Snowflake v1.1.4, Mar 26 25

Snowflake v1.1.4 published on Wednesday, Mar 26, 2025 by Pulumi

snowflake.SecretWithClientCredentials

Explore with Pulumi AI

Snowflake v1.1.4 published on Wednesday, Mar 26, 2025 by Pulumi

Import

$ pulumi import snowflake:index/secretWithClientCredentials:SecretWithClientCredentials example '"<database_name>"."<schema_name>"."<secret_name>"'

Create SecretWithClientCredentials Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new SecretWithClientCredentials(name: string, args: SecretWithClientCredentialsArgs, opts?: CustomResourceOptions);

@overload
def SecretWithClientCredentials(resource_name: str,
                                args: SecretWithClientCredentialsArgs,
                                opts: Optional[ResourceOptions] = None)

@overload
def SecretWithClientCredentials(resource_name: str,
                                opts: Optional[ResourceOptions] = None,
                                api_authentication: Optional[str] = None,
                                database: Optional[str] = None,
                                oauth_scopes: Optional[Sequence[str]] = None,
                                schema: Optional[str] = None,
                                comment: Optional[str] = None,
                                name: Optional[str] = None)

func NewSecretWithClientCredentials(ctx *Context, name string, args SecretWithClientCredentialsArgs, opts ...ResourceOption) (*SecretWithClientCredentials, error)

public SecretWithClientCredentials(string name, SecretWithClientCredentialsArgs args, CustomResourceOptions? opts = null)

public SecretWithClientCredentials(String name, SecretWithClientCredentialsArgs args)
public SecretWithClientCredentials(String name, SecretWithClientCredentialsArgs args, CustomResourceOptions options)

type: snowflake:SecretWithClientCredentials
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SecretWithClientCredentialsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SecretWithClientCredentialsArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SecretWithClientCredentialsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecretWithClientCredentialsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SecretWithClientCredentialsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var secretWithClientCredentialsResource = new Snowflake.SecretWithClientCredentials("secretWithClientCredentialsResource", new()
{
    ApiAuthentication = "string",
    Database = "string",
    OauthScopes = new[]
    {
        "string",
    },
    Schema = "string",
    Comment = "string",
    Name = "string",
});

example, err := snowflake.NewSecretWithClientCredentials(ctx, "secretWithClientCredentialsResource", &snowflake.SecretWithClientCredentialsArgs{
	ApiAuthentication: pulumi.String("string"),
	Database:          pulumi.String("string"),
	OauthScopes: pulumi.StringArray{
		pulumi.String("string"),
	},
	Schema:  pulumi.String("string"),
	Comment: pulumi.String("string"),
	Name:    pulumi.String("string"),
})

var secretWithClientCredentialsResource = new SecretWithClientCredentials("secretWithClientCredentialsResource", SecretWithClientCredentialsArgs.builder()
    .apiAuthentication("string")
    .database("string")
    .oauthScopes("string")
    .schema("string")
    .comment("string")
    .name("string")
    .build());

secret_with_client_credentials_resource = snowflake.SecretWithClientCredentials("secretWithClientCredentialsResource",
    api_authentication="string",
    database="string",
    oauth_scopes=["string"],
    schema="string",
    comment="string",
    name="string")

const secretWithClientCredentialsResource = new snowflake.SecretWithClientCredentials("secretWithClientCredentialsResource", {
    apiAuthentication: "string",
    database: "string",
    oauthScopes: ["string"],
    schema: "string",
    comment: "string",
    name: "string",
});

type: snowflake:SecretWithClientCredentials
properties:
    apiAuthentication: string
    comment: string
    database: string
    name: string
    oauthScopes:
        - string
    schema: string

SecretWithClientCredentials Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SecretWithClientCredentials resource accepts the following input properties:

ApiAuthentication string: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
Database string: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
OauthScopes List<string>: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
Schema string: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
Comment string: Specifies a comment for the secret.
Name string: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".

