notification_integration.md @@ -0,0 +1,53 @@ +--- +description: >- + +--- + +# GCPInboundNotificationIntegration + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration) + +Manages the configuration for Google Pub/Sub notification integrations within Snowflake. This integration +allows specifying an Google Pub/Sub SNS topic that will publish a notification to Snowflake. + + +## Examples + +### Python + +```python +eventgrid_notification_integration = NotificationIntegration( + name="some_pubsub_notification_integration", + type="queue", + notification_provider="gcp_pubsub", + enabled=True, + gcp_pubsub_topic_name="", + comment="Example inbound event grid notification integration" +) +``` + + +### YAML + +```yaml +notification_integrations: + - name: some_pubsub_notification_integration + type: QUEUE + notification_provider: GCP_PUBSUB + enabled: true + gcp_pubsub_topic_name: + comment: Example inbound event grid notification integration +``` + + +## Fields + +* `name` (string, required) - The name of the notification integration. +* `type` (string, required) - Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. +* `notification_provider` (string, required) - Specifies Google Pub/Sub as the 3rd party cloud message-queuing service. +* `enabled` (bool, required) - Specifies whether the notification integration is enabled. +* `gcp_pubsub_topic_name` (string, required) - The ID of the Pub/Sub topic that notifications will be sent to. +* `comment` (string) - An optional comment about the notification integration. +* `owner` (string or [Role](role.md)) - The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + diff --git a/docs/resources/gcp_outbound_notification_integration.md b/docs/resources/gcp_outbound_notification_integration.md new file mode 100644 index 00000000..ebf9009e --- /dev/null +++ b/docs/resources/gcp_outbound_notification_integration.md @@ -0,0 +1,56 @@ +--- +description: >- + +--- + +# GCPOutboundNotificationIntegration + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration) + +Manages the configuration for Google Pub/Sub notification integrations within Snowflake. This integration +allows specifying an Google Pub/Sub topic that will receive a notification. + + +## Examples + +### Python + +```python +pubsub_notification_integration = NotificationIntegration( + name="some_pubsub_notification_integration", + type="queue", + notification_provider="gcp_pubsub", + enabled=True, + direction="outbound" + gcp_pubsub_topic_name="", + comment="Example outbound pubsub notification integration" +) +``` + + +### YAML + +```yaml +notification_integrations: + - name: some_pubsub_notification_integration + type: QUEUE + notification_provider: GCP_PUBSUB + enabled: true + direction: OUTBOUND + gcp_pubsub_topic_name: + comment: Example outbound pubsub notification integration +``` + + +## Fields + +* `name` (string, required) - The name of the notification integration. +* `type` (string, required) - Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. +* `notification_provider` (string, required) - Specifies Google Pub/Sub as the 3rd party cloud message-queuing service. +* `enabled` (bool, required) - Specifies whether the notification integration is enabled. +* `direction` (string, required) - The direction of the notification integration ("OUTBOUND"). +* `gcp_pubsub_topic_name` (string, required) - The ID of the Pub/Sub topic that notifications will be sent to. +* `comment` (string) - An optional comment about the notification integration. +* `owner` (string or [Role](role.md)) - The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + diff --git a/docs/resources/gcpapi_integration.md b/docs/resources/gcpapi_integration.md new file mode 100644 index 00000000..b4fafd8e --- /dev/null +++ b/docs/resources/gcpapi_integration.md @@ -0,0 +1,54 @@ +--- +description: >- + +--- + +# GCPAPIIntegration + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-api-integration) + +Manages API integrations in Snowflake, allowing external services to interact with Snowflake resources securely. +This class supports creating, replacing, and checking the existence of API integrations with various configurations. + + +## Examples + +### Python + +```python +api_integration = APIIntegration( + name="some_api_integration", + api_provider="GOOGLE_API_GATEWAU", + google_audience="", + enabled=True, + api_allowed_prefixes=["https://some_url.com"], + comment="Example GCP API integration" +) +``` + + +### YAML + +```yaml +api_integrations: + - name: some_api_integration + api_provider: GOOGLE_API_GATEWAY + google_audience: + enabled: true + api_allowed_prefixes: + - https://some_url.com + comment: "Example GCP API integration" +``` + + +## Fields + +* `name` (string, required) - The unique name of the API integration. +* `api_provider` (string or [ApiProvider](api_provider.md), required) - The provider of the API service. +* `google_audience` (string, required) - The audience claim when generating the JWT to authenticate with the Google API Gateway. +* `api_allowed_prefixes` (list, required) - The list of allowed prefixes