Specifies the cloud provider type for Workload Identity Federation authentication with Snowflake. This property is required when AuthScheme is set to WorkloadIdentityFederation.

Possible Values

Data Type

string

Default Value

"OIDC"

Remarks

Set this property to specify which cloud provider's identity to use for authentication.

• AWS: Uses AWS IAM credentials from the EC2 Instance Metadata Service (IMDS) to sign an STS GetCallerIdentity request as the attestation credential.
• AZURE: Uses Azure Managed Identity to obtain an access token from the Azure Instance Metadata Service (IMDS).
• GCP: Uses the GCP metadata service to obtain a Google identity token for the workload.
• OIDC: Uses a user-provided OIDC identity token. Set WorkloadIdentityToken to the token value. This is typically used in CI/CD environments such as GitHub Actions or GitLab CI.