User

Configuration can be provided to Snowflake Object Lifecycle Engine for the following operation with User:

Manage Lifecycle of new and existing User
Manage Grants of External User

Supported Parameters#

The runner supports below parameters.

LOGIN_NAME: Name that the user enters to log into the system. Login names for users must be unique across your entire account.
- Configuration key: login_name
- Data Type: String
PASSWORD: The password for the user must be enclosed in single or double quotes. If no password is specified, the user cannot log into Snowflake until a password has been explicitly specified for them.
- Configuration key: password
- Data Type: String
DISABLED: Specifies whether the user is disabled.
- Configuration key: disabled
- Data Type: Boolean
DISPLAY_NAME: Name displayed for the user in the Snowflake web interface.
- Configuration key: display_name
- Data Type: String
EMAIL: Email address for the user.
- Configuration key: email
- Data Type: String
FIRST_NAME: First name of the user.
- Configuration key: first_name
- Data Type: String
LAST_NAME: Last name of the user.
- Configuration key: last_name
- Data Type: String
MUST_CHANGE_PASSWORD: Specifies whether the user is forced to change their password on next login (including their first/initial login) into the system.
- Configuration key: must_change_password
- Data Type: Boolean
DEFAULT_WAREHOUSE: Specifies the virtual warehouse that is active by default for the user’s session upon login.
- Configuration key: default_warehouse
- Data Type: String
DEFAULT_ROLE: Specifies the role that is active by default for the user’s session upon login.
- Configuration key: default_role
- Data Type: String
DEFAULT_NAMESPACE: Specifies the namespace (database only or database and schema) that is active by default for the user’s session upon login.
- Configuration key: default_namespace
- Data Type: String/Object . See here for definition of default_namespace
RSA_PUBLIC_KEY: Specifies the user’s RSA public key; used for key pair authentication.
- Configuration key: rsa_public_key
- Data Type: String
RSA_PUBLIC_KEY_2: Specifies the user’s second RSA public key; used to rotate the public and private keys for key pair authentication based on an expiration schedule set by your organization.
- Configuration key: rsa_public_key_2
- Data Type: String
COMMENT: Specifies a comment for the user.
- Configuration key: comment
- Data Type: String
ENVIRONMENT: Specify the environment in which the user is managed. Regex can be provided as well.
- Configuration key: environment
- Data Type: String
MANAGE_MODE: Configures what properties to manage for the user.
- Configuration key: manage_mode
- Data Type: string
- Possible Values:
  - none
  - all(Default)
NAMESPACING: Specify whether Prefix or Suffix or both are to be added to user-name.
- Configuration key: namespacing
- Data Type: String
- Possible Values:
  - none
  - prefix
  - suffix
  - both(Default)

Default_Namespace#

In the Default_Namespace parameter of the User, users can specify either just the name of default_namespace(if default_namespace belongs to the same schema and database as the user), or the name of schema and database.

The Default_Namespace parameter supports the following parameters if explicitly provided:

SCHEMA: Name of the schema
- Configuration key: schema
- Data Type: String
DATABASE: Name of the database
- REQUIRED
- Configuration key: database
- Data Type: String

Examples#

   default_namespace:      database: "<database-name>"           schema_name: "<schema-name>"

Basic syntax#

users:  <user-name>:    <configuration-key>: <value>

Examples#

users:  SAM:    comment: "management"    login_name: "user_login"    password: "user_login"    disabled: false    display_name: "manager"    email: "user@example.com"    first_name: "user"    last_name: "login"    must_change_password: true    default_namespace:      database: "<database-name>"           schema_name: "<schema-name>"    default_warehouse: "<warehouse-name>"    default_role: "role"    rsa_public_key: "..."    rsa_public_key_2: "..."