💻
CLI interface

The easiest way to use SnowDDL is to create and apply YAML configs with CLI interface.
SnowDDL registers snowddl CLI entry-point using setuptools. It should be available in your terminal immediately after installation.
Quick help
usage: snowddl [-h] [-c CONFIG_PATH] [-a ACCOUNT] [-u USER] [-p PASSWORD] [-k PRIVATE_KEY] [-r ROLE] [-w WAREHOUSE] [--passphrase PASSPHRASE] [--env-prefix ENV_PREFIX]
               [--max-workers MAX_WORKERS] [--log-level LOG_LEVEL] [--show-sql] [--placeholder-path PLACEHOLDER_PATH] [--placeholder-values PLACEHOLDER_VALUES] [--exclude-object-types]
               [--include-object-types] [--apply-unsafe] [--apply-replace-table] [--apply-masking-policy] [--apply-row-access-policy] [--apply-account-params] [--apply-network-policy]
               [--apply-resource-monitor] [--refresh-user-passwords] [--refresh-future-grants] [--destroy-without-prefix]
               {plan,apply,destroy} ...
​
Object management automation tool for Snowflake
​
positional arguments:
  {plan,apply,destroy}
    plan                        Resolve objects, apply nothing, display suggested changes
    apply                       Resolve objects, apply safe changes, display suggested unsafe changes
    destroy                     Drop objects with specified --env-prefix, use it to reset dev and test environments
​
optional arguments:
  -h, --help                    show this help message and exit
  -c CONFIG_PATH                Path to config directory OR name of bundled test config (default: current directory)
  -a ACCOUNT                    Snowflake account identifier (default: SNOWFLAKE_ACCOUNT env variable)
  -u USER                       Snowflake user name (default: SNOWFLAKE_USER env variable)
  -p PASSWORD                   Snowflake user password (default: SNOWFLAKE_PASSWORD env variable)
  -k PRIVATE_KEY                Path to private key file (default: SNOWFLAKE_PRIVATE_KEY_PATH env variable)
  -r ROLE                       Snowflake active role (default: SNOWFLAKE_ROLE env variable)
  -w WAREHOUSE                  Snowflake active warehouse (default: SNOWFLAKE_WAREHOUSE env variable)
  --passphrase PASSPHRASE       Passphrase for private key file (default: SNOWFLAKE_PRIVATE_KEY_PASSPHRASE env variable)
  --env-prefix ENV_PREFIX       Env prefix added to global object names, used to separate environments (e.g. DEV, PROD)
  --max-workers MAX_WORKERS     Maximum number of workers to resolve objects in parallel
  --log-level LOG_LEVEL         Log level (possible values: DEBUG, INFO, WARNING; default: INFO)
  --show-sql                    Show executed DDL queries
  --placeholder-path            Path to config file with environment-specific placeholders
  --placeholder-values          Environment-specific placeholder values in JSON format
  --exclude-object-types        Comma-separated list of object types NOT to resolve
  --include-object-types        Comma-separated list of object types TO resolve, all other types are excluded
  --apply-unsafe                Additionally apply unsafe changes, which may cause loss of data (ALTER, DROP, etc.)
  --apply-replace-table         Additionally apply REPLACE TABLE when ALTER TABLE is not possible
  --apply-masking-policy        Additionally apply changes to MASKING POLICIES
  --apply-row-access-policy     Additionally apply changes to ROW ACCESS POLICIES
  --apply-account-params        Additionally apply changes to ACCOUNT PARAMETERS
  --apply-network-policy        Additionally apply changes to NETWORK POLICIES
  --apply-resource-monitor      Additionally apply changes to RESOURCE MONITORS
  --apply-outbound-share        Additionally apply changes to OUTBOUND SHARES
  --refresh-user-passwords      Additionally refresh passwords of users
  --refresh-future-grants       Additionally refresh missing grants for existing objects derived from future grants
  --refresh-stage-encryption    Additionally refresh stage encryption parameters for existing external stages
  --destroy-without-prefix      Allow {destroy} action without --env-prefix
Usage notes
Action argument is mandatory:
Use plan action to preview changes.
Use apply action to apply OR suggest changes, depending on other settings.
Use destroy action to drop all objects created by SnowDDL previously.
SnowDDL provides a few bundled configs for testing and demonstration purposes. You may use such config by passing its name to -c argument.
​Account identifier should be passed to -a argument without .snowflakecomputing.com.
You may use password OR private key for authentication. Private key is recommended for production environment.
Object types for --include and --exclude arguments can be found here.
Suggested & optionally executed DDL queries are outputted to STDOUT. Logs are outputted to STDERR.
Fivetran
Next - Basic usage (CLI + YAML)
YAML configs
Last modified 8mo ago