Skip to main content

API Integration

You can provide configuration to Snowflake Object Lifecycle Engine for the following operations with API integration:

  • Manage the lifecycle of new and existing API integrations
  • Manage grants of API integration



We have introduced SOLE for Data Products as a new framework for SOLE to help you easily build an ecosystem of data products. Learn more about SOLE for Data Products which is currently available as a private preview.

<configuration-key>: <value>
- <role-name>
- <role-name>

Supported parameters

The engine supports the parameters listed below.

Configuration KeyRequired/OptionalData Types and ValuesDescription
api_allowed_prefixesRequiredList of StringLimits external functions that use the integration to reference one or more HTTPS proxy service endpoints and resources within those proxies
api_providerRequiredStringSpecifies the HTTPS proxy service type.
Caution: api_provider cannot be changed. See Snowflake documentation.
api_aws_role_arnOptionalStringARN of a cloud platform role
api_blocked_prefixesOptionalList of StringLists the endpoints and resources in the HTTPS proxy service that are not allowed to be called from Snowflake
azure_ad_application_idOptionalStringThe 'Application (client) ID' of the Azure AD app for your remote service
azure_tenant_idOptionalStringSpecifies the ID for your Office 365 tenant that all Azure API management instances belong to
enabledOptionalBooleanSpecifies whether this API integration is enabled or disabled. If the API integration is disabled, any external function that relies on it will not work.
deletedOptionalBoolean: True enables deletion prevention, False does nothingSpecifies what objects are allowed to be deleted
environmentOptionalStringSpecifies the environment in which the API integration is managed. Regex can be provided as well.
grantsOptionalMap: See Supported API Integration Grants to RolesLists Privileges and Roles to which privileges are granted on the current API integration
manage_modeOptionalString: all (default), none, grantsConfigures what properties to manage for the API integration.
See Changing Manage Mode before changing the value.
namespacingOptionalString: both (default), prefix, suffix, noneSpecifies whether a prefix or a suffix or both are to be added to the API integration name

Supported API integration grants to roles

Following are the privileges you can grant to roles in the API integration definition:



- ROLE_1
api_provider: aws_api_gateway
api_aws_role_arn: arn:aws:iam::000000000001:/role/test