terraform-provider-snowflake
terraform-provider-snowflake copied to clipboard
Snowflake-Labs
snowflake_share share only can share in same region
Terraform CLI and Provider Versions
Terraform: 1.7 Provider: 0.87
Terraform Configuration
resource "snowflake_share" "SHARE_OUTBOUND" {
name = "SHARE__OUTBOUND"
comment = "We are using this to share data back"
accounts = ["xx.SANDBOX","xxx.ABI"]
}
where the accounts are in a different region, you can do that in the interface without creating manual replication, but from the terrafrom, we cannot setup a share with an account in a different region.
Expected Behavior
like the UI, we should be able to share with different regions and snowflake builds the replication behind the sene
Actual Behavior
getting this error message: Following accounts cannot be added to this share: xxx.SANDBOX, xxx.ABI.
Steps to Reproduce
terraform apply
How much impact is this issue causing?
High
Logs
No response
Additional Information
It is blocking us from moving forward and we are stuck
Hey @baabaakz. Thanks for reaching out to us.
- Our provider is following the docs for SHARE creation (i.e. https://docs.snowflake.com/en/sql-reference/sql/create-share and https://docs.snowflake.com/en/sql-reference/sql/alter-share). I don't see any usage note stating that something else has to be done to share for different regions. I do see a warning about the availability but I assume you verified that first with Snowflake Support. Can you share the set of all SQL statements you run to achieve the desired state manually without the terraform?
- Please share the logs of the invocation by running terraform with the
TF_LOG=DEBUGenabled. If there is any sensitive data (e.g. you marked org with xs) you do not want to share, please reach out to your account manager and ask them to pass the logs to our team (or myself directly).
Hey @bob-zarkoob, did you happen to take a look at the questions above?
@sfc-gh-asawicki 👋, Sorry I forgot to reply. What I am trying to do is explained here: https://other-docs.snowflake.com/en/collaboration/provider-listings-creating-publishing#:~:text=Create%20a%20free%20private%20listing%C2%B6
the part that I have issue with is the section 12 of the "Create a free private listing". I can add more details if required.
Yes, please share:
- the SQL statements that allows you to set up such a share manually
- the DEBUG logs from the provider invocation (both for the reasons explained in my previous comment)
Closing because of inactivity. Please create a new issue with the details enquired above.
Hi, I have been trying to test this out and it failed, My config:
resource "snowflake_share" "xx_snowflake_secure_share" {
comment = "an outbound share"
name = "XX_SNOWFLAKE_SECURE_SHARE_1"
accounts = ["target.account"]
}
note: target.account is in Azure while we have our snowflake in AWS, and the share currently is done with auto-fulfillment.
when I looked at the query history, I see this:
GRANT REFERENCE_USAGE ON DATABASE "TEMP_XX_SNOWFLAKE_SECURE_SHARE_1_1724695515" TO SHARE "XX_SNOWFLAKE_SECURE_SHARE_1"
Operation not allowed for share 'XXX_OUTBOUND_SNOWFLAKE_SECURE_SHARE_1', which is attached to auto-fulfillment enabled listing.
Hey @bob-zarkoob.
The error you mention now is related to the old code (https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/c1b53f3c6472467e675cd137671c48f27432646c/pkg/resources/share.go#L96), which will soon be reworked as part of https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/v1-preparations/REMAINING_GA_OBJECTS.MD.
As the current alternative, you can use https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/unsafe_execute.