for the API endpoints. +* `api_blocked_prefixes` (list) - The list of blocked prefixes for the API endpoints. +* `enabled` (bool, required) - Specifies if the API integration is enabled. Defaults to TRUE. +* `comment` (string) - A comment or description for the API integration. + + diff --git a/docs/resources/git_api_integration.md b/docs/resources/git_api_integration.md new file mode 100644 index 00000000..8dfef5ca --- /dev/null +++ b/docs/resources/git_api_integration.md @@ -0,0 +1,51 @@ +--- +description: >- + +--- + +# GitAPIIntegration + +[Snowflake Documentation](https://docs.snowflake.com/en/sql-reference/sql/create-api-integration) + +Manages API integrations in Snowflake, allowing external services to interact with Snowflake resources securely. +This class supports creating, replacing, and checking the existence of API integrations with various configurations. + + +## Examples + +### Python + +```python +api_integration = APIIntegration( + name="some_api_integration", + api_provider="GIT_HTTPS_API", + enabled=True, + api_allowed_prefixes=["https://github.com/"], + comment="Example Git API integration" +) +``` + + +### YAML + +```yaml +api_integrations: + - name: some_api_integration + api_provider: GIT_HTTPS_API + enabled: true + api_allowed_prefixes: + - https://github.com/ + comment: "Example Git API integration" +``` + + +## Fields + +* `name` (string, required) - The unique name of the API integration. +* `api_provider` (string or [ApiProvider](api_provider.md), required) - The provider of the API service. +* `api_allowed_prefixes` (list, required) - The list of allowed prefixes for the API endpoints. +* `api_blocked_prefixes` (list) - The list of blocked prefixes for the API endpoints. +* `enabled` (bool, required) - Specifies if the API integration is enabled. Defaults to TRUE. +* `comment` (string) - A comment or description for the API integration. + + diff --git a/docs/resources/grant.md b/docs/resources/grant.md index 2bdbd643..f530ac03 100644 --- a/docs/resources/grant.md +++ b/docs/resources/grant.md @@ -31,11 +31,14 @@ grant = Grant(priv="SELECT", on_table="sometable", to="somerole") ### YAML ```yaml -- Grant: - priv: "SELECT" +grants: + - priv: "SELECT" on_table: "some_table" to: "some_role" grant_option: true + - priv: "USAGE" + on_schema: somedb.someschema + to: somedb.somedbrole ``` diff --git a/docs/resources/network_rule.md b/docs/resources/network_rule.md index efd34707..77f9af2f 100644 --- a/docs/resources/network_rule.md +++ b/docs/resources/network_rule.md @@ -24,6 +24,15 @@ network_rule = NetworkRule( mode="INGRESS", comment="Example network rule" ) +network_rule = NetworkRule( + name="some_network_rule", + database="somedb", + schema="someschema", + type="IPV4", + value_list=["192.168.1.1", "192.168.1.2"], + mode="INGRESS", + comment="Example network rule with fully qualified name" +) ``` @@ -36,6 +45,13 @@ network_rules: value_list: ["192.168.1.1", "192.168.1.2"] mode: INGRESS comment: "Example network rule" + - name: some_network_rule + database: somedb + schema: someschema + type: IPV4 + value_list: ["192.168.1.1", "192.168.1.2"] + mode: INGRESS + comment: "Example network rule with fully qualified name" ``` diff --git a/tests/integration/data_provider/test_fetch_resource.py b/tests/integration/data_provider/test_fetch_resource.py index 21645186..bdce6eb3 100644 --- a/tests/integration/data_provider/test_fetch_resource.py +++ b/tests/integration/data_provider/test_fetch_resource.py @@ -331,7 +331,7 @@ def test_fetch_network_rule(cursor, suffix, test_db, marked_for_cleanup): def test_fetch_api_integration(cursor, suffix, marked_for_cleanup): - api_integration = res.APIIntegration( + api_integration = res.AWSAPIIntegration( name=f"API_INTEGRATION_EXAMPLE_{suffix}", api_provider="AWS_API_GATEWAY", api_aws_role_arn="arn:aws:iam::123456789012:role/MyRole", @@ -347,11 +347,11 @@ def test_fetch_api_integration(cursor, suffix, marked_for_cleanup): result = safe_fetch(cursor, api_integration.urn) assert result is not None - result = clean_resource_data(res.APIIntegration.spec, result) - data = clean_resource_data(res.APIIntegration.spec, api_integration.to_dict()) + result = clean_resource_data(res.AWSAPIIntegration.spec, result) + data = clean_resource_data(res.AWSAPIIntegration.spec, api_integration.to_dict()) assert result == data - api_integration = res.APIIntegration( + api_integration = res.AWSAPIIntegration( name=f"API_INTEGRATION_EXAMPLE_{suffix}_WITH_API_KEY", api_provider="AWS_API_GATEWAY", api_aws_role_arn="arn:aws:iam::123456789012:role/MyRole", @@ -368,8 +368,8 @@ def test_fetch_api_integration(cursor, suffix, marked_for_cleanup): result = safe_fetch(cursor, api_integration.urn) assert result is not None - result = clean_resource_data(res.APIIntegration.spec, result) - data = clean_resource_data(res.APIIntegration.spec, api_integration.to_dict()) + result = clean_resource_data(res.AWSAPIIntegration.spec, result) + data = clean_resource_data(res.AWSAPIIntegration.spec, api_integration.to_dict()) assert result == data diff --git a/titan/data_provider.py