terraform-provider-snowflake icon indicating copy to clipboard operation
terraform-provider-snowflake copied to clipboard

Published 20 hours ago verified publisher icon Snowflake-Labs

Importing snoflake_role_grants

Open mariuskempf opened this issue 2 years ago • 4 comments

The documentation on how to import a snowflake_role_grants seems not to be correct. It states the format is terraform import snowflake_role_grants.example rolename. See documentation

Using that format leads to the following error: Error: 4 to 6 fields allowed in ID

What is the correct way to import them?

mariuskempf avatar Jun 28 '22 12:06 mariuskempf

For me, the import actually runs without any errors (provider version 0.37.1) , but the role grants are not imported. For example, in Snowflake I have image so I would expect the roles AAD-APP-... and SYSADMIN to be granted the DATAENGINEER role. But in the imported state, the roles list is empty: image Or do I misunderstand something about the grants direction here?

lp-code avatar Jul 13 '22 08:07 lp-code

I have the same issue as @lp-code. There are no user/role grants imported although the import command runs without errors(provider version 0.39.0). Any solutions/suggestions?

nikoshet avatar Jul 19 '22 10:07 nikoshet

@lp-code and @nikoshet Sounds like your issue might be related to this discussion https://github.com/Snowflake-Labs/terraform-provider-snowflake/discussions/740?

frosforever avatar Jul 19 '22 16:07 frosforever

@lp-code and @nikoshet Sounds like your issue might be related to this discussion #740?

I haven't completely understood the issue, but it seems likely that it is the one I hit as you point out that

https://github.com/Snowflake-Labs/terraform-provider-snowflake/pull/520 also had the unexpected consequence that there's no way to import role grants

I haven't worked further on the role grants; it would for certainly be annoying if they could not be managed from TF.

lp-code avatar Jul 24 '22 18:07 lp-code

Hey 👋 Closing the issue as it's referring to the deprecated resource and we're not supporting them. Please, try to use the latest provider version with the non-deprecated resources (e.g. snowflake_grant_privileges_to_account_role). If the issue persists on the non-deprecated resource (or the feature is present in Snowflake, but not in the provider), please create a new GitHub issue. The migration guide may help during migration to the latest resources. Here's a list of the latest, non-deprecated, grant resources:

Resources snowflake_grant_privileges_to_database_role snowflake_grant_privileges_to_account_role snowflake_grant_account_role snowflake_grant_database_role snowflake_grant_application_role (coming soon) snowflake_grant_privileges_to_share snowflake_grant_ownership (coming soon)

Data sources snowflake_grants

sfc-gh-jcieslak avatar Apr 04 '24 16:04 sfc-gh-jcieslak