Giter VIP home page Giter VIP logo

Comments (4)

PatrickMcAfee-Eagle avatar PatrickMcAfee-Eagle commented on August 22, 2024 9

I believe I'm also seeing this exact same issue with snowflake_schema_grant and the "ownership" privilege.

-/+ resource "snowflake_schema_grant" "ownership" {
        database_name = "MY_DATABASE"
      ~ id            = "MY_DATABASE|PUBLIC||OWNERSHIP" -> (known after apply)
        privilege     = "OWNERSHIP"
      ~ roles         = [ # forces replacement
          + "MY_USER",
        ]
        schema_name   = "PUBLIC"
      - shares        = [] -> null
    }

from terraform-provider-snowflake.

davehowell avatar davehowell commented on August 22, 2024 2

I thought perhaps a workaround to this would be to write multiple privileges in the string.
Sadly, not.

For example it is valid to run this SQL:
GRANT USAGE, CREATE SCHEMA ON DATABASE "TEST_DATABASE" TO ROLE "ALL_ROLE";

I tried this out and it fails because there is validation requiring there to be only one privilege specified.

e.g.

resource "snowflake_database_grant" "all" {
  database_name = "${snowflake_database.test_database.name}"
  privilege = "USAGE, CREATE SCHEMA"
  roles = ["${snowflake_role.all_role.name}"]
}

Got this error

Error: snowflake_database_grant.all: expected privilege to be one of [ALL CREATE SCHEMA IMPORTED PRIVILEGES MODIFY MONITOR OWNERSHIP REFERENCE_USAGE USAGE], got USAGE, CREATE SCHEMA

I tried a few variations, none of these work:

privilege = "USAGE CREATE SCHEMA"
privilege = "USAGE|CREATE SCHEMA"
privilege = ["USAGE", "CREATE SCHEMA"]

Of course the list doesn't work, the property is a string.

The README says:

Across the entire Snowflake account, all of the databases to which a single grant is attached must be declared by a single snowflake_database_grant resource.

How is it possible to specify multiple databases in a single snowflake_database_grant resource? The database_name property is also a string.

from terraform-provider-snowflake.

alex-96-eng avatar alex-96-eng commented on August 22, 2024

+1

from terraform-provider-snowflake.

ryanking avatar ryanking commented on August 22, 2024

Going to close this as we are going to be removing support for ALL grants.

If still occurring after that, feel free to re-open.

from terraform-provider-snowflake.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.