Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: support multiple grant_privilege_to_role resources on the same role #1953

Merged
merged 2 commits into from
Jul 17, 2023
Merged

fix: support multiple grant_privilege_to_role resources on the same role #1953

merged 2 commits into from
Jul 17, 2023

Conversation

sfc-gh-ngaberel
Copy link
Contributor

When using two grant_privileges_to_role resources for the same role, they conflict with each other and try to delete each other’s grants. This makes managing permissions difficult as grants for a single role have to be managed in a single place, no modularity is possible.

The following snippet will consistently drift:

resource "snowflake_role" "r" {
	name = "testrole"
}

resource "snowflake_grant_privileges_to_role" "g1" {
	role_name  = snowflake_role.r.name
	privileges = ["CREATE ACCOUNT", "CREATE ROLE"]
	on_account = true
}

resource "snowflake_grant_privileges_to_role" "g2" {
	role_name  = snowflake_role.r.name
	privileges = ["IMPORT SHARE", "MANAGE GRANTS"]
	on_account = true
}

Test Plan

  • new acceptance test

References

@github-actions
Copy link

Integration tests failure for 757997d23cf04f9ee1abecb0588ebb28f22e49a5

@sfc-gh-ngaberel sfc-gh-ngaberel marked this pull request as ready for review July 14, 2023 11:02
@github-actions
Copy link

Integration tests failure for 5da4e292fd47962203dd0aff4fb3854c8b7252f7

@sfc-gh-ngaberel sfc-gh-ngaberel force-pushed the snow-866793-multiple-grant_privileges_to_role branch from 5da4e29 to 4df4f62 Compare July 17, 2023 15:53
@github-actions
Copy link

Integration tests success for 4df4f62947561c8fe13a0ea99487ff760a6b88c2

@sfc-gh-ngaberel sfc-gh-ngaberel merged commit dfdd166 into main Jul 17, 2023
9 checks passed
@sfc-gh-ngaberel sfc-gh-ngaberel deleted the snow-866793-multiple-grant_privileges_to_role branch July 17, 2023 18:14
@snowflake-release-please snowflake-release-please bot mentioned this pull request Jul 17, 2023
Merged
@dmfay dmfay mentioned this pull request Jul 19, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sfc-gh-swinkler sfc-gh-swinkler sfc-gh-swinkler approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@sfc-gh-ngaberel @sfc-gh-swinkler