diff --git a/docs/resources/notification_integration.md b/docs/resources/notification_integration.md index 1866b7f47b..c8e805d307 100644 --- a/docs/resources/notification_integration.md +++ b/docs/resources/notification_integration.md @@ -30,6 +30,11 @@ resource snowflake_notification_integration integration { notification_provider = "AWS_SQS" aws_sqs_arn = "..." aws_sqs_role_arn = "..." + + # AWS_SNS + notification_provider = "AWS_SNS" + aws_sns_arn = "..." + aws_sns_role_arn = "..." } ``` @@ -42,6 +47,8 @@ resource snowflake_notification_integration integration { ### Optional +- **aws_sns_arn** (String) AWS SNS Topic ARN for notification integration to connect to +- **aws_sns_role_arn** (String) AWS IAM role ARN for notification integration to assume - **aws_sqs_arn** (String) AWS SQS queue ARN for notification integration to connect to - **aws_sqs_role_arn** (String) AWS IAM role ARN for notification integration to assume - **azure_storage_queue_primary_uri** (String) The queue ID for the Azure Queue Storage queue created for Event Grid notifications @@ -51,11 +58,13 @@ resource snowflake_notification_integration integration { - **enabled** (Boolean) - **gcp_pubsub_subscription_name** (String) The subscription id that Snowflake will listen to when using the GCP_PUBSUB provider. - **id** (String) The ID of this resource. -- **notification_provider** (String) The third-party cloud message queuing service (e.g. AZURE_STORAGE_QUEUE, AWS_SQS) +- **notification_provider** (String) The third-party cloud message queuing service (e.g. AZURE_STORAGE_QUEUE, AWS_SQS, AWS_SNS) - **type** (String) A type of integration ### Read-Only +- **aws_sns_external_id** (String) The external ID that Snowflake will use when assuming the AWS role +- **aws_sns_iam_user_arn** (String) The Snowflake user that will attempt to assume the AWS role. - **aws_sqs_external_id** (String) The external ID that Snowflake will use when assuming the AWS role - **aws_sqs_iam_user_arn** (String) The Snowflake user that will attempt to assume the AWS role. - **created_on** (String) Date and time when the notification integration was created. diff --git a/examples/resources/snowflake_notification_integration/resource.tf b/examples/resources/snowflake_notification_integration/resource.tf index d7fb63d88e..94476059fe 100644 --- a/examples/resources/snowflake_notification_integration/resource.tf +++ b/examples/resources/snowflake_notification_integration/resource.tf @@ -15,4 +15,9 @@ resource snowflake_notification_integration integration { notification_provider = "AWS_SQS" aws_sqs_arn = "..." aws_sqs_role_arn = "..." + + # AWS_SNS + notification_provider = "AWS_SNS" + aws_sns_arn = "..." + aws_sns_role_arn = "..." } diff --git a/pkg/resources/notification_integration.go b/pkg/resources/notification_integration.go index 094a582f09..f043082537 100644 --- a/pkg/resources/notification_integration.go +++ b/pkg/resources/notification_integration.go @@ -40,8 +40,8 @@ var notificationIntegrationSchema = map[string]*schema.Schema{ "notification_provider": &schema.Schema{ Type: schema.TypeString, Optional: true, - ValidateFunc: validation.StringInSlice([]string{"AZURE_STORAGE_QUEUE", "AWS_SQS", "GCP_PUBSUB"}, true), - Description: "The third-party