b/titan/data_provider.py index 26479f6f..b06c8ec2 100644 --- a/titan/data_provider.py +++ b/titan/data_provider.py @@ -771,16 +771,54 @@ def fetch_api_integration(session: SnowflakeConnection, fqn: FQN): properties = _desc_type2_result_to_dict(desc_result, lower_properties=True) owner = _fetch_owner(session, "INTEGRATION", fqn) - return { - "name": _quote_snowflake_identifier(data["name"]), - "api_provider": properties["api_provider"], - "api_aws_role_arn": properties["api_aws_role_arn"], - "enabled": properties["enabled"], - "api_allowed_prefixes": properties["api_allowed_prefixes"], - "api_blocked_prefixes": properties["api_blocked_prefixes"], - "owner": owner, - "comment": data["comment"] or None, - } + if properties["api_provider"].startswith("AWS"): + return { + "name": _quote_snowflake_identifier(data["name"]), + "api_provider": properties["api_provider"], + "api_aws_role_arn": properties["api_aws_role_arn"], + "api_key": properties["api_key"] or None, + "enabled": properties["enabled"], + "api_allowed_prefixes": properties["api_allowed_prefixes"], + "api_blocked_prefixes": properties["api_blocked_prefixes"], + "owner": owner, + "comment": data["comment"] or None, + } + elif properties["api_provider"].startswith("GIT"): + return { + "name": _quote_snowflake_identifier(data["name"]), + "api_provider": properties["api_provider"], + "enabled": properties["enabled"], + "api_allowed_prefixes": properties["api_allowed_prefixes"], + "api_blocked_prefixes": properties["api_blocked_prefixes"], + "owner": owner, + "comment": data["comment"] or None, + } + elif properties["api_provider"].startswith("GOOGLE"): + return { + "name": _quote_snowflake_identifier(data["name"]), + "api_provider": properties["api_provider"], + "google_audience": properties["google_audience"], + "enabled": properties["enabled"], + "api_allowed_prefixes": properties["api_allowed_prefixes"], + "api_blocked_prefixes": properties["api_blocked_prefixes"], + "owner": owner, + "comment": data["comment"] or None, + } + elif properties["api_provider"].startswith("AZURE"): + return { + "name": _quote_snowflake_identifier(data["name"]), + "api_provider": properties["api_provider"], + "azure_tenant_id": properties["azure_tenant_id"], + "azure_ad_application_id": properties["azure_ad_application_id"], + "api_key": properties["api_key"] or None, + "enabled": properties["enabled"], + "api_allowed_prefixes": properties["api_allowed_prefixes"], + "api_blocked_prefixes": properties["api_blocked_prefixes"], + "owner": owner, + "comment": data["comment"] or None, + } + + raise Exception(f"Unsupported api integration type: {properties['api_provider']}") def fetch_authentication_policy(session: SnowflakeConnection, fqn: FQN): @@ -1506,8 +1544,69 @@ def fetch_notification_integration(session: SnowflakeConnection, fqn: FQN): "owner": owner, "comment": data["comment"] or None, } - else: - raise Exception(f"Unsupported notification integration type: {data['type']}") + elif data["type"].startswith("QUEUE"): + type_, notification_provider = data["type"].split(" - ") + if notification_provider == "AWS_SNS": + return { + "name": _quote_snowflake_identifier(data["name"]), + "type": type_, + "enabled": data["enabled"] == "true", + "direction": properties["direction"], + "notification_provider": notification_provider, + "aws_sns_topic_arn": properties["aws_sns_topic_arn"], + "aws_sns_role_arn": properties["aws_sns_role_arn"], + "owner": owner, + "comment": data["comment"] or None, + } + elif notification_provider == "GCP_PUBSUB": + if properties["direction"] == "INBOUND": + return { + "name": _quote_snowflake_identifier(data["name"]), + "type": type_, + "enabled": data["enabled"] == "true", + "notification_provider": notification_provider, + "gcp_pubsub_subscription_name": properties["gcp_pubsub_subscription_name"], + "owner": owner, + "comment": data["comment"] or None, + } + elif properties["direction"] == "OUTBOUND": + return { + "name": _quote_snowflake_identifier(data["name"]), + "type": type_, + "direction": properties["direction"], + "enabled": data["enabled"] == "true", + "notification_provider": notification_provider, + "gcp_pubsub_subscription_name": properties["gcp_pubsub_subscription_name"], + "owner": owner, + "comment": data["comment"] or None, + } + elif notification_provider == "AZURE_STORAGE_QUEUE": + return { + "name": _quote_snowflake_identifier(data["name"]), + "type": type_, + "enabled": data["enabled"] == "true", + "notification_provider": notification_provider, + "azure_storage_queue_primary_uri": properties["azure_storage_queue_primary_uri"], + "azure_tenant_id": properties["azure_tenant_id"], + "owner": owner, + "comment": data["comment"] or None, + } + elif notification_provider == "AZURE_EVENT_GRID": + return { + "name": _quote_snowflake_identifier(data["name"]), + "type": type_, + "enabled": data["enabled"] == "true", + "direction": properties["direction"], + "notification_provider": notification_provider, + "azure_event_grid_topic_endpoint": properties["azure_storage_queue_primary_uri"], + "azure_tenant_id": properties["azure_tenant_id"], + "owner": owner, + "comment": data["comment"] or