Resource 'snowflake_grant_privileges_to_role' marks 'priveleges' attribute as changed regardless of any changes being made

[ToxicCypher]

Terraform CLI and Provider Versions

terraform {
  required_version = ">= 1.3.0"
  required_providers {
    snowflake = {
      source  = "Snowflake-Labs/snowflake"
      version = "0.80.0"
    }
  }
}

Terraform Configuration

//main.tf

# Resource Monitor w/ Parametrized Values
resource "snowflake_resource_monitor" "my_resource_monitor" {
  name                      = "MY_RESOURCE_MONITOR"
  credit_quota              = var.my_resource_monitor_credit_quota
  frequency                 = var.my_resource_monitor_frequency
  start_timestamp           = var.my_resource_monitor_start_timestamp
  end_timestamp             = var.my_resource_monitor_end_timestamp
  notify_triggers           = var.my_resource_monitor_notify_triggers
  suspend_trigger           = var.my_resource_monitor_suspend_trigger
  suspend_immediate_trigger = var.my_resource_monitor_suspend_immediate_trigger
  set_for_account           = var.my_resource_monitor_set_for_account
  notify_users              = var.my_resource_monitor_notify_users
  warehouses                = var.my_resource_monitor_warehouses
}

resource "snowflake_grant_privileges_to_role" "my_resource_monitor-grant" {
  depends_on = [snowflake_resource_monitor.my_resource_monitor]

  # Map(Object) of grant information where the key is the role name.
  for_each = var.my_resource_monitor_grants

  privileges = each.value.my_resource_monitor_privileges
  role_name  = each.key
  on_account_object {
    object_type = var.object_type # "RESOURCE MONITOR"
    object_name = snowflake_resource_monitor.my_resource_monitor.name
  }
  with_grant_option = each.value.my_resource_monitor_with_grant_option
}

Expected Behavior

The privileges parameter of the snowflake_grant_privileges_to_role should only be marked as changed when the list of priveleges has been altered.

Actual Behavior

The privileges parameter of the snowflake_grant_privileges_to_role is marked as changed, regardless of any changes being made to the privileges parameter.

This image depicts 82 warehouse grant changes that were not actually changed - terraform plan output. terraform apply runs fine.

Steps to Reproduce

1. terraform plan
2. terraform apply

How much impact is this issue causing?

Medium

Logs

No response

Additional Information

No response

[sfc-gh-jcieslak]

Hey @ToxicCypher at first glance I think the issue is that you have OWNERSHIP privilege in some of the resources.

Generally, this privilege is not allowed here and there should be an error message that should guide you to use dedicated resource for granting ownership. As this resource is not developed yet (but we should start the work on it soon) I can only suggest using existing resources dedicated to granting ownership snowflake_user_ownership_grant or snowflake_role_ownership_grant.

[ToxicCypher]

@sfc-gh-jcieslak thank you for getting back to me so quickly! I will adhere to the suggestion given. Thanks!