network_policies
Creates, updates, deletes, gets or lists a network_policies resource.
Overview
| Name | network_policies |
| Type | Resource |
| Id | snowflake.network_policy.network_policies |
Fields
The following fields are returned by SELECT queries:
- list_network_policies
- fetch_network_policy
A Snowflake network policy
| Name | Datatype | Description |
|---|---|---|
name | string | Name of the network policy (pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$) |
allowed_ip_list | array | List of allowed IPs in a network policy |
allowed_network_rule_list | array | List of names of allowed network rules in a network policy |
blocked_ip_list | array | List of blocked IPs in a network policy |
blocked_network_rule_list | array | List of names of blocked network rules in a network policy |
comment | string | user comment associated to an object in the dictionary |
created_on | string (date-time) | Date and time when the network policy was created. |
owner | string | Role that owns the network policy (pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$) |
owner_role_type | string | The type of role that owns the network policy (pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$) |
A Snowflake network policy
| Name | Datatype | Description |
|---|---|---|
name | string | Name of the network policy (pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$) |
allowed_ip_list | array | List of allowed IPs in a network policy |
allowed_network_rule_list | array | List of names of allowed network rules in a network policy |
blocked_ip_list | array | List of blocked IPs in a network policy |
blocked_network_rule_list | array | List of names of blocked network rules in a network policy |
comment | string | user comment associated to an object in the dictionary |
created_on | string (date-time) | Date and time when the network policy was created. |
owner | string | Role that owns the network policy (pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$) |
owner_role_type | string | The type of role that owns the network policy (pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list_network_policies | select | endpoint | List network policies | |
fetch_network_policy | select | name, endpoint | Fetch a network policy | |
create_network_policy | insert | endpoint | createMode | Create a network policy |
delete_network_policy | delete | name, endpoint | ifExists | Delete a network policy |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
endpoint | string | Organization and Account Name (default: orgid-acctid) |
name | string | Identifier (i.e. name) for the resource. |
createMode | string | Query parameter allowing support for different modes of resource creation. Possible values include: - errorIfExists: Throws an error if you try to create a resource that already exists. - orReplace: Automatically replaces the existing resource with the current one. - ifNotExists: Creates a new resource when an alter is requested for a non-existent resource. |
ifExists | boolean | Query parameter that specifies how to handle the request for a resource that does not exist: - true: The endpoint does not throw an error if the resource does not exist. It returns a 200 success response, but does not take any action on the resource. - false: The endpoint throws an error if the resource doesn't exist. |
SELECT examples
- list_network_policies
- fetch_network_policy
List network policies
SELECT
name,
allowed_ip_list,
allowed_network_rule_list,
blocked_ip_list,
blocked_network_rule_list,
comment,
created_on,
owner,
owner_role_type
FROM snowflake.network_policy.network_policies
WHERE endpoint = '{{ endpoint }}' -- required;
Fetch a network policy
SELECT
name,
allowed_ip_list,
allowed_network_rule_list,
blocked_ip_list,
blocked_network_rule_list,
comment,
created_on,
owner,
owner_role_type
FROM snowflake.network_policy.network_policies
WHERE name = '{{ name }}' -- required
AND endpoint = '{{ endpoint }}' -- required;
INSERT examples
- create_network_policy
- Manifest
Create a network policy
INSERT INTO snowflake.network_policy.network_policies (
data__name,
data__allowed_network_rule_list,
data__blocked_network_rule_list,
data__allowed_ip_list,
data__blocked_ip_list,
data__comment,
endpoint,
createMode
)
SELECT
'{{ name }}' --required,
'{{ allowed_network_rule_list }}',
'{{ blocked_network_rule_list }}',
'{{ allowed_ip_list }}',
'{{ blocked_ip_list }}',
'{{ comment }}',
'{{ endpoint }}',
'{{ createMode }}'
;
# Description fields are for documentation purposes
- name: network_policies
props:
- name: endpoint
value: string
description: Required parameter for the network_policies resource.
- name: name
value: string
description: >
Name of the network policy
- name: allowed_network_rule_list
value: array
description: >
List of names of allowed network rules in a network policy
- name: blocked_network_rule_list
value: array
description: >
List of names of blocked network rules in a network policy
- name: allowed_ip_list
value: array
description: >
List of allowed IPs in a network policy
- name: blocked_ip_list
value: array
description: >
List of blocked IPs in a network policy
- name: comment
value: string
description: >
user comment associated to an object in the dictionary
- name: createMode
value: string
description: Query parameter allowing support for different modes of resource creation. Possible values include: - `errorIfExists`: Throws an error if you try to create a resource that already exists. - `orReplace`: Automatically replaces the existing resource with the current one. - `ifNotExists`: Creates a new resource when an alter is requested for a non-existent resource.
DELETE examples
- delete_network_policy
Delete a network policy
DELETE FROM snowflake.network_policy.network_policies
WHERE name = '{{ name }}' --required
AND endpoint = '{{ endpoint }}' --required
AND ifExists = '{{ ifExists }}';