cloud message queuing service (e.g. AZURE_STORAGE_QUEUE, AWS_SQS)", + ValidateFunc: validation.StringInSlice([]string{"AZURE_STORAGE_QUEUE", "AWS_SQS", "AWS_SNS", "GCP_PUBSUB"}, true), + Description: "The third-party cloud message queuing service (e.g. AZURE_STORAGE_QUEUE, AWS_SQS, AWS_SNS)", }, "azure_storage_queue_primary_uri": &schema.Schema{ Type: schema.TypeString, @@ -73,6 +73,26 @@ var notificationIntegrationSchema = map[string]*schema.Schema{ Optional: true, Description: "AWS IAM role ARN for notification integration to assume", }, + "aws_sns_external_id": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The external ID that Snowflake will use when assuming the AWS role", + }, + "aws_sns_iam_user_arn": { + Type: schema.TypeString, + Computed: true, + Description: "The Snowflake user that will attempt to assume the AWS role.", + }, + "aws_sns_arn": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Description: "AWS SNS Topic ARN for notification integration to connect to", + }, + "aws_sns_role_arn": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Description: "AWS IAM role ARN for notification integration to assume", + }, "comment": &schema.Schema{ Type: schema.TypeString, Optional: true, @@ -142,6 +162,12 @@ func CreateNotificationIntegration(data *schema.ResourceData, meta interface{}) if v, ok := data.GetOk("aws_sqs_role_arn"); ok { stmt.SetString(`AWS_SQS_ROLE_ARN`, v.(string)) } + if v, ok := data.GetOk("aws_sns_arn"); ok { + stmt.SetString(`AWS_SNS_ARN`, v.(string)) + } + if v, ok := data.GetOk("aws_sns_role_arn"); ok { + stmt.SetString(`AWS_SNS_ROLE_ARN`, v.(string)) + } if v, ok := data.GetOk("gcp_pubsub_subscription_name"); ok { stmt.SetString(`GCP_PUBSUB_SUBSCRIPTION_NAME`, v.(string)) } @@ -245,6 +271,22 @@ func ReadNotificationIntegration(data *schema.ResourceData, meta interface{}) er if err = data.Set("aws_sqs_iam_user_arn", v.(string)); err != nil { return err } + case "AWS_SNS_ARN": + if err = data.Set("aws_sns_arn", v.(string)); err != nil { + return err + } + case "AWS_SNS_ROLE_ARN": + if err = data.Set("aws_sns_role_arn", v.(string)); err != nil { + return err + } + case "SF_AWS_EXTERNAL_ID": + if err = data.Set("aws_sns_external_id", v.(string)); err != nil { + return err + } + case "SF_AWS_IAM_USER_ARN": + if err = data.Set("aws_sns_iam_user_arn", v.(string)); err != nil { + return err + } case "GCP_PUBSUB_SUBSCRIPTION_NAME": if err = data.Set("gcp_pubsub_subscription_name", v.(string)); err != nil { return err @@ -313,6 +355,16 @@ func UpdateNotificationIntegration(data *schema.ResourceData, meta interface{}) stmt.SetString("AWS_SQS_ROLE_ARN", data.Get("aws_sqs_role_arn").(string)) } + if data.HasChange("aws_sns_arn") { + runSetStatement = true + stmt.SetString("AWS_SNS_ARN", data.Get("aws_sns_arn").(string)) + } + + if data.HasChange("aws_sns_role_arn") { + runSetStatement = true + stmt.SetString("AWS_SNS_ROLE_ARN", data.Get("aws_sns_role_arn").(string)) + } + if data.HasChange("gcp_pubsub_subscription_name") { runSetStatement = true stmt.SetString("GCP_PUBSUB_SUBSCRIPTION_NAME", data.Get("gcp_pubsub_subscription_name").