diff --git a/account_level_objects.tf b/account_level_objects.tf index c88d26c..2d507b1 100644 --- a/account_level_objects.tf +++ b/account_level_objects.tf @@ -1,7 +1,7 @@ # Warehouse resource "snowflake_warehouse" "snowalert" { count = var.create_warehouse == true ? 1 : 0 - provider = snowflake.security_admin_role + provider = snowflake.admin_role name = upper(trimspace(var.snowalert_warehouse_name)) comment = "Warehouse that will be used for Snowalert." @@ -18,7 +18,7 @@ locals { # Database resource "snowflake_database" "snowalert" { count = var.create_database == true ? 1 : 0 - provider = snowflake.security_admin_role + provider = snowflake.admin_role name = upper(trimspace(var.snowalert_database_name)) comment = "Snowalert Database." diff --git a/ef_jira.tf b/ef_jira.tf index 41f583a..a3f25b0 100644 --- a/ef_jira.tf +++ b/ef_jira.tf @@ -1,6 +1,6 @@ resource "snowflake_external_function" "snowalert_jira_api" { count = contains(var.handlers, "jira") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -82,7 +82,7 @@ COMMENT resource "snowflake_function" "jira_handler" { count = contains(var.handlers, "jira") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role name = "JIRA_HANDLER" database = local.snowalert_database_name diff --git a/ef_servicenow.tf b/ef_servicenow.tf index e464a49..a04a9bc 100644 --- a/ef_servicenow.tf +++ b/ef_servicenow.tf @@ -1,6 +1,6 @@ resource "snowflake_external_function" "servicenow_create_incident" { count = contains(var.handlers, "servicenow") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema diff --git a/ef_slack.tf b/ef_slack.tf index 39284d1..c25ae8a 100644 --- a/ef_slack.tf +++ b/ef_slack.tf @@ -1,6 +1,6 @@ resource "snowflake_external_function" "slack_snowflake" { count = contains(var.handlers, "slack") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -81,7 +81,7 @@ locals { resource "snowflake_function" "slack_snowflake_chat_post_message" { count = contains(var.handlers, "slack") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role name = "SLACK_SNOWFLAKE_CHAT_POST_MESSAGE" database = local.snowalert_database_name @@ -125,7 +125,7 @@ locals { resource "snowflake_function" "slack_handler" { count = contains(var.handlers, "slack") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema diff --git a/ef_smtp.tf b/ef_smtp.tf index 67a6b26..bcb6086 100644 --- a/ef_smtp.tf +++ b/ef_smtp.tf @@ -1,6 +1,6 @@ resource "snowflake_external_function" "smtp_send" { count = contains(var.handlers, "smtp") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -75,7 +75,7 @@ locals { resource "snowflake_function" "smtp_handler" { count = contains(var.handlers, "smtp") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -116,7 +116,7 @@ locals { resource "snowflake_function" "smtp_handler_1_arg" { count = contains(var.handlers, "smtp") == true ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 6940ee5..ae28949 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -12,9 +12,9 @@ module "snowalert" { snowalert_warehouse_size = var.snowalert_warehouse_size snowflake_integration_user_roles = [ - var.security_ingest_role, - var.security_alerting_role, - var.security_modeling_role, + var.ingest_role, + var.alerting_role, + var.modeling_role, ] snowalert_warehouse_name = var.snowalert_warehouse_name @@ -26,12 +26,12 @@ module "snowalert" { create_tables = var.create_tables - security_integration_role = var.security_integration_role - security_admin_role = var.security_admin_role - security_alerting_role = var.security_alerting_role - security_ingest_role = var.security_ingest_role - security_modeling_role = var.security_modeling_role - security_monitoring_role = var.security_monitoring_role + integration_role = var.integration_role + admin_role = var.admin_role + alerting_role = var.alerting_role + ingest_role = var.ingest_role + modeling_role = var.modeling_role + monitoring_role = var.monitoring_role handlers = var.handlers slack_secrets_arn = var.slack_secrets_arn @@ -48,10 +48,10 @@ module "snowalert" { servicenow_api_url = var.servicenow_api_url providers = { - snowflake.security_api_integration_role = snowflake.security_api_integration_role - snowflake.security_storage_integration_role = snowflake.security_storage_integration_role - snowflake.security_admin_role = snowflake.security_admin_role - snowflake.security_alerting_role = snowflake.security_alerting_role - aws = aws + snowflake.api_integration_role = snowflake.api_integration_role + snowflake.storage_integration_role = snowflake.storage_integration_role + snowflake.admin_role = snowflake.admin_role + snowflake.alerting_role = snowflake.alerting_role + aws = aws } } diff --git a/examples/complete/snowflake_provider.tf b/examples/complete/snowflake_provider.tf index a779ee3..7c3567e 100644 --- a/examples/complete/snowflake_provider.tf +++ b/examples/complete/snowflake_provider.tf @@ -6,29 +6,29 @@ # export SNOWFLAKE_PRIVATE_KEY_PASSPHRASE="snowflake_passphrase" provider "snowflake" { - alias = "security_api_integration_role" + alias = "api_integration_role" account = var.snowflake_account - role = var.security_integration_role + role = var.integration_role } provider "snowflake" { - alias = "security_storage_integration_role" + alias = "storage_integration_role" account = var.snowflake_account - role = var.security_integration_role + role = var.integration_role } provider "snowflake" { - alias = "security_admin_role" + alias = "admin_role" account = var.snowflake_account - role = var.security_admin_role + role = var.admin_role } provider "snowflake" { - alias = "security_alerting_role" + alias = "alerting_role" account = var.snowflake_account - role = var.security_alerting_role + role = var.alerting_role } diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf index bdc8bbc..21dcda3 100644 --- a/examples/complete/variables.tf +++ b/examples/complete/variables.tf @@ -198,37 +198,37 @@ variable "monitoring_schema_name" { default = "MONITORING" } -variable "security_integration_role" { +variable "integration_role" { type = string description = "Role for creating database level or account level objects." default = "ACCOUNTADMIN" } -variable "security_admin_role" { +variable "admin_role" { type = string description = "Role for creating database level or account level objects." default = "ACCOUNTADMIN" } -variable "security_alerting_role" { +variable "alerting_role" { type = string description = "Role for creating schema level objects." default = "ACCOUNTADMIN" } -variable "security_ingest_role" { +variable "ingest_role" { type = string description = "Role for creating schema level objects." default = "ACCOUNTADMIN" } -variable "security_modeling_role" { +variable "modeling_role" { type = string description = "Role for creating schema level objects." default = "ACCOUNTADMIN" } -variable "security_monitoring_role" { +variable "monitoring_role" { type = string description = "Role for creating schema level objects." default = "ACCOUNTADMIN" diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index 92719fe..e019610 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.3.4" + required_version = "~> 1.4.6" required_providers { aws = { @@ -9,7 +9,7 @@ terraform { snowflake = { source = "Snowflake-Labs/snowflake" - version = "~> 0.57.0" + version = "~> 0.66.1" } } } diff --git a/examples/simple/main.tf b/examples/simple/main.tf index 2ddf3e6..5a78c56 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -9,12 +9,13 @@ module "snowalert" { snowalert_user_email = var.snowalert_user_email create_tables = var.create_tables handlers = var.handlers + slack_secrets_arn = var.slack_secrets_arn providers = { - snowflake.security_api_integration_role = snowflake.security_api_integration_role - snowflake.security_storage_integration_role = snowflake.security_storage_integration_role - snowflake.security_admin_role = snowflake.security_admin_role - snowflake.security_alerting_role = snowflake.security_alerting_role - aws = aws + snowflake.api_integration_role = snowflake.api_integration_role + snowflake.storage_integration_role = snowflake.storage_integration_role + snowflake.admin_role = snowflake.admin_role + snowflake.alerting_role = snowflake.alerting_role + aws = aws } } diff --git a/examples/simple/snowflake_provider.tf b/examples/simple/snowflake_provider.tf index a779ee3..7c3567e 100644 --- a/examples/simple/snowflake_provider.tf +++ b/examples/simple/snowflake_provider.tf @@ -6,29 +6,29 @@ # export SNOWFLAKE_PRIVATE_KEY_PASSPHRASE="snowflake_passphrase" provider "snowflake" { - alias = "security_api_integration_role" + alias = "api_integration_role" account = var.snowflake_account - role = var.security_integration_role + role = var.integration_role } provider "snowflake" { - alias = "security_storage_integration_role" + alias = "storage_integration_role" account = var.snowflake_account - role = var.security_integration_role + role = var.integration_role } provider "snowflake" { - alias = "security_admin_role" + alias = "admin_role" account = var.snowflake_account - role = var.security_admin_role + role = var.admin_role } provider "snowflake" { - alias = "security_alerting_role" + alias = "alerting_role" account = var.snowflake_account - role = var.security_alerting_role + role = var.alerting_role } diff --git a/examples/simple/variables.tf b/examples/simple/variables.tf index 13fe0f2..7b85e7c 100644 --- a/examples/simple/variables.tf +++ b/examples/simple/variables.tf @@ -174,37 +174,37 @@ variable "alert_scheduler_schedule" { default = "1/15 * * * *" } -variable "security_integration_role" { +variable "integration_role" { type = string description = "Role for creating database level or account level objects." default = "ACCOUNTADMIN" } -variable "security_admin_role" { +variable "admin_role" { type = string description = "Role for creating database level or account level objects." default = "ACCOUNTADMIN" } -variable "security_alerting_role" { +variable "alerting_role" { type = string description = "Role for creating schema level objects." default = "ACCOUNTADMIN" } -variable "security_ingest_role" { +variable "ingest_role" { type = string description = "Role for creating schema level objects." default = "ACCOUNTADMIN" } -variable "security_modeling_role" { +variable "modeling_role" { type = string description = "Role for creating schema level objects." default = "ACCOUNTADMIN" } -variable "security_monitoring_role" { +variable "monitoring_role" { type = string description = "Role for creating schema level objects." default = "ACCOUNTADMIN" diff --git a/examples/simple/versions.tf b/examples/simple/versions.tf index 92719fe..e019610 100644 --- a/examples/simple/versions.tf +++ b/examples/simple/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.3.4" + required_version = "~> 1.4.6" required_providers { aws = { @@ -9,7 +9,7 @@ terraform { snowflake = { source = "Snowflake-Labs/snowflake" - version = "~> 0.57.0" + version = "~> 0.66.1" } } } diff --git a/functions.tf b/functions.tf index df67edf..0fd8f83 100644 --- a/functions.tf +++ b/functions.tf @@ -1,5 +1,5 @@ resource "snowflake_function" "time_slices_without_tz" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -30,7 +30,7 @@ resource "snowflake_function" "time_slices_without_tz" { } resource "snowflake_function" "time_slices_with_tz" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -75,7 +75,7 @@ locals { } resource "snowflake_function" "time_slices_before_t_without_tz" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -109,7 +109,7 @@ resource "snowflake_function" "time_slices_before_t_without_tz" { } resource "snowflake_function" "time_slices_before_t_with_tz" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -143,7 +143,7 @@ resource "snowflake_function" "time_slices_before_t_with_tz" { } resource "snowflake_function" "time_slices_before_t_without_time" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -172,7 +172,7 @@ resource "snowflake_function" "time_slices_before_t_without_time" { } resource "snowflake_function" "object_assign" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -200,7 +200,7 @@ javascript } resource "snowflake_function" "urlencode" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -230,7 +230,7 @@ javascript } resource "snowflake_function_grant" "urlencode" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database_name = local.snowalert_database_name schema_name = local.data_schema @@ -239,13 +239,13 @@ resource "snowflake_function_grant" "urlencode" { argument_data_types = ["VARIANT"] privilege = "USAGE" roles = [ - var.security_ingest_role, - var.security_modeling_role, + var.ingest_role, + var.modeling_role, ] } resource "snowflake_function" "array_set" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -281,7 +281,7 @@ javascript } resource "snowflake_function" "json_beautify_with_indent" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -313,7 +313,7 @@ javascript } resource "snowflake_function" "json_beautify_without_indent" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema diff --git a/geff.tf b/geff.tf index 83618e2..966b8d7 100644 --- a/geff.tf +++ b/geff.tf @@ -20,8 +20,8 @@ module "geff_snowalert" { geff_secret_arns = local.snowalert_secret_arns providers = { - snowflake.api_integration_role = snowflake.security_api_integration_role - snowflake.storage_integration_role = snowflake.security_storage_integration_role + snowflake.api_integration_role = snowflake.api_integration_role + snowflake.storage_integration_role = snowflake.storage_integration_role aws = aws } } diff --git a/grants.tf b/grants.tf index ecefe63..6f544bc 100644 --- a/grants.tf +++ b/grants.tf @@ -1,13 +1,13 @@ module "snowalert_grants" { - source = "git@github.com:Snowflake-Labs/terraform-snowflake-snowalert-rbac.git?ref=v0.2.4" + source = "git@github.com:Snowflake-Labs/terraform-snowflake-snowalert-rbac.git?ref=v0.2.5" snowalert_warehouse_name = var.snowalert_warehouse_name snowalert_database_name = var.snowalert_database_name - security_ingest_role = var.security_ingest_role - security_alerting_role = var.security_alerting_role - security_modeling_role = var.security_modeling_role - security_monitoring_role = var.security_monitoring_role + ingest_role = var.ingest_role + alerting_role = var.alerting_role + modeling_role = var.modeling_role + monitoring_role = var.monitoring_role app_snowalert_role = var.snowalert_user_name warehouse_external_roles = var.warehouse_external_roles @@ -20,6 +20,6 @@ module "snowalert_grants" { enable_multiple_grants = var.enable_multiple_grants providers = { - snowflake.security_admin_role = snowflake.security_admin_role + snowflake.admin_role = snowflake.admin_role } } diff --git a/procedures.tf b/procedures.tf index 3387ab3..d3532bc 100644 --- a/procedures.tf +++ b/procedures.tf @@ -1,5 +1,5 @@ resource "snowflake_procedure" "alert_dispatcher" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -34,7 +34,7 @@ resource "snowflake_procedure" "alert_dispatcher" { } resource "snowflake_procedure" "alerts_merge" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -68,7 +68,7 @@ resource "snowflake_procedure" "alerts_merge" { } resource "snowflake_procedure" "alert_processor_with_default_correlation_period" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -91,7 +91,7 @@ resource "snowflake_procedure" "alert_processor_with_default_correlation_period" } resource "snowflake_procedure" "alert_processor_with_custom_correlation_period" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -119,7 +119,7 @@ resource "snowflake_procedure" "alert_processor_with_custom_correlation_period" } resource "snowflake_procedure" "alert_queries_runner_with_time" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -161,7 +161,7 @@ resource "snowflake_procedure" "alert_queries_runner_with_time" { } resource "snowflake_procedure" "alert_queries_runner_without_time" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -198,7 +198,7 @@ resource "snowflake_procedure" "alert_queries_runner_without_time" { } resource "snowflake_procedure" "alert_queries_runner" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -230,7 +230,7 @@ resource "snowflake_procedure" "alert_queries_runner" { } resource "snowflake_procedure" "alert_scheduler" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -272,7 +272,7 @@ resource "snowflake_procedure" "alert_scheduler" { } resource "snowflake_procedure" "alert_suppressions_runner" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -308,7 +308,7 @@ resource "snowflake_procedure" "alert_suppressions_runner" { } resource "snowflake_procedure" "alert_suppressions_runner_without_queries_like" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -339,7 +339,7 @@ resource "snowflake_procedure" "alert_suppressions_runner_without_queries_like" } resource "snowflake_procedure" "violation_scheduler" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -378,7 +378,7 @@ resource "snowflake_procedure" "violation_scheduler" { } resource "snowflake_procedure" "violation_queries_runner" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema diff --git a/schemas.tf b/schemas.tf index e7596db..dec1ebd 100644 --- a/schemas.tf +++ b/schemas.tf @@ -8,7 +8,7 @@ locals { # Schemas resource "snowflake_schema" "data" { count = var.create_schemas == true ? 1 : 0 - provider = snowflake.security_admin_role + provider = snowflake.admin_role database = local.snowalert_database_name name = local.data_schema_name @@ -20,7 +20,7 @@ locals { resource "snowflake_schema" "rules" { count = var.create_schemas == true ? 1 : 0 - provider = snowflake.security_admin_role + provider = snowflake.admin_role database = local.snowalert_database_name name = local.rules_schema_name @@ -32,7 +32,7 @@ locals { resource "snowflake_schema" "results" { count = var.create_schemas == true ? 