### Example Provider Configuration Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs This is an example of how to configure the Snowflake provider in your Terraform configuration file (main.tf). Ensure you have the correct source defined. ```terraform terraform { required_providers { snowflake = { source = "Snowflake-Labs/snowflake" } } } ``` -------------------------------- ### Example TOML Configuration for Snowflake Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs This TOML file demonstrates various configuration options for the Snowflake provider, including account details, user credentials, and role. It also shows how to configure nested parameters. ```toml [default] organizationname='organization_name' accountname='account_name' user='user' password='password' role='ACCOUNTADMIN' [secondary_test_account] organizationname='organization_name' accountname='account2_name' user='user' password='password' role='ACCOUNTADMIN' ``` -------------------------------- ### Equivalent Terraform Configuration for TOML Parameters Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs This Terraform configuration block mirrors the parameters defined in the comprehensive TOML example, demonstrating how to set various provider options directly in HCL. ```hcl provider "snowflake" { organization_name = "organization_name" account_name = "account_name" user = "user" password = "password" warehouse = "SNOWFLAKE" protocol = "https" port = "443" role = "ACCOUNTADMIN" validate_default_parameters = true client_ip = "1.2.3.4" authenticator = "snowflake" okta_url = "https://example.com" login_timeout = 10 request_timeout = 20 jwt_expire_timeout = 30 client_timeout = 40 jwt_client_timeout = 50 external_browser_timeout = 60 insecure_mode = true ocsp_fail_open = true keep_session_alive = true disable_telemetry = true client_request_mfa_token = true client_store_temporary_credential = true disable_query_context_cache = true include_retry_reason = true max_retry_count = 3 driver_tracing = "info" tmp_directory_path = "/tmp/terraform-provider/" disable_console_login = true params = { param_key = "param_value" } } ``` -------------------------------- ### Set Snowflake Credentials via Environment Variables Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Configure Snowflake provider credentials using environment variables, which is a common practice for managing sensitive information. This example shows setting username and private key. ```bash export SNOWFLAKE_USER="..." export SNOWFLAKE_PRIVATE_KEY=$(cat ~/.ssh/snowflake_key.p8) ``` -------------------------------- ### Default Snowflake Provider Configuration Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Configure the Snowflake provider with default authentication using user and password. This method is suitable for basic setups where environment variables or profiles are not used. ```terraform provider "snowflake" { organization_name = "..." # required if not using profile. Can also be set via SNOWFLAKE_ORGANIZATION_NAME env var account_name = "..." # required if not using profile. Can also be set via SNOWFLAKE_ACCOUNT_NAME env var user = "..." # required if not using profile or token. Can also be set via SNOWFLAKE_USER env var password = "..." // optional role = "..." host = "..." warehouse = "..." params = { query_tag = "..." } } ``` -------------------------------- ### Configure Snowflake Provider with TOML Profile Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Configure the Snowflake provider using a TOML file, specifying a profile name. The 'default' profile is loaded if none is specified. Ensure the TOML file adheres to the specified size and privilege restrictions. ```hcl provider "snowflake" { profile = "default" } ``` -------------------------------- ### Export Keypair Authentication Environment Variables Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Set the SNOWFLAKE_USER and SNOWFLAKE_PRIVATE_KEY environment variables to use keypair authentication. The private key content should be read from the generated file. ```bash export SNOWFLAKE_USER="..." export SNOWFLAKE_PRIVATE_KEY=$(cat ~/.ssh/snowflake_key.p8) ``` ```bash export SNOWFLAKE_USER="..." export SNOWFLAKE_PRIVATE_KEY=$(cat ~/.ssh/snowflake_key.p8) export SNOWFLAKE_PRIVATE_KEY_PASSPHRASE="..." ``` -------------------------------- ### Username and Password Authentication Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Configure username and password authentication by exporting SNOWFLAKE_USER and SNOWFLAKE_PASSWORD environment variables. ```bash export SNOWFLAKE_USER='...' export SNOWFLAKE_PASSWORD='...' ``` -------------------------------- ### TOML Configuration with Extended Parameters Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs This TOML file includes a comprehensive set of parameters for the Snowflake provider, such