{"id":7527,"library":"pulumi-snowflake","title":"Pulumi Snowflake","description":"Pulumi Snowflake is a Pulumi package that enables users to create and manage Snowflake cloud resources using Python and other supported languages. It wraps the underlying Terraform Snowflake provider and allows for declarative infrastructure-as-code management of Snowflake objects like databases, warehouses, roles, and grants. The library maintains an active development status with a generally fast release cadence, frequently updating its core `pulumi-terraform-bridge` and `terraform-provider-snowflake` dependencies.","status":"active","version":"2.14.0","language":"en","source_language":"en","source_url":"https://github.com/pulumi/pulumi-snowflake","tags":["Pulumi","Snowflake","Infrastructure as Code","IaC","Cloud","Database"],"install":[{"cmd":"pip install pulumi_snowflake","lang":"bash","label":"Install with pip"}],"dependencies":[{"reason":"Core Pulumi SDK for infrastructure as code.","package":"pulumi","optional":false}],"imports":[{"symbol":"snowflake","correct":"import pulumi_snowflake as snowflake"}],"quickstart":{"code":"import pulumi\nimport pulumi_snowflake as snowflake\nimport os\n\n# Configure Snowflake provider using environment variables\n# pulumi config set snowflake:account <your-snowflake-account>\n# pulumi config set snowflake:username <your-snowflake-username>\n# pulumi config set snowflake:password --secret <your-snowflake-password>\n# Alternatively, set SNOWFLAKE_ACCOUNT, SNOWFLAKE_USER, SNOWFLAKE_PASSWORD environment variables.\n\n# Create a Snowflake Database\nmy_database = snowflake.Database(\"my-pulumi-database\",\n    name=\"MY_PULUMI_DB\",\n    comment=\"Managed by Pulumi\")\n\n# Export the database name\npulumi.export(\"database_name\", my_database.name)","lang":"python","description":"This quickstart program creates a basic Snowflake database named 'MY_PULUMI_DB'. Ensure your Snowflake account credentials (account name, username, and password or other authentication methods) are configured via Pulumi configuration secrets or environment variables (SNOWFLAKE_ACCOUNT, SNOWFLAKE_USER, SNOWFLAKE_PASSWORD)."},"warnings":[{"fix":"Review the GitHub issues for potential workarounds or consider recreating the affected Account resources carefully, if feasible, after backing up your state. Consult the `pulumi-terraform-bridge` and `terraform-provider-snowflake` documentation for further details.","message":"Upgrading from `pulumi-snowflake` v0.62.0 to v1.0.0 or above may cause issues when updating existing Account resources, as they might fail to update. This is a known issue from the upstream Terraform provider.","severity":"breaking","affected_versions":">=1.0.0"},{"fix":"Always check the official documentation for specific resources to identify if they are preview features. If using them, understand the implications of potential breaking changes and enable them by adding the relevant feature name to `previewFeaturesEnabled` in your Pulumi Snowflake provider configuration.","message":"Some features are considered 'preview features' within the provider. Breaking changes are expected for these features even without a major version bump. They are disabled by default and must be explicitly enabled in the provider configuration (e.g., `preview_features_enabled` field).","severity":"gotcha","affected_versions":"All versions"},{"fix":"Exercise extreme caution when using these fields. Manually mark them as secrets using `pulumi config set --secret` or ensure that Pulumi ESC is used for managing credentials. Implement robust logging and access restrictions for your Pulumi state files and logs to prevent sensitive data exposure.","message":"Certain sensitive fields, such as `procedure_definition` and `arguments_raw` for `snowflake.ProcedurePython` or configuration for tasks, are not explicitly marked as sensitive by the provider. This means their values might appear in logs or state files without automatic encryption.","severity":"gotcha","affected_versions":"All versions"},{"fix":"For Python procedures, ensure `snowflake-snowpark-python` version is explicitly set in Snowflake before import. For all affected resources, manually set these fields to their correct values in your Pulumi code during the import operation to avoid drift and forced replacements. Consult the specific resource documentation for details.","message":"When importing existing resources like Python procedures or authentication policies, external changes to certain fields (e.g., `is_secure`, `null_input_behavior` for procedures; `mfa_policy`, `pat_policy`, `workload_identity_policy` for authentication policies) are not reliably detected. This can lead to unexpected diffs or resource recreation.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Ensure `SNOWFLAKE_ACCOUNT`, `SNOWFLAKE_USER`, and `SNOWFLAKE_PASSWORD` (or `SNOWFLAKE_PRIVATE_KEY_PATH`) environment variables are set, or configure them using `pulumi config set snowflake:account <value>` (use `--secret` for sensitive values like passwords/private keys).","cause":"The Pulumi Snowflake provider requires authentication credentials, typically `account`, `username`, and `password` (or `privateKeyPath`). These were not provided via Pulumi configuration or environment variables.","error":"Error: Missing required argument. \"account\": one of `account`, `profile` must be specified"},{"fix":"Carefully review the `on_schema_object` configuration. Ensure that only one of `all`, `future`, or `object_name` is specified within `on_schema_object`. If `fully_qualified_name` is the issue, manually construct the full identifier rather than relying on it being implicitly available.","cause":"This error typically occurs with `GrantPrivilegesToAccountRole` (and similar grant resources) when the `on_schema_object` arguments are incorrectly combined or `fully_qualified_name` is unexpectedly null, particularly during upgrades from older provider versions.","error":"error: snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole resource '...' has a problem: Invalid combination of arguments. \"on_schema_object.0.future\": one of `on_schema_object.0.all,on_schema_object.0.future,on_schema_object.0.object_name` must be specified."},{"fix":"This issue often stems from the underlying `terraform-provider-snowflake`. Check the Pulumi Snowflake GitHub repository for open issues and potential workarounds. If a fix isn't available, manual state manipulation might be necessary, but exercise extreme caution.","cause":"This is a known issue where the `snowflake.FileFormat` resource may exhibit persistent diffs or update failures, indicating a problem in how the provider reconciles its state with the actual Snowflake configuration.","error":"FileFormat resource always shows changes and fails on update"}]}