1 : 0 - provider = snowflake.security_admin_role + provider = snowflake.admin_role database = local.snowalert_database_name name = local.results_schema_name @@ -44,7 +44,7 @@ locals { resource "snowflake_schema" "monitoring" { count = var.create_schemas == true ? 1 : 0 - provider = snowflake.security_admin_role + provider = snowflake.admin_role database = local.snowalert_database_name name = local.monitoring_schema_name diff --git a/streams.tf b/streams.tf index 74f85b9..8b5d6ea 100644 --- a/streams.tf +++ b/streams.tf @@ -1,5 +1,5 @@ # resource "snowflake_stream" "raw_alerts_stream" { -# provider = snowflake.security_alerting_role +# provider = snowflake.alerting_role # database = local.snowalert_database_name # schema = local.results_schema @@ -14,7 +14,7 @@ # } resource "snowflake_stream" "raw_alerts_merge_stream" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema diff --git a/tables.tf b/tables.tf index 44ecdae..750475c 100644 --- a/tables.tf +++ b/tables.tf @@ -1,6 +1,6 @@ resource "snowflake_table" "raw_alerts" { count = var.create_tables ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -78,7 +78,7 @@ locals { resource "snowflake_table" "alerts" { count = var.create_tables ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -155,7 +155,7 @@ locals { resource "snowflake_table" "violations" { count = var.create_tables ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -202,7 +202,7 @@ locals { resource "snowflake_table" "query_metadata" { count = var.create_tables ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -229,7 +229,7 @@ locals { resource "snowflake_table" "run_metadata" { count = var.create_tables ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema @@ -256,7 +256,7 @@ locals { resource "snowflake_table" "ingestion_metadata" { count = var.create_tables ? 1 : 0 - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.results_schema diff --git a/tasks.tf b/tasks.tf index 6cdd57a..59dac59 100644 --- a/tasks.tf +++ b/tasks.tf @@ -1,5 +1,5 @@ resource "snowflake_task" "snowalert_alerts_merge_task" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role warehouse = local.snowalert_warehouse_name database = local.snowalert_database_name @@ -16,7 +16,7 @@ resource "snowflake_task" "snowalert_alerts_merge_task" { } resource "snowflake_task" "snowalert_suppression_merge_task" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role warehouse = local.snowalert_warehouse_name database = local.snowalert_database_name @@ -34,7 +34,7 @@ resource "snowflake_task" "snowalert_suppression_merge_task" { resource "snowflake_task" "alert_processor_task" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role warehouse = local.snowalert_warehouse_name database = local.snowalert_database_name @@ -52,7 +52,7 @@ resource "snowflake_task" "alert_processor_task" { resource "snowflake_task" "alert_dispatcher_task" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role warehouse = local.snowalert_warehouse_name database = local.snowalert_database_name @@ -69,7 +69,7 @@ resource "snowflake_task" "alert_dispatcher_task" { } resource "snowflake_task" "alert_scheduler_task" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role warehouse = local.snowalert_warehouse_name database = local.snowalert_database_name @@ -86,7 +86,7 @@ resource "snowflake_task" "alert_scheduler_task" { } resource "snowflake_task" "violation_scheduler_task" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role warehouse = local.snowalert_warehouse_name database = local.snowalert_database_name diff --git a/variables.tf b/variables.tf index 92f0128..c3390c7 100644 --- a/variables.tf +++ b/variables.tf @@ -214,40 +214,40 @@ variable "violation_scheduler_schedule" { default = "1/15 * * * *" } -variable "security_integration_role" { +variable "integration_role" { type = string description = "Role for creating database level or account level objects." - default = "SECURITY_INTEGRATION_OWNER_RL" + default = "INTEGRATION_OWNER_RL" } -variable "security_admin_role" { +variable "admin_role" { type = string description = "Role for creating database level or account level objects." - default = "SECURITY_ADMIN_RL" + default = "ADMIN_RL" } -variable "security_alerting_role" { +variable "alerting_role" { type = string description = "Role for creating schema level objects." - default = "SECURITY_ALERTING_RL" + default = "ALERTING_RL" } -variable "security_ingest_role" { +variable "ingest_role" { type = string description = "Role for creating schema level objects." - default = "SECURITY_INGEST_RL" + default = "INGEST_RL" } -variable "security_modeling_role" { +variable "modeling_role" { type = string description = "Role for creating schema level objects." - default = "SECURITY_MODELING_RL" + default = "MODELING_RL" } -variable "security_monitoring_role" { +variable "monitoring_role" { type = string description = "Role for creating schema level objects." - default = "SECURITY_MONITORING_RL" + default = "MONITORING_RL" } variable "warehouse_external_roles" { diff --git a/versions.tf b/versions.tf index b82b253..8cbcccf 100644 --- a/versions.tf +++ b/versions.tf @@ -12,10 +12,10 @@ terraform { version = ">= 0.62.0" configuration_aliases = [ - snowflake.security_api_integration_role, - snowflake.security_storage_integration_role, - snowflake.security_admin_role, - snowflake.security_alerting_role, + snowflake.api_integration_role, + snowflake.storage_integration_role, + snowflake.admin_role, + snowflake.alerting_role, ] } } diff --git a/views.tf b/views.tf index 88e0a8f..6fc7587 100644 --- a/views.tf +++ b/views.tf @@ -1,5 +1,5 @@ resource "snowflake_view" "rule_tags" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -18,7 +18,7 @@ resource "snowflake_view" "rule_tags" { } resource "snowflake_view" "alerts" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -43,7 +43,7 @@ resource "snowflake_view" "alerts" { } resource "snowflake_view" "violations" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -68,7 +68,7 @@ resource "snowflake_view" "violations" { } resource "snowflake_view" "tags_foj_alerts" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -98,7 +98,7 @@ resource "snowflake_view" "tags_foj_alerts" { } resource "snowflake_view" "tags_foj_violations" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -142,7 +142,7 @@ locals { } resource "snowflake_view" "alert_queries_runs" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -161,7 +161,7 @@ resource "snowflake_view" "alert_queries_runs" { } resource "snowflake_view" "alert_query_rule_runs" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -180,7 +180,7 @@ resource "snowflake_view" "alert_query_rule_runs" { } resource "snowflake_view" "alert_suppressions_runs" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -199,7 +199,7 @@ resource "snowflake_view" "alert_suppressions_runs" { } resource "snowflake_view" "alert_suppression_rule_runs" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -218,7 +218,7 @@ resource "snowflake_view" "alert_suppression_rule_runs" { } resource "snowflake_view" "violation_queries_runs" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -237,7 +237,7 @@ resource "snowflake_view" "violation_queries_runs" { } resource "snowflake_view" "violation_query_rule_runs" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -256,7 +256,7 @@ resource "snowflake_view" "violation_query_rule_runs" { } resource "snowflake_view" "violation_suppressions_runs" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -275,7 +275,7 @@ resource "snowflake_view" "violation_suppressions_runs" { } resource "snowflake_view" "violation_suppression_rule_runs" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -294,7 +294,7 @@ resource "snowflake_view" "violation_suppression_rule_runs" { } resource "snowflake_view" "rule_views_to_titles_map" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -354,7 +354,7 @@ locals { } resource "snowflake_view" "alert_query_rule_run_errors" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -375,7 +375,7 @@ resource "snowflake_view" "alert_query_rule_run_errors" { } resource "snowflake_view" "alert_suppression_rule_run_errors" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -396,7 +396,7 @@ resource "snowflake_view" "alert_suppression_rule_run_errors" { } resource "snowflake_view" "violation_query_rule_run_errors" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -417,7 +417,7 @@ resource "snowflake_view" "violation_query_rule_run_errors" { } resource "snowflake_view" "violation_suppression_rule_run_errors" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema @@ -438,7 +438,7 @@ resource "snowflake_view" "violation_suppression_rule_run_errors" { } resource "snowflake_view" "data_connector_run_errors" { - provider = snowflake.security_alerting_role + provider = snowflake.alerting_role database = local.snowalert_database_name schema = local.data_schema