None, + } + + + + raise Exception(f"Unsupported notification integration type: {data['type']}") def fetch_packages_policy(session: SnowflakeConnection, fqn: FQN): @@ -2778,6 +2877,11 @@ def list_stages(session: SnowflakeConnection) -> list[FQN]: def list_storage_integrations(session: SnowflakeConnection) -> list[FQN]: return list_account_scoped_resource(session, "STORAGE INTEGRATIONS") +def list_external_access_integrations(session: SnowflakeConnection) -> list[FQN]: + return list_account_scoped_resource(session, "EXTERNAL ACCESS INTEGRATIONS") + +def list_notification_integrations(session: SnowflakeConnection) -> list[FQN]: + return list_account_scoped_resource(session, "NOTIFICATION INTEGRATIONS") def list_streams(session: SnowflakeConnection) -> list[FQN]: return list_schema_scoped_resource(session, "STREAMS") diff --git a/titan/resources/__init__.py b/titan/resources/__init__.py index 5d29bbd1..5052c7b4 100644 --- a/titan/resources/__init__.py +++ b/titan/resources/__init__.py @@ -2,7 +2,12 @@ from .account_parameter import AccountParameter from .aggregation_policy import AggregationPolicy from .alert import Alert -from .api_integration import APIIntegration +from .api_integration import ( + AWSAPIIntegration, + AzureAPIIntegration, + GCPAPIIntegration, + GitAPIIntegration, +) from .authentication_policy import AuthenticationPolicy from .catalog_integration import GlueCatalogIntegration, ObjectStoreCatalogIntegration from .column import Column @@ -72,9 +77,10 @@ "AggregationPolicy", "Alert", "APIAuthenticationSecurityIntegration", - "APIIntegration", "AuthenticationPolicy", + "AWSAPIIntegration", "AWSOutboundNotificationIntegration", + "AzureAPIIntegration", "AzureInboundNotificationIntegration", "AzureOutboundNotificationIntegration", "AzureStorageIntegration", @@ -94,10 +100,12 @@ "ExternalVolume", "FailoverGroup", "FutureGrant", + "GCPAPIIntegration", "GCPInboundNotificationIntegration", "GCPOutboundNotificationIntegration", "GCSStorageIntegration", "GenericSecret", + "GitAPIIntegration", "GlueCatalogIntegration", "Grant", "GrantOnAll", diff --git a/titan/resources/api_integration.py b/titan/resources/api_integration.py index 306197c1..28970b8a 100644 --- a/titan/resources/api_integration.py +++ b/titan/resources/api_integration.py @@ -13,10 +13,12 @@ class ApiProvider(ParseableEnum): AWS_PRIVATE_API_GATEWAY = "AWS_PRIVATE_API_GATEWAY" AWS_GOV_API_GATEWAY = "AWS_GOV_API_GATEWAY" AWS_GOV_PRIVATE_API_GATEWAY = "AWS_GOV_PRIVATE_API_GATEWAY" - + AZURE_API_MANAGEMENT = "AZURE_API_MANAGEMENT" + GOOGLE_API_GATEWAY = "GOOGLE_API_GATEWAY" + GIT_HTTPS_API = "GIT_HTTPS_API" @dataclass(unsafe_hash=True) -class _APIIntegration(ResourceSpec): +class _AWSAPIIntegration(ResourceSpec): name: ResourceName api_provider: ApiProvider api_aws_role_arn: str @@ -28,7 +30,7 @@ class _APIIntegration(ResourceSpec): comment: str = None -class APIIntegration(NamedResource, Resource): +class AWSAPIIntegration(NamedResource, Resource): """ Description: Manages API integrations in Snowflake, allowing external services to interact with Snowflake resources securely. @@ -88,7 +90,7 @@ class APIIntegration(NamedResource, Resource): comment=StringProp("comment"), ) scope = AccountScope() - spec = _APIIntegration + spec = _AWSAPIIntegration def __init__( self, @@ -104,7 +106,7 @@ def __init__( **kwargs, ): super().__init__(name, **kwargs) - self._data: _APIIntegration = _APIIntegration( + self._data: _AWSAPIIntegration = _AWSAPIIntegration( name=self._name, api_provider=api_provider, api_aws_role_arn=api_aws_role_arn, @@ -115,3 +117,308 @@ def __init__( owner=owner, comment=comment, ) + +@dataclass(unsafe_hash=True) +class _AzureAPIIntegration(ResourceSpec): + name: ResourceName + api_provider: ApiProvider + azure_tenant_id: str + azure_ad_application_id: str + enabled: bool + api_allowed_prefixes: list[str] + api_blocked_prefixes: list[str] = None + api_key: str = field(default=None, metadata={"fetchable": False}) + owner: Role = "ACCOUNTADMIN" + comment: str = None + + +class AzureAPIIntegration(NamedResource, Resource): + """ + Description: + Manages API integrations in Snowflake, allowing external services to interact with Snowflake resources securely. + This class supports creating, replacing, and checking the existence of API integrations with various configurations. + + Snowflake Docs: + https://docs.snowflake.com/en/sql-reference/sql/create-api-integration + + Fields: + name (string, required): The unique name of the API integration. + api_provider (string or ApiProvider, required): The provider of the API service. + google_audience (string, required): The audience claim when generating the JWT to authenticate with the Google API Gateway. + api_allowed_prefixes (list, required): The list of allowed prefixes for the API endpoints. + api_blocked_prefixes (list): The list of blocked prefixes for the API endpoints. + enabled (bool, required): Specifies if the API integration is enabled. Defaults to TRUE. + comment (string): A comment or description for the API integration. + + Python: + + ```python + api_integration = APIIntegration( + name="some_api_integration", + api_provider="GOOGLE_API_GATEWAU", + google_audience="", + enabled=True, + api_allowed_prefixes=["https://some_url.com"], + comment="Example GCP API integration" + ) + ``` + + Yaml: + + ```yaml + api_integrations: + - name: some_api_integration + api_provider: GOOGLE_API_GATEWAY + google_audience: + enabled: true + api_allowed_prefixes: + - https://some_url.com + comment: "Example GCP API integration" + ``` + """ + + + resource_type = ResourceType.API_INTEGRATION + props = Props( + api_provider=EnumProp("api_provider", ApiProvider), + azure_tenant_id=StringProp("azure_tenant_id"), + azure_ad_application_id=StringProp("azure_ad_application_id"), + api_key=StringProp("api_key"), + api_allowed_prefixes=StringListProp("api_allowed_prefixes", parens=True), + api_blocked_prefixes=StringListProp("api_blocked_prefixes", parens=True), + enabled=BoolProp("enabled"), + comment=StringProp("comment"), + ) + scope = AccountScope() + spec = _AzureAPIIntegration + + def __init__( + self, + name: str, + api_provider: ApiProvider, + azure_tenant_id: str, + azure_ad_application_id: str, + api_key: str, + enabled: bool, + api_allowed_prefixes: list[str], + api_blocked_prefixes: list[str] = None, + owner: str = "ACCOUNTADMIN", + comment: str = None, + **kwargs, + ): + super().__init__(name, **kwargs) + self._data: _AzureAPIIntegration = _AzureAPIIntegration( + name=self._name, + api_provider=api_provider, + azure_tenant_id=azure_tenant_id, + azure_ad_application_id=azure_ad_application_id, + api_key=api_key, + api_allowed_prefixes=api_allowed_prefixes, + api_blocked_prefixes=api_blocked_prefixes, + enabled=enabled, + owner=owner, + comment=comment, + ) + +@dataclass(unsafe_hash=True) +class _GCPAPIIntegration(ResourceSpec): + name: ResourceName + api_provider: ApiProvider + google_audience: str + enabled: bool + api_allowed_prefixes: list[str] + api_blocked_prefixes: list[str] = None + owner: Role = "ACCOUNTADMIN" + comment: str = None + + +class GCPAPIIntegration(NamedResource, Resource): + """ + Description: + Manages API integrations in Snowflake, allowing external services to interact with Snowflake resources securely. + This class supports creating, replacing, and checking the existence of API integrations with various configurations. + + Snowflake Docs: + https://docs.snowflake.com/en/sql-reference/sql/create-api-integration + + Fields: + name (string, required): The unique name of the API integration. + api_provider (string or ApiProvider, required): The provider of the API service. + google_audience (string, required): The audience claim when generating the JWT to authenticate with the Google API Gateway. + api_allowed_prefixes (list, required): The list of allowed prefixes for the API endpoints. + api_blocked_prefixes (list): The list of blocked prefixes for the API endpoints. + enabled (bool, required): Specifies if the API integration is enabled. Defaults to TRUE. + comment (string): A comment or description for the API integration. + + Python: + + ```python + api_integration = APIIntegration( + name="some_api_integration", + api_provider="GOOGLE_API_GATEWAU", + google_audience="", + enabled=True, + api_allowed_prefixes=["https://some_url.com"], + comment="Example GCP API integration" + ) + ``` + + Yaml: + + ```yaml + api_integrations: + - name: some_api_integration + api_provider: GOOGLE_API_GATEWAY + google_audience: + enabled: true + api_allowed_prefixes: + - https://some_url.com + comment: "Example GCP API integration" + ``` + """ + + + resource_type = ResourceType.API_INTEGRATION + props = Props( + api_provider=EnumProp("api_provider", ApiProvider), + google_audience=StringProp("google_audience"), + api_allowed_prefixes=StringListProp("api_allowed_prefixes", parens=True), + api_blocked_prefixes=StringListProp("api_blocked_prefixes", parens=True), + enabled=BoolProp("enabled"), + comment=StringProp("comment"), + ) + scope = AccountScope() + spec = _GCPAPIIntegration + + def __init__( + self, + name: str, + api_provider: ApiProvider, + google_audience: str, + enabled: bool, + api_allowed_prefixes: list[str], + api_blocked_prefixes: list[str] = None, + owner: str = "ACCOUNTADMIN", + comment: str = None, + **kwargs, + ): + super().__init__(name, **kwargs) + self._data: _GCPAPIIntegration = _GCPAPIIntegration( + name=self._name, + api_provider=api_provider, + google_audience=google_audience, + api_allowed_prefixes=api_allowed_prefixes, + api_blocked_prefixes=api_blocked_prefixes, + enabled=enabled, + owner=owner, + comment=comment, + ) + +@dataclass(unsafe_hash=True) +class _GitAPIIntegration(ResourceSpec): + name: ResourceName + api_provider: ApiProvider + enabled: bool + api_allowed_prefixes: list[str] + api_blocked_prefixes: list[str] = None + owner: Role = "ACCOUNTADMIN" + comment: str = None + + +class GitAPIIntegration(NamedResource, Resource): + """ + Description: + Manages API integrations in Snowflake, allowing external services to interact with Snowflake resources securely. + This class supports creating, replacing, and checking