Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provider Configuration Inconsistencies #2139

Closed
jmusits opened this issue Oct 19, 2023 · 4 comments
Closed

Provider Configuration Inconsistencies #2139

jmusits opened this issue Oct 19, 2023 · 4 comments
Labels
bug Used to mark issues with provider's incorrect behavior

Comments

@jmusits
Copy link

jmusits commented Oct 19, 2023

Provider Version

Attempted on: 0.68.2, 0.73.0, 0.74.0

Terraform Version

1.5.6

Describe the bug

I am currently seeing some inconsistencies when using this provider.

There are two different ways that credentials are provided to the provider. The first is via ~/.snowflake/config, the second is via environment variables.

When running terraform plan while using ~/.snowflake/config I get the messaging that no changes have been detected, as expected, however when using the environment variables, terraform complains of drift (specifically a snowflake storage integration with s3), and then further on I get the following error Error: object does not exist or not authorized for a Snowflake database that is there.

The infrastructure was initially provisioned using ~/.snowflake/config to authenticate.

I need to be able to get this working with the environment variables for running terraform in CI/CD.

Expected behavior

I expect that regardless of what methodology is used to configure the provider, running terraform plan would result in the same plan.

Code samples and commands

Below are my configurations:

WORKING WITH ~/.snowflake/config

Provider block in main.tf

provider "snowflake" {
  profile = "default"
  role    = "ACCOUNTADMIN"
}

Contents of ~/.snowflake/config

[default]
account='<REDACTED>'
user='<REDACTED>'
password='<REDACTED>'
role='ACCOUNTADMIN'

NOT WORKING WITH ENVIRONMENT VARIABLES

Provider block in main.tf

provider "snowflake" {
  role = "ACCOUNTADMIN"
}

Environment variables:

SNOWFLAKE_ACCOUNT="<REDACTED>"
SNOWFLAKE_USER="<REDACTED>"
SNOWFLAKE_ROLE="ACCOUNTADMIN"
SNOWFLAKE_PASSWORD="<REDACTED>"

Additional context

Add any other context about the problem here.
@jmusits jmusits added the bug Used to mark issues with provider's incorrect behavior label Oct 19, 2023
@Shanjohn
Copy link
Contributor

We encounter the same problem after 0.74.0 provider was released

@adrian-montero-hkkd
Copy link

Same issue here, tried both ways, no luck.

@LeoTheGriff
Copy link

I have the same issue when running Terraform via a service account. My user and the service account both have ACCOUNTADMIN but it shows 2 changes when using the service account (whether set by env variables or config file).
I have reviewed permissions in detail, and I couldn't find a loose grant.
Workaround: downgrade to and enforce 0.73.0

@sfc-gh-swinkler
Copy link
Collaborator

Hello, and sorry for the issue. This has been fixed as of 0.75. Please let me know if you have any further issue with regards to provider configuration auth.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Used to mark issues with provider's incorrect behavior
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jmusits @Shanjohn @LeoTheGriff @sfc-gh-swinkler @adrian-montero-hkkd