terraform-provider-snowflake

command module

v0.3.0 Latest Latest Go to latest Published: May 23, 2019 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/sh1n/terraform-provider-snowflake

Links

Open Source Insights

README ¶

Terraform Provider: Snowflake

Please note: If you believe you have found a security issue, please responsibly disclose by contacting us at security@chanzuckerberg.com.

This is a terraform provider plugin for managing Snowflake accounts.

Install

The easiest way is to run this command:

curl https://raw.githubusercontent.com/chanzuckerberg/terraform-provider-snowflake/master/download.sh | bash -s -- -b $HOME/.terraform.d/plugins

It runs a script generated by godownloader which installs into the proper directory for terraform (~/.terraform.d/plugins).

You can also just download a binary from our releases and follow the Terraform directions for installing 3rd party plugins.

TODO fogg config

Authentication

We currently only support username + password auth and suggest that you only do so via environment variables. So a config something like–

provider "snowflake" {
  account = "..."
  role    = "..."
  region  = "..."
}

and

export SNOWFLAKE_USER='...'
export SNOWFLAKE_PASSWORD='...'
terraform ...

Resources

We support managing a subset of snowflakedb resources, with a focus on access control and management.

You can see a number of examples here.

snowflake_database

properties

NAME	TYPE	OPTIONAL	REQUIRED	COMPUTED	DEFAULT
comment	string	true	false	false	""
data_retention_time_in_days	int	true	false	true
name	string	false	true	false

snowflake_role

properties

NAME	TYPE	DESCRIPTION	OPTIONAL	REQUIRED	COMPUTED	DEFAULT
comment	string		true	false	false
name	string		false	true	false

snowflake_role_grants

properties

NAME	TYPE	DESCRIPTION	OPTIONAL	REQUIRED	COMPUTED
role_name	string	The name of the role we are granting.	false	true	false
roles	set	Grants role to this specified role.	true	false	false
users	set	Grants role to this specified user.	true	false	false

snowflake_user

properties

NAME	TYPE	DESCRIPTION	OPTIONAL	REQUIRED	COMPUTED
comment	string		true	false	false
default_namespace	string	Specifies the namespace (database only or database and schema) that is active by default for the user’s session upon login.	true	false	false
default_role	string	Specifies the role that is active by default for the user’s session upon login.	true	false	true
default_warehouse	string	Specifies the virtual warehouse that is active by default for the user’s session upon login.	true	false	false
disabled	bool		true	false	true
has_rsa_public_key	bool	Will be true if user as an RSA key set.	false	false	true
login_name	string	The name users use to log in. If not supplied, snowflake will use name instead.	true	false	true
name	string	Name of the user. Note that if you do not supply login_name this will be used as login_name. doc	false	true	false
password	string	WARNING: this will put the password in the terraform state file. Use carefully.	true	false	false
rsa_public_key	string	Specifies the user’s RSA public key; used for key-pair authentication. Must be on 1 line without header and trailer.	true	false	false
rsa_public_key_2	string	Specifies the user’s second RSA public key; used to rotate the public and private keys for key-pair authentication based on an expiration schedule set by your organization. Must be on 1 line without header and trailer.	true	false	false

snowflake_warehouse

properties

NAME	TYPE	OPTIONAL	REQUIRED	COMPUTED	DEFAULT
comment	string	true	false	false	""
name	string	false	true	false
warehouse_size	string	true	false	true

Development

To do development you need Go installed, this repo cloned and that's about it. It has not been tested on Windows, so if you find problems let us know.

If you want to build and test the provider localling there is a make target make install-tf that will build the provider binary and install it in a location that terraform can find.

Testing

For the Terraform resources, there are 3 levels of testing - internal, unit and acceptance tests.

The 'internal' tests are run in the github.com/chanzuckerberg/terraform-provider-snowflake/pkg/resources package so that they can test functions that are not exported. These tests are intended to be limited to unit tests for simple functions.

The 'unit' tests are run in github.com/chanzuckerberg/terraform-provider-snowflake/pkg/resources_test, so they only have access to the exported methods of resources. These tests exercise the CRUD methods that on the terraform resources. Note that all tests here make use of database mocking and are run locally. This means the tests are fast, but are liable to be wrong in suble ways (since the mocks are unlikely to be perfect).

You can run these first two sets of tests with make test.

The 'acceptance' tests run the full stack, creating, modifying and destroying resources in a live snowflake account. To run them you need a snowflake account and the proper environment variables set- SNOWFLAKE_ACCOUNT, SNOWFLAKE_USER, SNOWFLAKE_PASSWORD, SNOWFLAKE_ROLE. These tests are slower but have higher fidelity.

To run all tests, including the acceptance tests, run make test-acceptance.

Note that we also run all tests in our Travis-CI account.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
pkg
db
provider
resources
snowflake
testhelpers

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL