-
Notifications
You must be signed in to change notification settings - Fork 419
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: account password policy attachment #1824
feat: account password policy attachment #1824
Conversation
Integration tests failure for 5ab69c5c42a0568aa4a0f9d292456dd786c7f765 |
@@ -39,5 +39,6 @@ A password policy specifies the requirements that must be met to create and rese | |||
### Read-Only | |||
|
|||
- `id` (String) The ID of this resource. | |||
- `qualified_name` (String) The qualified name for the password policy. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should this be "fully_qualified_name"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This matches the attribute on masking policies, but we can change them.
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
Description: "Qualified name (`\"db\".\"schema\".\"policy_name\"`) of the password policy to apply to the current account.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if we are going to do this, we should probably make data source(s) to help make it easier for people to make fully qualified names from db / schema / object names
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added the qualified name as an attribute of the password policy resource, but the data source is a good idea too.
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
) | ||
|
||
var accountPasswordPolicyAttachmentSchema = map[string]*schema.Schema{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should this be renamed to "password_policy_account_attachment"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
password policies can be attached to either accounts or users, so I figured we'd have a separate resource later user_password_policy_attachment
5ab69c5
to
fa86994
Compare
Integration tests failure for fa86994f3e8f05e28303f1551296bf505943fca9 |
fa86994
to
8d05d73
Compare
} | ||
// passwordPolicy := sdk.NewAccountObjectIdentifier(d.Get("password_policy").(string)) | ||
|
||
err := client.Accounts.Alter(ctx, &sdk.AccountAlterOptions{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚫 [golangci] reported by reviewdog 🐶
undefined: sdk.AccountAlterOptions (typecheck)
client := sdk.NewClientFromDB(db) | ||
ctx := context.Background() | ||
|
||
err := client.Accounts.Alter(ctx, &sdk.AccountAlterOptions{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚫 [golangci] reported by reviewdog 🐶
undefined: sdk.AccountAlterOptions (typecheck)
Integration tests failure for 8d05d73b33b9c877269f11f5fb3ee2eac439d038 |
8d05d73
to
38b3cfd
Compare
Integration tests success for 38b3cfdcb80a64b31359a869ce40cbb047893d1e |
* Add password policy qualified name attribute. * Add snowflake_account_password_policy_attachment resource.
Adds support for attaching a password policy to the current account.
Due to limitations of the underlying API, this feature only supports setting the password policy of the current account (ie. the one from the
provider snowflake {}
block). To set the password policy of a different account, configure an aliased provider for that account.Test Plan
References