Merge remote-tracking branch 'origin/main' into externaloauth-integra…

…tion-v1
Snowflake-Labs · Jul 9, 2024 · a337144 · a337144
2 parents a20a4d6 + d9b557f
commit a337144
Show file tree

Hide file tree

Showing 102 changed files with 7,238 additions and 305 deletions.
diff --git a/MIGRATION_GUIDE.md b/MIGRATION_GUIDE.md
@@ -20,6 +20,22 @@ They are all described in short in the [changes before v1 doc](./v1-preparations
 ### old grant resources removal
 Following the [announcement](https://github.com/Snowflake-Labs/terraform-provider-snowflake/discussions/2736) we have removed the old grant resources. The two resources [snowflake_role_ownership_grant](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/role_ownership_grant) and [snowflake_user_ownership_grant](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/user_ownership_grant) were not listed in the announcement, but they were also marked as deprecated ones. We are removing them too to conclude the grants redesign saga.
 
+### *(new feature)* Api authentication resources
+Added new api authentication resources, i.e.:
+- `snowflake_api_authentication_integration_with_authorization_code_grant`
+- `snowflake_api_authentication_integration_with_client_credentials`
+- `snowflake_api_authentication_integration_with_jwt_bearer`
+
+See reference [doc](https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-api-auth).
+
+### *(new feature)* snowflake_oauth_integration_for_custom_clients and snowflake_oauth_integration_for_partner_applications resources
+
+To enhance clarity and functionality, the new resources `snowflake_oauth_integration_for_custom_clients` and `snowflake_oauth_integration_for_partner_applications` have been introduced 
+to replace the previous `snowflake_oauth_integration`. Recognizing that the old resource carried multiple responsibilities within a single entity, we opted to divide it into two more specialized resources.
+The newly introduced resources are aligned with the latest Snowflake documentation at the time of implementation, and adhere to our [new conventions](#general-changes). 
+This segregation was based on the `oauth_client` attribute, where `CUSTOM` corresponds to `snowflake_oauth_integration_for_custom_clients`, 
+while other attributes align with `snowflake_oauth_integration_for_partner_applications`.
+
 ### *(new feature)* snowflake_security_integrations datasource
 Added a new datasource enabling querying and filtering all types of security integrations. Notes:
 - all results are stored in `security_integrations` field.

diff --git a/docs/data-sources/security_integrations.md b/docs/data-sources/security_integrations.md
@@ -100,10 +100,226 @@ Read-Only:
 
 Read-Only:
 
-- `todo` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--todo))
+- `blocked_roles_list` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--blocked_roles_list))
+- `comment` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--comment))
+- `enabled` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--enabled))
+- `network_policy` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--network_policy))
+- `oauth_allow_non_tls_redirect_uri` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_allow_non_tls_redirect_uri))
+- `oauth_allowed_authorization_endpoints` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_allowed_authorization_endpoints))
+- `oauth_allowed_token_endpoints` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_allowed_token_endpoints))
+- `oauth_authorization_endpoint` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_authorization_endpoint))
+- `oauth_client_id` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_client_id))
+- `oauth_client_rsa_public_key_2_fp` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_client_rsa_public_key_2_fp))
+- `oauth_client_rsa_public_key_fp` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_client_rsa_public_key_fp))
+- `oauth_client_type` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_client_type))
+- `oauth_enforce_pkce` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_enforce_pkce))
+- `oauth_issue_refresh_tokens` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_issue_refresh_tokens))
+- `oauth_redirect_uri` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_redirect_uri))
+- `oauth_refresh_token_validity` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_refresh_token_validity))
+- `oauth_token_endpoint` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_token_endpoint))
+- `oauth_use_secondary_roles` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--oauth_use_secondary_roles))
+- `pre_authorized_roles_list` (List of Object) (see [below for nested schema](#nestedobjatt--security_integrations--describe_output--pre_authorized_roles_list))
+
+<a id="nestedobjatt--security_integrations--describe_output--blocked_roles_list"></a>
+### Nested Schema for `security_integrations.describe_output.blocked_roles_list`
 
-<a id="nestedobjatt--security_integrations--describe_output--todo"></a>
-### Nested Schema for `security_integrations.describe_output.todo`
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--comment"></a>
+### Nested Schema for `security_integrations.describe_output.comment`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--enabled"></a>
+### Nested Schema for `security_integrations.describe_output.enabled`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--network_policy"></a>
+### Nested Schema for `security_integrations.describe_output.network_policy`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_allow_non_tls_redirect_uri"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_allow_non_tls_redirect_uri`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_allowed_authorization_endpoints"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_allowed_authorization_endpoints`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_allowed_token_endpoints"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_allowed_token_endpoints`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_authorization_endpoint"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_authorization_endpoint`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_client_id"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_client_id`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_client_rsa_public_key_2_fp"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_client_rsa_public_key_2_fp`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_client_rsa_public_key_fp"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_client_rsa_public_key_fp`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_client_type"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_client_type`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_enforce_pkce"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_enforce_pkce`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_issue_refresh_tokens"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_issue_refresh_tokens`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_redirect_uri"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_redirect_uri`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_refresh_token_validity"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_refresh_token_validity`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_token_endpoint"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_token_endpoint`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--oauth_use_secondary_roles"></a>
+### Nested Schema for `security_integrations.describe_output.oauth_use_secondary_roles`
+
+Read-Only:
+
+- `default` (String)
+- `name` (String)
+- `type` (String)
+- `value` (String)
+
+
+<a id="nestedobjatt--security_integrations--describe_output--pre_authorized_roles_list"></a>
+### Nested Schema for `security_integrations.describe_output.pre_authorized_roles_list`
 
 Read-Only:
 

diff --git a/docs/index.md b/docs/index.md
@@ -230,6 +230,7 @@ The Snowflake provider will use the following order of precedence when determini
 ## Currently deprecated resources
 
 - [snowflake_database_old](./docs/resources/database_old)
+- [snowflake_oauth_integration](./docs/resources/oauth_integration)
 - [snowflake_saml_integration](./docs/resources/saml_integration) - use [snowflake_saml2_integration](./docs/resources/saml2_integration) instead
 - [snowflake_unsafe_execute](./docs/resources/unsafe_execute)