terraform-provider-snowflake icon indicating copy to clipboard operation
terraform-provider-snowflake copied to clipboard

Published 20 hours ago verified publisher icon Snowflake-Labs

Alert resource remains after execution failure

Open pei0804 opened this issue 1 year ago • 3 comments

Terraform CLI and Provider Versions

terraform cli: 1.7.3 snowflake provider: 0.86.0

Terraform Configuration

resource "snowflake_alert" "alert" {
  database  = "database_name"
  schema    = "schema_name"
  name      = "fuga"
  warehouse = "DEV_XS_WH"
  alert_schedule {
    interval = 120
  }
  condition = "select 1 as c"
  action    = "select 1 as c"
  enabled   = true
  comment   = "hoge"
}

Expected Behavior

If the resource creation process fails, the resource is automatically deleted.

Actual Behavior

When creating a Snowflake alert, I set enabled to true. At that time, the role that created the resource did not have the EXECUTE ALERT permission.

Error: 392000 (23001): Cannot execute alert, EXECUTE ALERT privilege must be granted to owner role.

Afterwards, I corrected the permissions and attempted to create the alert again, which resulted in the following error:

│ Error: 002002 (42710): SQL compilation error:
│ Object 'database_name."hoge"' already exists.
│
│   with snowflake_alert.alert,
│   on alert.tf line 1, in resource "snowflake_alert" "alert":
│    1: resource "snowflake_alert" "alert" {

This indicates that the resource had already been created. This is likely because when the EXECUTE ALERT failed due to permission issues, the alert itself was not removed and remained.

Steps to Reproduce

  1. terraform apply(don't have EXECUTE ALERT privilege)
  2. terraform apply(have EXECUTE ALERT privilege)

How much impact is this issue causing?

Medium

Logs

No response

Additional Information

No response

pei0804 avatar Feb 22 '24 02:02 pei0804

Hey @pei0804. Thanks for creating the issue.

This is an interesting case. I will add this to our considerations for the upcoming resources' redesign efforts https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/ROADMAP.md#supporting-all-snowflake-ga-features. This may not be the only resource that behave incorrectly.

sfc-gh-asawicki avatar Feb 22 '24 11:02 sfc-gh-asawicki

Hi @pei0804, this was fixed in https://github.com/Snowflake-Labs/terraform-provider-snowflake/pull/2786. Now, we save alerts in the state immediately, so after fixing permissions, terraform updates them correctly. This fix should be included in the nearest release, so after that please bump the provider version and verify this.

sfc-gh-jmichalak avatar May 13 '24 07:05 sfc-gh-jmichalak

Sound good!

pei0804 avatar May 13 '24 08:05 pei0804

Fixed. Thx.

pei0804 avatar Jun 27 '24 04:06 pei0804