feat: add missing authentication policy features#4551
Merged
sfc-gh-jcieslak merged 20 commits intodevfrom Mar 30, 2026
Merged
Conversation
|
Account-level tests success for d86760369a31a3e6eb4c30f816c750b406559974 |
|
Integration tests failure for d86760369a31a3e6eb4c30f816c750b406559974 |
|
Integration tests failure for 31192f4ac5f2fdc384a7dc6cc1111169dcc628d6 |
|
Account-level tests success for 31192f4ac5f2fdc384a7dc6cc1111169dcc628d6 |
sfc-gh-jcieslak
commented
Mar 24, 2026
sfc-gh-jcieslak
commented
Mar 24, 2026
|
Integration tests failure for 452d65ec6ae7e45fcc61f39d5434c5d66ccea0e0 |
|
Account-level tests success for 452d65ec6ae7e45fcc61f39d5434c5d66ccea0e0 |
|
Account-level tests success for c87612a69d0f05c486e025e2263845348a5a0c8a |
|
Integration tests failure for 3eb6fe4cfa287c0685614677062e953afe33e53d |
sfc-gh-jmichalak
requested changes
Mar 24, 2026
pkg/acceptance/bettertestspoc/config/model/authentication_policy_model_ext.go
Show resolved
Hide resolved
|
Account-level tests success for 839d0cdd5099cc2d2a4944dd8000a47a12f74c4e |
|
Integration tests failure for 839d0cdd5099cc2d2a4944dd8000a47a12f74c4e |
…atures # Conflicts: # pkg/schemas/authentication_policy.go # pkg/sdk/testint/authentication_policies_gen_integration_test.go # pkg/testacc/resource_authentication_policy_acceptance_test.go
|
Integration tests cancelled for 106abfa00c22d438d3682015e3f49058fa18baca |
sfc-gh-jmichalak
approved these changes
Mar 27, 2026
|
Account-level tests success for 106abfa00c22d438d3682015e3f49058fa18baca |
|
Integration tests success for 66fc58dd5ad9e53e608f3b72e5d8d2ed58061915 |
sfc-gh-jcieslak
deleted the
jcieslak/add-missing-authentication-policy-features
branch
sfc-gh-jcieslak
added a commit
that referenced
this pull request
Apr 7, 2026
Follow-up for #4551: - Add optional describe property parsing (don't error out on missing property; instead, return a warning and proceed with the read operation)
1 task
sfc-gh-jmichalak
pushed a commit
that referenced
this pull request
Apr 13, 2026
🤖 I have created a release *beep* *boop* --- ## [2.15.0](v2.14.0...v2.15.0) (2026-04-13) ### 🎉 **What's new:** * Add catalog integrations to SDK ([#4483](#4483)) ([8666a98](8666a98)) * Add encryption to image repository resource ([#4633](#4633)) ([42a6118](42a6118)) * Add GrantOwnership resource and support for safe destroy ([#4630](#4630)) ([d9cd369](d9cd369)) * Add GRANTS_SAFE_DESTROY experiment for safe revoke in grant privileges ([#4581](#4581)) ([bcb0d52](bcb0d52)) * Add missing account parameters ([#4544](#4544)) ([745a156](745a156)) * add missing authentication policy features ([#4551](#4551)) ([e5e77fe](e5e77fe)), closes [#4552](#4552) * Add missing tag features ([#4586](#4586)) ([82582e1](82582e1)) * Add RevokePrivilegeFromShareSafely to SDK Grants interface ([#4582](#4582)) ([a1536a1](a1536a1)) * Add S3-compatible storage, access point ARN, and privatelink support to external volume resource ([#4510](#4510)) ([6114a78](6114a78)) * Add SDK integration tests for catalog integrations ([#4505](#4505)) ([0a52e50](0a52e50)) * Add SDK support for hybrid tables ([#4454](#4454)) ([bfa93e3](bfa93e3)) * add snowflake_catalog_integration_aws_glue resource ([#4539](#4539)) ([513774d](513774d)) * add snowflake_catalog_integration_iceberg_rest resource ([#4574](#4574)) ([fdab054](fdab054)) * add snowflake_catalog_integration_object_storage resource ([#4542](#4542)) ([526436b](526436b)) * add snowflake_catalog_integration_open_catalog resource ([#4555](#4555)) ([e61d35d](e61d35d)) * add snowflake_catalog_integrations data source ([#4585](#4585)) ([02c86d4](02c86d4)) * Add snowflake_external_volumes data source ([#4535](#4535)) ([09b9f73](09b9f73)) * Add snowflake_warehouse_adaptive resource ([#4594](#4594)) ([c646190](c646190)) * Add support for future image repositories for grant resources ([#4599](#4599)) ([39bc0b9](39bc0b9)) * Add TAG_ASSOCIATION_SAFE_DESTROY experiment for safe tag unset ([#4616](#4616)) ([7ca13af](7ca13af)) * Allow granting ownership on dbt projects ([#4570](#4570)) ([2e07880](2e07880)) * Detect and restore external warehouse type changes for adaptive and standard warehouses ([#4623](#4623)) ([f331367](f331367)) * Extend GRANTS_SAFE_DESTROY experiment to snowflake_grant_account_role, snowflake_grant_database_role, snowflake_grant_application_role ([#4617](#4617)) ([8558ad1](8558ad1)) * Extend GRANTS_SAFE_DESTROY experiment to snowflake_grant_privileges_to_database_role ([#4604](#4604)) ([0b1b2f1](0b1b2f1)) * Extend GRANTS_SAFE_DESTROY experiment to snowflake_grant_privileges_to_share ([#4614](#4614)) ([d4701f2](d4701f2)) * Extend SDK integration tests for session policies ([#4622](#4622)) ([fdc4f10](fdc4f10)) * extend session policies SDK definition ([#4602](#4602)) ([75425a6](75425a6)) * Extend warehouses data source to handle adaptive warehouses ([#4605](#4605)) ([83fb678](83fb678)) * Make storage_aws_external_id optional on external volume resource ([#4536](#4536)) ([d45a232](d45a232)) * support private facts and metrics in semantic views ([#4380](#4380)) ([ed38cc6](ed38cc6)) ### 🔧 **Misc** * Adaptive warehouse SDK outputs ([#4556](#4556)) ([bb1ddf2](bb1ddf2)) * Add account parameter changes ([#4559](#4559)) ([8b8fe87](8b8fe87)), closes [#3080](#3080) * Add aliases to SDK enum generation ([#4629](#4629)) ([7928412](7928412)) * Add ALTER support for adaptive warehouses ([#4600](#4600)) ([ab0469b](ab0469b)) * Add an enum generator to SDK ([#3852](#3852)) ([6017851](6017851)) * Add encryption to image repository SDK ([#4624](#4624)) ([6b396cc](6b396cc)) * Add RevokePrivilegesFromAccountRoleSafely for graceful revoke on missing objects ([#4543](#4543)) ([10833f6](10833f6)) * Add RevokeSafely to Roles, DatabaseRoles, and ApplicationRoles SDK interfaces ([#4603](#4603)) ([f4c57c8](f4c57c8)) * Add SafeUnsetTag for graceful tag unset on missing objects ([#4583](#4583)) ([9a441eb](9a441eb)) * Adjust authentication policy describe parameter parsing ([#4577](#4577)) ([62ddd95](62ddd95)) * Adjust GH actions ([#4538](#4538)) ([9d66117](9d66117)) * adjust tests for BCR 2026_01 ([#4484](#4484)) ([4462a42](4462a42)) * Adjust warehouse SDK ([#4609](#4609)) ([49cbfa0](49cbfa0)) * Bump go driver to v2 ([#4480](#4480)) ([0ffd380](0ffd380)) * Bump Go module dependencies ([#4573](#4573)) ([5fe437d](5fe437d)) * Bump slash command dispatch version ([#4502](#4502)) ([62f4b1c](62f4b1c)) * Clean up migration guide ([#4639](#4639)) ([c892d17](c892d17)) * Configure generation part per object ([#4580](#4580)) ([5cd3eaf](5cd3eaf)) * Define db and plain structs in a single definition ([#4618](#4618)) ([b35a64e](b35a64e)) * External volume resource adjustments ([#4504](#4504)) ([424a2e1](424a2e1)) * External volumes SDK part 2 ([#4482](#4482)) ([34e85cf](34e85cf)) * External volumes SDK part 3 ([#4488](#4488)) ([0bca06f](0bca06f)) * Fix dev with pre-push ([#4513](#4513)) ([9827eeb](9827eeb)) * Fix minor issues after reviews ([#4497](#4497)) ([b5a299c](b5a299c)) * fix warehouse test for non-prod environments ([#4558](#4558)) ([1cca425](1cca425)) * Introduce a new behavior for tags ([#4498](#4498)) ([a061db1](a061db1)), closes [#4238](#4238) * Introduce specialized types for DESC semantic view output ([#4550](#4550)) ([eb00bc4](eb00bc4)) * Remove dedicated BCR 2025_07 test cases ([#4509](#4509)) ([2e3b9be](2e3b9be)) * Rename adaptive warehouse fields to match Snowflake SQL names ([#4584](#4584)) ([950376c](950376c)) * Rework catalog integration describe ([#4528](#4528)) ([c1526d0](c1526d0)) * Rework pre-push-check command ([#4591](#4591)) ([70d367e](70d367e)) * SDK Updates for Webhook Notification Integration ([#4540](#4540)) ([a89bce7](a89bce7)) * Support adaptive warehouses in SDK ([#4508](#4508)) ([cccf51b](cccf51b)) * Test nullable lists in Terraform ([#4486](#4486)) ([3eede0b](3eede0b)) * translate the semantic view describe output into a struct ([#4516](#4516)) ([310a6ba](310a6ba)) * update hybrid table grant error expectations ([#4611](#4611)) ([f7632f5](f7632f5)) * Upgrade Go to v1.25.7 ([#4526](#4526)) ([32ee078](32ee078)) ### 🐛 **Bug fixes:** * Add IMPORT_BOOLEAN_DEFAULT experiment to fix post-import permadiff on stage resources ([#4572](#4572)) ([97a5bc5](97a5bc5)), closes [#4549](#4549) * Adjust agent object type in grants ([#4529](#4529)) ([8ba7b18](8ba7b18)) * Adjust mcp server object type in grants ([#4532](#4532)) ([a391f76](a391f76)), closes [#4524](#4524) * Adjust tests for Snowflake MFA and listing behavioral changes ([#4545](#4545)) ([56834a5](56834a5)) * failing authentication policy tests ([#4598](#4598)) ([b7aa904](b7aa904)) * Fix "object does not exist" errors for the authentication policy resource ([#4571](#4571)) ([4ce5f7a](4ce5f7a)) * Fix allowed_accounts update in failover_group ([#4487](#4487)) ([7ff2873](7ff2873)) * Fix nil pointer dereference panics in snowflake_account ([#4541](#4541)) ([505a845](505a845)) * Fix panic in snowflake_view when last column has masking policy without using clause ([#4579](#4579)) ([26aed7c](26aed7c)) * Fix table column masking policy application after BCR 2026_02 ([#4615](#4615)) ([604ec1a](604ec1a)), closes [#4608](#4608) * Pass context properly instead of context.Background() ([#4564](#4564)) ([3dc3ffc](3dc3ffc)) * Remove file_format from ComputedIfAnyAttributeChanged on stage resources ([#4588](#4588)) ([f46d989](f46d989)) * tag association object type mapping ([#4554](#4554)) ([bb6ba18](bb6ba18)) * tag resource read behavior ([#4638](#4638)) ([61b5602](61b5602)) * Use HTTPS URLs in ExternalOauth security integration tests ([#4610](#4610)) ([f2fc266](f2fc266)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: terraform-provider-release[bot] <205196624+terraform-provider-release[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes
client_policyto sdk and resourceOTPoption toallowed_methodsrequire_role_restriction_for_service_userstopat_policyFollow-up
References