Skip to main content

Notification Integration

You can provide configuration to Snowflake Object Lifecycle Engine for the following operations with notification integration:

  • Manage the lifecycle of new and existing notification integrations
  • Manage grants of notification integration

Usage

- notification_integration:
    name: <notification_integrations-name>
    <configuration-key>: <value>
    grants:
      <privilege>:
        - rel(role.<role-name>)
        - rel(role.<role-name>)

Supported parameters

The engine supports the parameters listed below.

Configuration KeyRequired/OptionalData Types and ValuesDescription
aws_sns_role_arnRequired - if notification_provider set to AWS_SNSStringAWS IAM role ARN for notification integration to assume
aws_sns_topic_arnRequired - if notification_provider set to AWS_SNSStringAWS SNS Topic ARN for notification integration to connect to
aws_sqs_arnRequired - if notification_provider set to AWS_SQSStringAWS SQS queue ARN for notification integration to connect to
aws_sqs_role_arnRequired - if notification_provider set to AWS_SQSStringAWS IAM role ARN for notification integration to assume
azure_storage_queue_primary_uriRequired - if notification_provider set to AZURE_STORAGE_QUEUEStringThe queue ID for the Azure Queue Storage queue created for Event Grid notifications.
Caution: Changing the value of this parameter will lead to failure due to recent updates in Snowflake releases.
azure_tenant_idRequired - if notification_provider set to AZURE_STORAGE_QUEUEStringThe ID of the Azure Active Directory tenant used for identity management
directionRequired - if notification_provider set to AWS_SQS or AWS_SNSString: INBOUND, OUTBOUNDDirection of the cloud messaging with respect to Snowflake
gcp_pubsub_subscription_nameRequired - if notification_provider set to AZURE_STORAGE_QUEUEStringPub/Sub topic subscription ID used to allow Snowflake access to event messages.
Caution: Changing the value of this parameter will lead to failure due to recent updates in Snowflake releases.
notification_providerRequiredString: AZURE_STORAGE_QUEUE, AWS_SQS, AWS_SNS, GCP_PUBSUBThe third-party cloud message queuing service.
Caution: Currently AWS_SQS isn't supported in Snowflake.
commentOptionalStringA comment for the integration
deletedOptionalBoolean: True enables deletion prevention, False does nothingSpecifies what objects are allowed to be deleted
depends_onOptionalList of String: See Object Dependencies for a definition of depends_onList of SOLE-managed objects that this notification integration depends on. Objects defined in the list will be added to the generated HCL dependencies list to ensure proper creation order.
enabledOptionalBooleanSpecifies whether to initiate the operation of the integration or suspend it.
TRUE enables the integration. FALSE disables the integration for maintenance. Any integration between Snowflake and a third-party service fails to work.
environmentOptionalStringSpecifies the environment in which the notification integration is managed. Regex can be provided as well.
grantsOptionalMap: See Supported Notification Integration Grants to RolesList of Privileges and Roles to which privileges are granted on the current notification integration
manage_modeOptionalString: all (default), none, grantsConfigures what properties to manage for the notification integration.
See Changing Manage Mode before changing the value.
namespacingOptionalString: both (default), none, prefix, suffixSpecifies whether prefix or suffix or both are to be added to notification integration name
typeOptionalString: QUEUE (default)A type of integration

Supported notification integration grants to roles

Following are the privileges you can grant to roles in the notification integration definition:

  • USAGE
  • OWNERSHIP

Examples

  • Notification Integration example with notification_provider as AZURE_STORAGE_QUEUE
- notification_integration:
    name: NOTIFICATION_INTEGRATION_AZURE
    comment: "test notification"
    enabled: true
    type: "QUEUE"
    notification_provider: "AZURE_STORAGE_QUEUE"
    azure_storage_queue_primary_uri: "https://myqueue.queue.core.windows.net/mystoragequeue"
    azure_tenant_id: "a123bcde-1234-5678-abc1-9abc12345678"
  • Notification Integration example with notification_provider as AWS_SNS
- notification_integration:
    name: NOTIFICATION_INTEGRATION_AWS_SNS
    comment: "test notification"
    enabled: true
    type: "QUEUE"
    direction: "OUTBOUND"
    notification_provider: "AWS_SNS"
    aws_sns_topic_arn: "arn:aws:sns:us-west-2:432981146916:user-updates-topic"
    aws_sns_role_arn: "arn:aws:iam::209163973960:role/S3Full_Access"
    grants:
      USAGE:
        - SYSADMIN
  • Notification Integration example with notification_provider as GCP_PUBSUB
- notification_integration:
    name: NOTIFICATION_INTEGRATION_GCP_PUBSUB
    comment: "test notification"
    notification_provider: "GCP_PUBSUB"
    gcp_pubsub_subscription_name: "projects/project-1234/subscriptions/sub2"
    grants:
      USAGE:
        - SYSADMIN
Last updated on