the existence of API integrations with various configurations. + + Snowflake Docs: + https://docs.snowflake.com/en/sql-reference/sql/create-api-integration + + Fields: + name (string, required): The unique name of the API integration. + api_provider (string or ApiProvider, required): The provider of the API service. + api_allowed_prefixes (list, required): The list of allowed prefixes for the API endpoints. + api_blocked_prefixes (list): The list of blocked prefixes for the API endpoints. + enabled (bool, required): Specifies if the API integration is enabled. Defaults to TRUE. + comment (string): A comment or description for the API integration. + + Python: + + ```python + api_integration = APIIntegration( + name="some_api_integration", + api_provider="GIT_HTTPS_API", + enabled=True, + api_allowed_prefixes=["https://github.com/"], + comment="Example Git API integration" + ) + ``` + + Yaml: + + ```yaml + api_integrations: + - name: some_api_integration + api_provider: GIT_HTTPS_API + enabled: true + api_allowed_prefixes: + - https://github.com/ + comment: "Example Git API integration" + ``` + """ + + + resource_type = ResourceType.API_INTEGRATION + props = Props( + api_provider=EnumProp("api_provider", ApiProvider), + api_allowed_prefixes=StringListProp("api_allowed_prefixes", parens=True), + api_blocked_prefixes=StringListProp("api_blocked_prefixes", parens=True), + enabled=BoolProp("enabled"), + comment=StringProp("comment"), + ) + scope = AccountScope() + spec = _GitAPIIntegration + + def __init__( + self, + name: str, + api_provider: ApiProvider, + enabled: bool, + api_allowed_prefixes: list[str], + api_blocked_prefixes: list[str] = None, + owner: str = "ACCOUNTADMIN", + comment: str = None, + **kwargs, + ): + super().__init__(name, **kwargs) + self._data: _GitAPIIntegration = _GitAPIIntegration( + name=self._name, + api_provider=api_provider, + api_allowed_prefixes=api_allowed_prefixes, + api_blocked_prefixes=api_blocked_prefixes, + enabled=enabled, + owner=owner, + comment=comment, + ) + +def _api_resolver(data: dict): + aws_providers = { + ApiProvider.AWS_API_GATEWAY, + ApiProvider.AWS_PRIVATE_API_GATEWAY, + ApiProvider.AWS_GOV_API_GATEWAY, + ApiProvider.AWS_GOV_PRIVATE_API_GATEWAY, + } + + api_provider = ApiProvider(data["api_provider"]) + + if api_provider in aws_providers: + return AWSAPIIntegration + elif api_provider == ApiProvider.AZURE_API_MANAGEMENT: + return AzureAPIIntegration + elif api_provider == ApiProvider.GOOGLE_API_GATEWAY: + return GCPAPIIntegration + elif api_provider == ApiProvider.GIT_HTTPS_API: + return GitAPIIntegration + + +Resource.__resolvers__[ResourceType.API_INTEGRATION] = _api_resolver diff --git a/titan/resources/notification_integration.py b/titan/resources/notification_integration.py index 126ea00d..ef835b0c 100644 --- a/titan/resources/notification_integration.py +++ b/titan/resources/notification_integration.py @@ -51,6 +51,7 @@ class EmailNotificationIntegration(NamedResource, Resource): Fields: name (string, required): The name of the email notification integration. + type (string, required): Specifies that this is an email notification integration. enabled (bool, required): Specifies whether the notification integration is enabled. allowed_recipients (list): A list of email addresses that are allowed to receive notifications. comment (string): An optional comment about the notification integration. @@ -59,8 +60,9 @@ class EmailNotificationIntegration(NamedResource, Resource): Python: ```python - email_notification_integration = EmailNotificationIntegration( + email_notification_integration = NotificationIntegration( name="some_email_notification_integration", + type="email", enabled=True, allowed_recipients=["user1@example.com", "user2@example.com"], comment="Example email notification integration" @@ -70,8 +72,9 @@ class EmailNotificationIntegration(NamedResource, Resource): Yaml: ```yaml - email_notification_integrations: + notification_integrations: - name: some_email_notification_integration + type: EMAIL enabled: true allowed_recipients: - user1@example.com @@ -125,19 +128,52 @@ class _AWSOutboundNotificationIntegration(ResourceSpec): class AWSOutboundNotificationIntegration(NamedResource, Resource): """ - CREATE [ OR REPLACE ] NOTIFICATION INTEGRATION [IF NOT EXISTS] - - ENABLED = { TRUE | FALSE } - DIRECTION = OUTBOUND - TYPE = QUEUE - cloudProviderParamsPush - [ COMMENT = '' ] - - cloudProviderParamsPush (for Amazon SNS) ::= - - NOTIFICATION_PROVIDER = AWS_SNS - AWS_SNS_TOPIC_ARN = '' - AWS_SNS_ROLE_ARN = '' + Description: + Manages the configuration for AWS SNS notification integrations within Snowflake. This integration + allows specifying an AWS SNS topic that will receive a notification. + + Snowflake Docs: + https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration + + Fields: + name (string, required): The name of the AWS SNS notification integration. + type (string, required): Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. + notification_provider (string, required): Specifies AWS SNS as the 3rd party cloud message-queuing service. + enabled (bool, required): Specifies whether the notification integration is enabled. + direction (string, required): The direction of the notification integration ("OUTBOUND"). + aws_sns_topic_arn (string, required): The ARN of the SNS topic that notifications will be sent to. + aws_sns_role_arn (string, required): The ARN of the IAM role that has permissions to push messages to the SNS topic. + comment (string): An optional comment about the notification integration. + owner (string or Role): The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + Python: + + ```python + sns_notification_integration = NotificationIntegration( + name="some_sns_notification_integration", + type="queue", + notification_provider="aws_sns", + enabled=True, + direction="outbound" + aws_sns_topic_arn="arn:aws:sns:::", + aws_sns_role_arn="arn:aws:iam:::role/", + comment="Example email notification integration" + ) + ``` + + Yaml: + + ```yaml + notification_integrations: + - name: some_sns_notification_integration + type: QUEUE + notification_provider: AWS_SNS + enabled: true + direction: OUTBOUND + aws_sns_topic_arn: arn:aws:sns::: + aws_sns_role_arn: arn:aws:iam:::role/ + comment: Example sns notification integration + ``` """ resource_type = ResourceType.NOTIFICATION_INTEGRATION @@ -191,17 +227,49 @@ class _GCPOutboundNotificationIntegration(ResourceSpec): class GCPOutboundNotificationIntegration(NamedResource, Resource): """ - CREATE [ OR REPLACE ] NOTIFICATION INTEGRATION [IF NOT EXISTS] - - ENABLED = { TRUE | FALSE } - DIRECTION = OUTBOUND - TYPE = QUEUE - cloudProviderParamsPush - [ COMMENT = '' ] - - cloudProviderParamsPush (for Google Pub/Sub) ::= - NOTIFICATION_PROVIDER = GCP_PUBSUB - GCP_PUBSUB_TOPIC_NAME = '' + Description: + Manages the configuration for Google Pub/Sub notification integrations within Snowflake. This integration + allows specifying an Google Pub/Sub topic that will receive a notification. + + Snowflake Docs: + https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration + + Fields: + name (string, required): The name of the notification integration. + type (string, required): Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. + notification_provider (string, required): Specifies Google Pub/Sub as the 3rd party cloud message-queuing service. + enabled (bool, required): Specifies whether the notification integration is enabled. + direction (string, required): The direction of the notification integration ("OUTBOUND"). + gcp_pubsub_topic_name (string, required): The ID of the Pub/Sub topic that notifications will be sent to. + comment (string): An optional comment about the notification integration. + owner (string or Role): The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + Python: + + ```python + pubsub_notification_integration = NotificationIntegration( + name="some_pubsub_notification_integration", + type="queue", + notification_provider="gcp_pubsub", + enabled=True, + direction="outbound" + gcp_pubsub_topic_name="", + comment="Example outbound pubsub notification integration" + ) + ``` + + Yaml: + + ```yaml + notification_integrations: + - name: some_pubsub_notification_integration + type: QUEUE + notification_provider: GCP_PUBSUB + enabled: true + direction: OUTBOUND + gcp_pubsub_topic_name: + comment: Example outbound pubsub notification integration + ``` """ resource_type = ResourceType.NOTIFICATION_INTEGRATION @@ -253,18 +321,52 @@ class _AzureOutboundNotificationIntegration(ResourceSpec): class AzureOutboundNotificationIntegration(NamedResource, Resource): """ - CREATE [ OR REPLACE ] NOTIFICATION INTEGRATION [IF NOT EXISTS] - - ENABLED = { TRUE | FALSE } - DIRECTION = OUTBOUND - TYPE = QUEUE - cloudProviderParamsPush - [ COMMENT = '' ] - - cloudProviderParamsPush (for Microsoft Azure Event Grid) ::= - NOTIFICATION_PROVIDER = AZURE_EVENT_GRID - AZURE_EVENT_GRID_TOPIC_ENDPOINT = '' - AZURE_TENANT_ID = ''; + Description: + Manages the configuration for Azure Event Grid notification integrations within Snowflake. This integration + allows specifying an Azure Event Grid topic that will receive a notification. + + Snowflake Docs: + https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration + + Fields: + name (string, required): The name of the notification integration. + type (string, required): Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. + notification_provider (string, required): Specifies Azure Event Grid as the 3rd party cloud message-queuing service. + enabled (bool, required): Specifies whether the notification integration is enabled. + direction (string, required): The direction of the notification integration ("OUTBOUND"). + azure_event_grid_topic_endpoint (string, required): The endpoint of the Event Grid topic that notifications will be sent to. + azure_tenant_id (string, required): The ID of the Azure AD tenant used for identity management. + comment (string): An optional comment about the notification integration. + owner (string or Role): The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + Python: + + ```python + event_grid_notification_integration = NotificationIntegration( + name="some_event_grid_notification_integration", + type="queue", + notification_provider="azure_event_grid", + enabled=True, + direction="outbound" + azure_event_grid_topic_endpoint="", + azure_tenant_id="", + comment="Example outbound event grid notification integration" + ) + ``` + + Yaml: + + ```yaml + notification_integrations: + - name: some_event_grid_notification_integration + type: QUEUE + notification_provider: AZURE_EVENT_GRID + enabled: true + direction: OUTBOUND + azure_event_grid_topic_endpoint: + azure_tenant_id: + comment: Example outbound event grid notification integration + ``` """ resource_type = ResourceType.NOTIFICATION_INTEGRATION @@ -318,16 +420,46 @@ class _GCPInboundNotificationIntegration(ResourceSpec): class GCPInboundNotificationIntegration(NamedResource, Resource): """ - CREATE [ OR REPLACE ] NOTIFICATION INTEGRATION [IF NOT EXISTS] - - ENABLED = { TRUE | FALSE } - TYPE = QUEUE - cloudProviderParamsAuto - [ COMMENT = '' ] - - cloudProviderParamsAuto (for Google Cloud Storage) ::= - NOTIFICATION_PROVIDER = GCP_PUBSUB - GCP_PUBSUB_SUBSCRIPTION_NAME = '' + Description: + Manages the configuration for Google Pub/Sub notification integrations within Snowflake. This integration + allows specifying an Google Pub/Sub SNS topic that will publish a notification to Snowflake. + + Snowflake Docs: + https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration + + Fields: + name (string, required): The name of the notification integration. + type (string, required): Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. + notification_provider (string, required): Specifies Google Pub/Sub as the 3rd party cloud message-queuing service. + enabled (bool, required): Specifies whether the notification integration is enabled. + gcp_pubsub_topic_name (string, required): The ID of the Pub/Sub topic that notifications will be sent to. + comment (string): An optional comment about the notification integration. + owner (string or Role): The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + Python: + + ```python + eventgrid_notification_integration = NotificationIntegration( + name="some_pubsub_notification_integration", + type="queue", + notification_provider="gcp_pubsub", + enabled=True, + gcp_pubsub_topic_name="", + comment="Example inbound event grid notification integration" + ) + ``` + + Yaml: + + ```yaml + notification_integrations: + - name: some_pubsub_notification_integration + type: QUEUE + notification_provider: GCP_PUBSUB + enabled: true + gcp_pubsub_topic_name: + comment: Example inbound event grid notification integration + ``` """ resource_type = ResourceType.NOTIFICATION_INTEGRATION @@ -377,17 +509,49 @@ class _AzureInboundNotificationIntegration(ResourceSpec): class AzureInboundNotificationIntegration(NamedResource, Resource): """ - CREATE [ OR REPLACE ] NOTIFICATION INTEGRATION [IF NOT EXISTS] - - ENABLED = { TRUE | FALSE } - TYPE = QUEUE - cloudProviderParamsAuto - [ COMMENT = '' ] - - cloudProviderParamsAuto (for Microsoft Azure Storage) ::= - NOTIFICATION_PROVIDER = AZURE_STORAGE_QUEUE - AZURE_STORAGE_QUEUE_PRIMARY_URI = '' - AZURE_TENANT_ID = ''; + Description: + Manages the configuration for Azure Event Grid notification integrations within Snowflake. This integration + allows specifying an Azure Event Grid topic that will publish a notification to Snowflake. + + Snowflake Docs: + https://docs.snowflake.com/en/sql-reference/sql/create-notification-integration + + Fields: + name (string, required): The name of the notification integration. + type (string, required): Specifies that this is a notification integration between Snowflake and a 3rd party cloud message-queuing service. + notification_provider (string, required): Specifies Azure Event Grid as the 3rd party cloud message-queuing service. + enabled (bool, required): Specifies whether the notification integration is enabled. + azure_storage_queue_primary_uri (string, required): The URL for the Azure Queue Storage queue create for Event Grid notifications. + azure_tenant_id (string, required): The ID of the Azure AD tenant used for identity management. + comment (string): An optional comment about the notification integration. + owner (string or Role): The owner role of the notification integration. Defaults to "ACCOUNTADMIN". + + Python: + + ```python + event_grid_notification_integration = NotificationIntegration( + name="some_event_grid_notification_integration", + type="queue", + notification_provider="azure_event_grid", + enabled=True, + azure_storage_queue_primary_uri="https://.queue.core.windows.net/", + azure_tenant_id="", + comment="Example inbound event grid notification integration" + ) + ``` + + Yaml: + + ```yaml + notification_integrations: + - name: some_event_grid_notification_integration + type: QUEUE + notification_provider: AZURE_EVENT_GRID + enabled: true + azure_storage_queue_primary_uri: https://.queue.core.windows.net/ + azure_tenant_id: + comment: Example inbound event grid notification integration + ``` """ resource_type = ResourceType.NOTIFICATION_INTEGRATION