Skip to main content

API Integration

You can provide configuration to Snowflake Object Lifecycle Engine for the following operations with API integration:

  • Manage the lifecycle of new and existing API integrations
  • Manage grants of API integration



We have introduced SOLE for Data Products as a new framework for SOLE to help you easily build an ecosystem of data products. The major difference is in how you define Snowflake objects in the configuration file. Rather than having a grouped collection of objects, SOLE for Data Products goes for modular, self-describing, and explicit object definition.
Learn more about SOLE for Data Products, currently available as a public preview.

We have also introduced Data products as an extra layer on top of the data product platform capabilities making managing data products easier than ever. Learn more about Data Products, currently available as a private preview.

<configuration-key>: <value>
- <role-name>
- <role-name>

Supported parameters

The engine supports the parameters listed below.

Configuration KeyRequired/OptionalData Types and ValuesDescription
api_allowed_prefixesRequiredList of StringLimits external functions that use the integration to reference one or more HTTPS proxy service endpoints and resources within those proxies
api_providerRequiredStringSpecifies the HTTPS proxy service type.
Caution: api_provider cannot be changed. See Snowflake documentation.
api_aws_role_arnOptionalStringARN of a cloud platform role
api_blocked_prefixesOptionalList of StringLists the endpoints and resources in the HTTPS proxy service that are not allowed to be called from Snowflake
azure_ad_application_idOptionalStringThe 'Application (client) ID' of the Azure AD app for your remote service
azure_tenant_idOptionalStringSpecifies the ID for your Office 365 tenant that all Azure API management instances belong to
commentOptionalStringSpecifies a comment for the API integration
deletedOptionalBoolean: True enables deletion prevention, False does nothingSpecifies what objects are allowed to be deleted
enabledOptionalBooleanSpecifies whether this API integration is enabled or disabled. If the API integration is disabled, any external function that relies on it will not work.
environmentOptionalStringSpecifies the environment in which the API integration is managed. Regex can be provided as well.
grantsOptionalMap: See Supported API Integration Grants to RolesLists Privileges and Roles to which privileges are granted on the current API integration
manage_modeOptionalString: all (default), none, grantsConfigures what properties to manage for the API integration.
See Changing Manage Mode before changing the value.
namespacingOptionalString: both (default), prefix, suffix, noneSpecifies whether a prefix or a suffix or both are to be added to the API integration name

Supported API integration grants to roles

Following are the privileges you can grant to roles in the API integration definition:



- ROLE_1
api_provider: aws_api_gateway
api_aws_role_arn: arn:aws:iam::000000000001:/role/test
comment: comment for API integration