Comments (6)
ryanking
commented on August 22, 2024
1
@pwnage101 I think that makes sense and is a simpler api. Let's see if it works?
from terraform-provider-snowflake.
pwnage101
commented on August 22, 2024
Maybe this is a bit more complicated then I'm imagining because I also run the following:
GRANT SELECT ON ALL FUTURE TABLES IN SCHEMA <schema> TO ...But to read those grants you would actually query the schema:
SHOW FUTURE GRANTS IN SCHEMA <schema>from terraform-provider-snowflake.
pwnage101
commented on August 22, 2024
Perhaps this would require some sort of schema_future_object_grant resource with the following parameters:
| NAME | TYPE | DESCRIPTION | OPTIONAL | REQUIRED | COMPUTED | DEFAULT |
|---|---|---|---|---|---|---|
| database_name | string | The name of the database containing the schema containing the future objects on which to grant privileges. | false | true | false | |
| object_type | string | The object type of the future objects on which to grant privileges. | false | true | false | |
| privilege | string | The privilege to grant on the future objects. | false | true | false | |
| roles | set | Grants privilege to these roles. | true | false | false | |
| schema_name | string | The name of the schema containing the future objects on which to grant privileges. | false | true | false |
And a possible example:
resource "snowflake_schema_future_object_grant" "foo" {
privilege = "SELECT"
database_name = "PROD"
schema_name = "MYSCHEMA"
object_type = "TABLE"
roles = [ "MYSCHEMA_READER" ]
}
# equivalent to: GRANT SELECT ON ALL FUTURE TABLES IN SCHEMA PROD.MYSCHEMA TO ROLE MYSCHEMA_READERfrom terraform-provider-snowflake.
ryanking
commented on August 22, 2024
@pwnage101 I'm not sure that a separate resource makes sense vs adding a boolean on_future parameter to snowflake_view_grant, etc.
from terraform-provider-snowflake.
pwnage101
commented on August 22, 2024
My reservation to modifying the existing view_grant was that it has a view_name parameter which would be irrelevant to future grants, so I would have to change it from required to optional.
from terraform-provider-snowflake.
pwnage101
commented on August 22, 2024
But if that were the case, then it could look like:
resource "snowflake_view_grant" {
privilege = "SELECT"
future_views = true
database_name = "PROD"
schema_name = "MYSCHEMA"
object_type = "TABLE"
roles = [ "MYSCHEMA_READER" ]
# setting view_name is invalid when future_views = true
# setting shares is invalid when future_views = true
}Setting view_name becomes required when future_views = false, and shares becomes valid but optional.
from terraform-provider-snowflake.
Related Issues (20)
- Grant access to new tables with `snowflake_grant_privileges_to_share` HOT 2
- Index out of range error HOT 2
- Snowflake connection fails when Session ID cannot be unmarshaled HOT 8
- Replacing snowflake_grant_privileges_to_role resources still fails at apply time with validation error HOT 5
- Terraform snowflake_procedure Resource Does not Import Python Stored Procedure Statements HOT 10
- Task fail to properly pull Parent's name HOT 2
- snowflake_table_column_masking_policy_application makes snowflake v0.85.0 crash HOT 4
- [Feature]:
- [Bug]: During import of snowflake_warehouse, terraform plan output indicates, that property `query_acceleration_max_scale_factor` will be setted (updated) HOT 3
- Replacing snowflake_database_grant - granting access to a role and a share HOT 9
- [Bug]: Plugin crash on terraform destroy HOT 2
- Getting error when creating snowpipe using Terraform HOT 2
- Snowflake Parameters Getting Failed | Terraform | Error [Bug]: HOT 2
- [Bug]: Revoke/Grant statement executed out of sync in Snowflake HOT 1
- support for CREATE / ALTER GIT REPOSITORY HOT 1
- Support API INTEGRATION of type git_https_api HOT 1
- [Docs]: Provider missing in Documentation HOT 1
- [Bug]: Error: The terraform-provider-snowflake_v0.89.0 plugin crashed! HOT 1
- [Bug]: grant_ownership does not work on procedure HOT 9
- [Bug]: Snowpipe Not Being Recreated When Only Integration Changes HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-snowflake.