as connection details, timeouts, and authentication methods. It also demonstrates the use of a nested 'params' section. ```toml [example] accountname = 'account_name' organizationname = 'organization_name' user = 'user' password = 'password' warehouse = 'SNOWFLAKE' role = 'ACCOUNTADMIN' clientip = '1.2.3.4' protocol = 'https' port = 443 oktaurl = 'https://example.com' clienttimeout = 10 jwtclienttimeout = 20 logintimeout = 30 requesttimeout = 40 jwtexpiretimeout = 50 externalbrowsertimeout = 60 maxretrycount = 1 authenticator = 'snowflake' insecuremode = true ocspfailopen = true keepsessionalive = true disabletelemetry = true validatedefaultparameters = true clientrequestmfatoken = true clientstoretemporarycredential = true tracing = 'info' tmpdirpath = '/tmp/terraform-provider/' disablequerycontextcache = true includeretryreason = true disableconsolelogin = true [example.params] param_key = 'param_value' ``` -------------------------------- ### OAuth Access Token Authentication Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Configure OAuth access token authentication by exporting SNOWFLAKE_USER and SNOWFLAKE_TOKEN environment variables. Note that the access token has a limited lifespan. ```bash export SNOWFLAKE_USER='...' export SNOWFLAKE_TOKEN='...' ``` -------------------------------- ### OAuth Refresh Token Authentication Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Set up OAuth refresh token authentication by exporting several environment variables, including SNOWFLAKE_TOKEN_ACCESSOR_REFRESH_TOKEN, SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_ID, SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_SECRET, SNOWFLAKE_TOKEN_ACCESSOR_TOKEN_ENDPOINT, and SNOWFLAKE_TOKEN_ACCESSOR_REDIRECT_URI. This method allows for automatic renewal of access tokens. ```bash export SNOWFLAKE_TOKEN_ACCESSOR_REFRESH_TOKEN='...' export SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_ID='...' export SNOWFLAKE_TOKEN_ACCESSOR_CLIENT_SECRET='...' export SNOWFLAKE_TOKEN_ACCESSOR_TOKEN_ENDPOINT='...' export SNOWFLAKE_TOKEN_ACCESSOR_REDIRECT_URI='https://localhost.com' ``` -------------------------------- ### Snowflake Provider Configuration with TOML Profile Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Configure the Snowflake provider by referencing a named profile from the ~/.snowflake/config TOML file. This simplifies configuration by centralizing credentials and settings. ```terraform provider "snowflake" { profile = "securityadmin" } ``` -------------------------------- ### Generate SSH Keys for Keypair Authentication Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Use openssl to generate RSA private and public keys for keypair authentication. The private key should be in PKCS8 format for passphrase protection. ```bash cd ~/.ssh openssl genrsa -out snowflake_key 4096 openssl rsa -in snowflake_key -pubout -out snowflake_key.pub ``` ```bash cd ~/.ssh openssl genrsa -out snowflake_key 4096 openssl rsa -in snowflake_key -pubout -out snowflake_key.pub openssl pkcs8 -topk8 -inform pem -in snowflake_key -outform PEM -v2 aes-256-cbc -out snowflake_key.p8 ``` -------------------------------- ### Snowflake Provider Configuration with Private Key Authentication Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Configure the Snowflake provider using private key authentication, suitable for automated processes requiring secure, key-based access. Ensure the private key file and passphrase are provided securely. ```terraform provider "snowflake" { organization_name = "..." # required if not using profile. Can also be set via SNOWFLAKE_ORGANIZATION_NAME env var account_name = "..." # required if not using profile. Can also be set via SNOWFLAKE_ACCOUNT_NAME env var user = "..." # required if not using profile or token. Can also be set via SNOWFLAKE_USER env var authenticator = "SNOWFLAKE_JWT" private_key = file("~/.ssh/snowflake_key.p8") private_key_passphrase = var.private_key_passphrase } ``` -------------------------------- ### Configure Snowflake Provider in Terraform Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Use this method to configure the Snowflake provider directly within your Terraform configuration files. Ensure sensitive values are handled securely. ```hcl provider "snowflake" { organization_name = "..." account_name = "..." username = "..." password = "..." } ``` -------------------------------- ### Private Key Passphrase Variable Definition Source: https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs Define a sensitive variable for the private key passphrase, ensuring it is not exposed in logs or state files. This is crucial for secure private key authentication. ```terraform variable "private_key_passphrase" { type = string sensitive = true } ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.