(string)) diff --git a/pkg/resources/notification_integration_test.go b/pkg/resources/notification_integration_test.go index 786c240be8..4180112cb3 100644 --- a/pkg/resources/notification_integration_test.go +++ b/pkg/resources/notification_integration_test.go @@ -47,6 +47,18 @@ func TestNotificationIntegrationCreate(t *testing.T) { }, expectSQL: `^CREATE NOTIFICATION INTEGRATION "test_notification_integration" AWS_SQS_ARN='some-sqs-arn' AWS_SQS_ROLE_ARN='some-iam-role-arn' COMMENT='great comment' DIRECTION='OUTBOUND' NOTIFICATION_PROVIDER='AWS_SQS' TYPE='QUEUE' ENABLED=true$`, }, + { + notificationProvider: "AWS_SNS", + raw: map[string]interface{}{ + "name": "test_notification_integration", + "comment": "great comment", + "direction": "OUTBOUND", + "notification_provider": "AWS_SNS", + "aws_sns_arn": "some-sns-arn", + "aws_sns_role_arn": "some-iam-role-arn", + }, + expectSQL: `^CREATE NOTIFICATION INTEGRATION "test_notification_integration" AWS_SNS_ARN='some-sns-arn' AWS_SNS_ROLE_ARN='some-iam-role-arn' COMMENT='great comment' DIRECTION='OUTBOUND' NOTIFICATION_PROVIDER='AWS_SNS' TYPE='QUEUE' ENABLED=true$`, + }, { notificationProvider: "GCP_PUBSUB", raw: map[string]interface{}{ @@ -83,6 +95,9 @@ func TestNotificationIntegrationRead(t *testing.T) { { notificationProvider: "AWS_SQS", }, + { + notificationProvider: "AWS_SNS", + }, { notificationProvider: "GCP_PUBSUB", }, @@ -137,6 +152,14 @@ func expectReadNotificationIntegration(mock sqlmock.Sqlmock, notificationProvide AddRow("AWS_SQS_ROLE_ARN", "String", "some-iam-role-arn", nil). AddRow("AWS_SQS_EXTERNAL_ID", "String", "AGreatExternalID", nil). AddRow("AWS_SQS_IAM_USER_ARN", "String", "some-iam-user-arn", nil) + case "AWS_SNS": + descRows = descRows. + AddRow("NOTIFICATION_PROVIDER", "String", notificationProvider, nil). + AddRow("DIRECTION", "String", "OUTBOUND", nil). + AddRow("AWS_SNS_ARN", "String", "some-sns-arn", nil). + AddRow("AWS_SNS_ROLE_ARN", "String", "some-iam-role-arn", nil). + AddRow("SF_AWS_EXTERNAL_ID", "String", "AGreatExternalID", nil). + AddRow("SF_AWS_IAM_USER_ARN", "String", "some-iam-user-arn", nil) case "GCP_PUBSUB": descRows = descRows. AddRow("NOTIFICATION_PROVIDER", "String", notificationProvider, nil). diff --git a/pkg/snowflake/notification_integration_test.go b/pkg/snowflake/notification_integration_test.go index 78c18f9fd3..1bb788fdc0 100644 --- a/pkg/snowflake/notification_integration_test.go +++ b/pkg/snowflake/notification_integration_test.go @@ -45,3 +45,23 @@ func TestNotificationIntegration_AWS(t *testing.T) { r.Equal(`CREATE NOTIFICATION INTEGRATION "aws_sqs" AWS_SQS_ARN='some-sqs-arn' AWS_SQS_ROLE_ARN='some-iam-role-arn' DIRECTION='OUTBOUND' TYPE='QUEUE' ENABLED=true`, q) } + +func TestNotificationIntegration_AWS_SNS(t *testing.T) { + r := require.New(t) + builder := snowflake.NotificationIntegration("aws_sns") + r.NotNil(builder) + + q := builder.Show() + r.Equal("SHOW NOTIFICATION INTEGRATIONS LIKE 'aws_sns'", q) + + c := builder.Create() + + c.SetString(`type`, `QUEUE`) + c.SetString(`direction`, `OUTBOUND`) + c.SetString(`aws_sns_arn`, `some-sns-arn`) + c.SetString(`aws_sns_role_arn`, `some-iam-role-arn`) + c.SetBool(`enabled`, true) + q = c.Statement() + + r.Equal(`CREATE NOTIFICATION INTEGRATION "aws_sns" AWS_SNS_ARN='some-sns-arn' AWS_SNS_ROLE_ARN='some-iam-role-arn' DIRECTION='OUTBOUND' TYPE='QUEUE' ENABLED=true`, q) +}