Need help with terraform-provider-snowflake?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

216 Stars 149 Forks MIT License 502 Commits 138 Opened issues


Terraform provider for managing Snowflake accounts

Services available


Need anything else?

Contributors list

Terraform Provider: Snowflake

Please note: If you believe you have found a security issue, please responsibly disclose by contacting us at [email protected].


This is a terraform provider plugin for managing Snowflake accounts.

Getting Help

If you need help, try the discussions area of this repo.


The easiest way is to run this command:

curl | bash -s -- -b $HOME/.terraform.d/plugins

Note that this will only work with recent releases, for older releases, use the version of that corresponds to that release (replace main in that curl with the version).

It runs a script generated by godownloader which installs into the proper directory for terraform (~/.terraform.d/plugins).

You can also just download a binary from our releases and follow the Terraform directions for installing 3rd party plugins.

For Terraform v0.13+ users

We are now (7/29/2021) using Terraform 0.13 for testing purposes due to an issue for data sources for versions <0.13. Related PR for this change here.

You can use Explicit Provider Source Locations.

The following maybe work well.

terraform {
  required_providers {
    snowflake = {
      source = "chanzuckerberg/snowflake"
      version = "0.20.0"


An introductory tutorial is available from Snowflake.

In-depth docs are available on the Terraform registry.


If you do not have Go installed:

  1. Install Go
    brew install golang
  2. Make a Go development directory wherever you like
    mkdir go_projects
  3. Add the following config to your profile
   export GOPATH=$HOME/../go_projects # edit with your go_projects dir
   export PATH=$PATH:$GOPATH/bin
  1. Fork this repo and clone it into
  2. cd to
    and install all the required packages with
    make setup
  3. Finally install goimports with
    (cd && go get
  4. You should now be able to successfully run the tests with
    make test

It has not been tested on Windows, so if you find problems let us know.

If you want to build and test the provider locally there is a make target

make install-tf
that will build the provider binary and install it in a location that terraform can find.


Note: PRs for new resources will not be accepted without passing acceptance tests.

For the Terraform resources, there are 3 levels of testing - internal, unit and acceptance tests.

The 'internal' tests are run in the
package so that they can test functions that are not exported. These tests are intended to be limited to unit tests for simple functions.

The 'unit' tests are run in
, so they only have access to the exported methods of
. These tests exercise the CRUD methods that on the terraform resources. Note that all tests here make use of database mocking and are run locally. This means the tests are fast, but are liable to be wrong in subtle ways (since the mocks are unlikely to be perfect).

You can run these first two sets of tests with

make test

The 'acceptance' tests run the full stack, creating, modifying and destroying resources in a live snowflake account. To run them you need a snowflake account and the proper authentication set up. These tests are slower but have higher fidelity.

To run all tests, including the acceptance tests, run

make test-acceptance

Pull Request CI

Our CI jobs run the full acceptence test suite, which involves creating and destroying resources in a live snowflake account. Github Actions is configured with environment variables to authenticate to our test snowflake account. For security reasons, those variables are not available to forks of this repo.

If you are making a PR from a forked repo, you can create a new Snowflake trial account and set up Travis to build it by setting these environement variables:

    - The account name
    - A snowflake user for running tests.
    - Password for that user.
    - Needs to be ACCOUNTADMIN or similar.
    - Default is us-west-2, set this if your snowflake account is in a different region.

If you are using the Standard Snowflake plan, it's recommended you also set up the following environment variables to skip tests for features not enabled for it:

    - to skip tests with retention time larger than 1 day
    - to skip tests with multi warehouses


Running a release

Note: releases can only be done by those with keybase pgp keys allowed in the terraform registry.

Releases will be performed once a week on Monday around 11am PST. If your change is more urgent and you need to use it sooner, use the commit hash.

Releases are done by goreleaser and run by our make files. There two goreleaser configs,

for regular releases and
for doing prereleases (for testing).

Releases are published to the terraform registry, which requires that releases by signed.

Adding a new releaser

To set up a new person for releasing, there are a few steps–

  1. releaser: a keybase account and a workstation set up with their Keybase app.
  2. releaser: a pgp key -
    keybase pgp gen
  3. releaser: export public key.
    1. If you have a single key in keybase–
      1. keybase pgp export
    2. If you have more than one key–
      1. keybase pgp export
        to find id if key you want to export
      2. keybase pgp export -q KEY_ID
  4. github admin for chanzuckerberg: take public key exported above and add it in the registry
  5. releaser: set
    environment variable. Note that this is different from the previous id. Get this one from
    keybase pgp list
    . It should be like ~70 characters long.
  6. set
    environment variable with a personal access token
  7. releaser: run
    make release-prerelease
    to test that releases are working correctly
  8. releaser: run
    make release
    to release for real

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.