Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: snowflake_grant_database_role doesn't grant to database roles #3309

Closed
1 task
bkimjin opened this issue Dec 19, 2024 · 4 comments
Closed
1 task

[Bug]: snowflake_grant_database_role doesn't grant to database roles #3309

bkimjin opened this issue Dec 19, 2024 · 4 comments
Assignees
@sfc-gh-jmichalak
Labels
general-usage General help/usage questions

Comments

@bkimjin
Copy link

bkimjin commented Dec 19, 2024

Terraform CLI Version

1.9.5

Terraform Provider Version

0.99.0

Company Name

No response

Terraform Configuration

resource "snowflake_database_role" "database_role" {
  database = var.database
  name     = var.database_role_name
}

resource "snowflake_database_role" "parent_database_role" {
  database = var.database
  name     = var.parent_database_role_name
}

resource "snowflake_grant_database_role" "g" {
  database_role_name        = "\"${var.database}\".\"${snowflake_database_role.database_role.name}\""
  parent_database_role_name = "\"${var.database}\".\"${snowflake_database_role.parent_database_role.name}\""
}

Category

category:resource

Object type(s)

resource:grant_database_role

Expected Behavior

Create a Snowflake query that follows this format:
GRANT DATABASE ROLE "DATABASE_NAME"."CHILD_DATABASE_ROLE" TO DATABASE ROLE "DATABASE_NAME"."PARENT_DATABASE_ROLE";

Actual Behavior

GRANT DATABASE ROLE "DATABASE_NAME"."CHILD_DATABASE_ROLE" TO ROLE "DATABASE_NAME.PARENT_DATABASE_ROLE";

Steps to Reproduce

  1. copy the configuration
  2. run terraform apply

How much impact is this issue causing?

Medium

Logs

No response

Additional Information

Current workaround is to use snowflake_unsafe_executes

Would you like to implement a fix?

  • Yeah, I'll take it 😎
@bkimjin bkimjin added the bug Used to mark issues with provider's incorrect behavior label Dec 19, 2024
@sfc-gh-jmichalak
Copy link
Collaborator

Hi @bkimjin 👋

I can't reproduce this issue. Please provide logs with TF_LOG=DEBUG.

Also, fully_qualified_name field is now recommended, like this:

resource "snowflake_grant_database_role" "g" {
  database_role_name        = snowflake_database_role.database_role.fully_qualified_name
  parent_database_role_name = snowflake_database_role.parent_database_role.fully_qualified_name
}

We'll update the docs.

@sfc-gh-jmichalak sfc-gh-jmichalak self-assigned this Dec 20, 2024
@sfc-gh-jmichalak sfc-gh-jmichalak added general-usage General help/usage questions and removed bug Used to mark issues with provider's incorrect behavior labels Dec 20, 2024
@bkimjin
Copy link
Author

bkimjin commented Dec 20, 2024

It looks like this was a user error. I mistakenly used parent_role_name instead of parent_database_role_name.

@sfc-gh-asawicki
Copy link
Collaborator

Great to hear that @bkimjin. Is there anything left to solve in this issue or can we close it? :)

@bkimjin
Copy link
Author

bkimjin commented Dec 23, 2024

I'll go ahead and close, thanks!

@bkimjin bkimjin closed this as completed Dec 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sfc-gh-jmichalak sfc-gh-jmichalak

Labels
general-usage General help/usage questions
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bkimjin @sfc-gh-asawicki @sfc-gh-jmichalak