ApiAuthentication string: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
Database string: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
OauthScopes []string: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
Schema string: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
Comment string: Specifies a comment for the secret.
Name string: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".

apiAuthentication String: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
database String: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
oauthScopes List<String>: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
schema String: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
comment String: Specifies a comment for the secret.
name String: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".

apiAuthentication string: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
database string: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
oauthScopes string[]: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
schema string: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
comment string: Specifies a comment for the secret.
name string: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".

api_authentication str: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
database str: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
oauth_scopes Sequence[str]: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
schema str: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
comment str: Specifies a comment for the secret.
name str: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".

apiAuthentication String: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
database String: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
oauthScopes List<String>: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
schema String: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
comment String: Specifies a comment for the secret.
name String: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".

Outputs

All input properties are implicitly available as output properties. Additionally, the SecretWithClientCredentials resource produces the following output properties:

DescribeOutputs List<SecretWithClientCredentialsDescribeOutput>: Outputs the result of DESCRIBE SECRET for the given secret.
FullyQualifiedName string: Fully qualified name of the resource. For more information, see object name resolution.
Id string: The provider-assigned unique ID for this managed resource.
SecretType string: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
ShowOutputs List<SecretWithClientCredentialsShowOutput>: Outputs the result of SHOW SECRETS for the given secret.

DescribeOutputs []SecretWithClientCredentialsDescribeOutput: Outputs the result of DESCRIBE SECRET for the given secret.
FullyQualifiedName string: Fully qualified name of the resource. For more information, see object name resolution.
Id string: The provider-assigned unique ID for this managed resource.
SecretType string: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
ShowOutputs []SecretWithClientCredentialsShowOutput: Outputs the result of SHOW SECRETS for the given secret.

describeOutputs List<SecretWithClientCredentialsDescribeOutput>: Outputs the result of DESCRIBE SECRET for the given secret.
fullyQualifiedName String: Fully qualified name of the resource. For more information, see object name resolution.
id String: The provider-assigned unique ID for this managed resource.
secretType String: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
showOutputs List<SecretWithClientCredentialsShowOutput>: Outputs the result of SHOW SECRETS for the given secret.

describeOutputs SecretWithClientCredentialsDescribeOutput[]: Outputs the result of DESCRIBE SECRET for the given secret.
fullyQualifiedName string: Fully qualified name of the resource. For more information, see object name resolution.
id string: The provider-assigned unique ID for this managed resource.
secretType string: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
showOutputs SecretWithClientCredentialsShowOutput[]: Outputs the result of SHOW SECRETS for the given secret.

describe_outputs Sequence[SecretWithClientCredentialsDescribeOutput]: Outputs the result of DESCRIBE SECRET for the given secret.
fully_qualified_name str: Fully qualified name of the resource. For more information, see object name resolution.
id str: The provider-assigned unique ID for this managed resource.
secret_type str: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
show_outputs Sequence[SecretWithClientCredentialsShowOutput]: Outputs the result of SHOW SECRETS for the given secret.

describeOutputs List<Property Map>: Outputs the result of DESCRIBE SECRET for the given secret.
fullyQualifiedName String: Fully qualified name of the resource. For more information, see object name resolution.
id String: The provider-assigned unique ID for this managed resource.
secretType String: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
showOutputs List<Property Map>: Outputs the result of SHOW SECRETS for the given secret.

Look up Existing SecretWithClientCredentials Resource

Get an existing SecretWithClientCredentials resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: SecretWithClientCredentialsState, opts?: CustomResourceOptions): SecretWithClientCredentials

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        api_authentication: Optional[str] = None,
        comment: Optional[str] = None,
        database: Optional[str] = None,
        describe_outputs: Optional[Sequence[SecretWithClientCredentialsDescribeOutputArgs]] = None,
        fully_qualified_name: Optional[str] = None,
        name: Optional[str] = None,
        oauth_scopes: Optional[Sequence[str]] = None,
        schema: Optional[str] = None,
        secret_type: Optional[str] = None,
        show_outputs: Optional[Sequence[SecretWithClientCredentialsShowOutputArgs]] = None) -> SecretWithClientCredentials

