generated from getindata/terraform-module-template
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.tf
86 lines (69 loc) · 2.7 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
data "context_label" "this" {
delimiter = local.context_template == null ? var.name_scheme.delimiter : null
properties = local.context_template == null ? var.name_scheme.properties : null
template = local.context_template
replace_chars_regex = var.name_scheme.replace_chars_regex
values = merge(
var.name_scheme.extra_values,
{ name = var.name }
)
}
resource "snowflake_resource_monitor" "this" {
name = var.name_scheme.uppercase ? upper(data.context_label.this.rendered) : data.context_label.this.rendered
credit_quota = var.credit_quota
frequency = var.frequency
start_timestamp = var.start_timestamp
end_timestamp = var.end_timestamp
notify_triggers = var.notify_triggers
suspend_trigger = var.suspend_trigger
suspend_immediate_trigger = var.suspend_immediate_trigger
notify_users = var.notify_users
}
moved {
from = snowflake_resource_monitor.this[0]
to = snowflake_resource_monitor.this
}
module "snowflake_default_role" {
for_each = local.default_roles
source = "getindata/role/snowflake"
version = "3.1.0"
name = each.key
name_scheme = merge(
local.default_role_naming_scheme,
lookup(each.value, "name_scheme", {})
)
role_ownership_grant = lookup(each.value, "role_ownership_grant", "SYSADMIN")
granted_to_users = lookup(each.value, "granted_to_users", [])
granted_to_roles = lookup(each.value, "granted_to_roles", [])
granted_roles = lookup(each.value, "granted_roles", [])
account_objects_grants = {
"RESOURCE MONITOR" = [{
all_privileges = each.value.resource_monitor_grants.all_privileges
privileges = each.value.resource_monitor_grants.privileges
with_grant_option = each.value.resource_monitor_grants.with_grant_option
object_name = snowflake_resource_monitor.this.name
}]
}
}
module "snowflake_custom_role" {
for_each = local.custom_roles
source = "getindata/role/snowflake"
version = "3.1.0"
name = each.key
name_scheme = merge(
local.default_role_naming_scheme,
lookup(each.value, "name_scheme", {})
)
role_ownership_grant = lookup(each.value, "role_ownership_grant", "SYSADMIN")
granted_to_users = lookup(each.value, "granted_to_users", [])
granted_to_roles = lookup(each.value, "granted_to_roles", [])
granted_roles = lookup(each.value, "granted_roles", [])
account_objects_grants = {
"RESOURCE MONITOR" = [{
all_privileges = each.value.resource_monitor_grants.all_privileges
privileges = each.value.resource_monitor_grants.privileges
with_grant_option = each.value.resource_monitor_grants.with_grant_option
object_name = snowflake_resource_monitor.this.name
}]
}
}