This Terraform module manages Snowflake network policies and their attachments.
Module Diagram
graph TD
A[Terraform Snowflake Network Policies Module] --> B[Variables]
A --> C[Resources]
%% Variables
B --> D[network_policy_name]
B --> E[allowed_network_rule_list]
B --> F[blocked_network_rule_list]
B --> G[allowed_ip_list]
B --> H[blocked_ip_list]
B --> I[comment]
B --> J[set_for_account]
B --> K[users]
%% Resources
C --> L[create_network_policy]
C --> M[create_network_policy_attachment]
C --> N[snowflake_network_policy]
C --> O[snowflake_network_policy_attachment]
%% Linking Variables to Resources
N --> D
N --> E
N --> F
N --> G
N --> H
N --> I
O --> J
O --> K
%% Optional: If the cycle is intended
O --> N
module "snowflake_network_policies" {
source = "git::https://github.com/Richard-Barrett/terraform-snowflake-network-policies.git?ref=0.10.0"
network_policy_name = "example_policy"
allowed_network_rule_list = ["rule1", "rule2"]
blocked_network_rule_list = ["rule3", "rule4"]
allowed_ip_list = ["192.168.1.1", "192.168.1.2"]
blocked_ip_list = ["10.0.0.1", "10.0.0.2"]
comment = "Example network policy"
set_for_account = true
users = ["user1", "user2"]
create_network_policy = true
create_network_policy_attachment = true
}
Name | Description | Type | Default | Required |
---|---|---|---|---|
network_policy_name |
The name of the Snowflake network policy. | string |
n/a | yes |
allowed_network_rule_list |
List of allowed network rules. | list(string) |
n/a | yes |
blocked_network_rule_list |
List of blocked network rules. | list(string) |
n/a | yes |
allowed_ip_list |
List of allowed IP addresses. | list(string) |
n/a | yes |
blocked_ip_list |
List of blocked IP addresses. | list(string) |
n/a | yes |
comment |
Comment for the network policy. | string |
n/a | yes |
set_for_account |
Boolean to set the network policy for the account. | bool |
n/a | yes |
users |
List of users to attach the network policy to. | list(string) |
n/a | yes |
create_network_policy |
Boolean to control the creation of the network policy. | bool |
true |
no |
create_network_policy_attachment |
Boolean to control the creation of the network policy attachment. | bool |
true |
no |
The module defines several variables to customize the network policy and its attachment:
network_policy_name
: The name of the Snowflake network policy.allowed_network_rule_list
: List of allowed network rules.blocked_network_rule_list
: List of blocked network rules.allowed_ip_list
: List of allowed IP addresses.blocked_ip_list
: List of blocked IP addresses.comment: Commen
t for the network policy.set_for_account
: Boolean to set the network policy for the account.users
: List of users to attach the network policy to.create_network_policy
: Boolean to control the creation of the network policy.create_network_policy_attachment
: Boolean to control the creation of the network policy attachment.
Name | Default |
---|---|
create_network_policy |
true |
create_network_policy_attachment |
true |
create_network_policy
: Default istrue
.create_network_policy_attachment
: Default istrue
.
Name | Version |
---|---|
terraform | >= 1.5.7 |
snowflake | ~> 0.90.0 |
Name | Version |
---|---|
snowflake | ~> 0.90.0 |
No modules.
Name | Type |
---|---|
snowflake_network_policy.this | resource |
snowflake_network_policy_attachment.this | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
allowed_ip_list | List of allowed IP addresses. | list(string) |
n/a | yes |
allowed_network_rule_list | List of allowed network rules. | list(string) |
n/a | yes |
blocked_ip_list | List of blocked IP addresses. | list(string) |
n/a | yes |
blocked_network_rule_list | List of blocked network rules. | list(string) |
n/a | yes |
comment | Comment for the network policy. | string |
n/a | yes |
create_network_policy | Boolean to control the creation of the Snowflake network policy. | bool |
true |
no |
create_network_policy_attachment | Boolean to control the creation of the Snowflake network policy attachment. | bool |
true |
no |
network_policy_name | The name of the Snowflake network policy. | string |
n/a | yes |
set_for_account | Boolean to set the network policy for the account. | bool |
n/a | yes |
users | List of users to attach the network policy to. | list(string) |
n/a | yes |
Name | Description |
---|---|
attached_users | The list of users to whom the network policy is attached. |
network_policy_name | The name of the created Snowflake network policy. |
MIT License. See LICENSE for full details.