func GetSecretWithClientCredentials(ctx *Context, name string, id IDInput, state *SecretWithClientCredentialsState, opts ...ResourceOption) (*SecretWithClientCredentials, error)

public static SecretWithClientCredentials Get(string name, Input<string> id, SecretWithClientCredentialsState? state, CustomResourceOptions? opts = null)

public static SecretWithClientCredentials get(String name, Output<String> id, SecretWithClientCredentialsState state, CustomResourceOptions options)

resources:  _:    type: snowflake:SecretWithClientCredentials    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ApiAuthentication string: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
Comment string: Specifies a comment for the secret.
Database string: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
DescribeOutputs List<SecretWithClientCredentialsDescribeOutput>: Outputs the result of DESCRIBE SECRET for the given secret.
FullyQualifiedName string: Fully qualified name of the resource. For more information, see object name resolution.
Name string: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
OauthScopes List<string>: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
Schema string: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
SecretType string: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
ShowOutputs List<SecretWithClientCredentialsShowOutput>: Outputs the result of SHOW SECRETS for the given secret.

ApiAuthentication string: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
Comment string: Specifies a comment for the secret.
Database string: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
DescribeOutputs []SecretWithClientCredentialsDescribeOutputArgs: Outputs the result of DESCRIBE SECRET for the given secret.
FullyQualifiedName string: Fully qualified name of the resource. For more information, see object name resolution.
Name string: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
OauthScopes []string: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
Schema string: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
SecretType string: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
ShowOutputs []SecretWithClientCredentialsShowOutputArgs: Outputs the result of SHOW SECRETS for the given secret.

apiAuthentication String: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
comment String: Specifies a comment for the secret.
database String: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
describeOutputs List<SecretWithClientCredentialsDescribeOutput>: Outputs the result of DESCRIBE SECRET for the given secret.
fullyQualifiedName String: Fully qualified name of the resource. For more information, see object name resolution.
name String: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
oauthScopes List<String>: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
schema String: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
secretType String: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
showOutputs List<SecretWithClientCredentialsShowOutput>: Outputs the result of SHOW SECRETS for the given secret.

apiAuthentication string: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
comment string: Specifies a comment for the secret.
database string: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
describeOutputs SecretWithClientCredentialsDescribeOutput[]: Outputs the result of DESCRIBE SECRET for the given secret.
fullyQualifiedName string: Fully qualified name of the resource. For more information, see object name resolution.
name string: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
oauthScopes string[]: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
schema string: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
secretType string: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
showOutputs SecretWithClientCredentialsShowOutput[]: Outputs the result of SHOW SECRETS for the given secret.

api_authentication str: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
comment str: Specifies a comment for the secret.
database str: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
describe_outputs Sequence[SecretWithClientCredentialsDescribeOutputArgs]: Outputs the result of DESCRIBE SECRET for the given secret.
fully_qualified_name str: Fully qualified name of the resource. For more information, see object name resolution.
name str: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
oauth_scopes Sequence[str]: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
schema str: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
secret_type str: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
show_outputs Sequence[SecretWithClientCredentialsShowOutputArgs]: Outputs the result of SHOW SECRETS for the given secret.

apiAuthentication String: Specifies the name value of the Snowflake security integration that connects Snowflake to an external service. For more information about this resource, see docs.
comment String: Specifies a comment for the secret.
database String: The database in which to create the secret Due to technical limitations (read more here), avoid using the following characters: |, ., ".
describeOutputs List<Property Map>: Outputs the result of DESCRIBE SECRET for the given secret.
fullyQualifiedName String: Fully qualified name of the resource. For more information, see object name resolution.
name String: String that specifies the identifier (i.e. name) for the secret, must be unique in your schema. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
oauthScopes List<String>: Specifies a list of scopes to use when making a request from the OAuth server by a role with USAGE on the integration during the OAuth client credentials flow.
schema String: The schema in which to create the secret. Due to technical limitations (read more here), avoid using the following characters: |, ., ".
secretType String: Specifies a type for the secret. This field is used for checking external changes and recreating the resources if needed.
showOutputs List<Property Map>: Outputs the result of SHOW SECRETS for the given secret.