Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Fix grant import docs #3183

Merged
merged 7 commits into from
Nov 8, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions docs/data-sources/grants.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ description: |-

---

!> **V1 release candidate** This datasource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release. To migrate from older grant resources please follow the [migration guide](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#migration-from-old-grant-resources-to-new-ones).

# snowflake_grants (Data Source)


Expand Down
4 changes: 3 additions & 1 deletion docs/resources/grant_account_role.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ description: |-

---

!> **V1 release candidate** This resource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release. To migrate from older grant resources please follow the [migration guide](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#migration-from-old-grant-resources-to-new-ones).

# snowflake_grant_account_role (Resource)


Expand Down Expand Up @@ -73,5 +75,5 @@ Import is supported using the following syntax:

```shell
# format is role_name (string) | grantee_object_type (ROLE|USER) | grantee_name (string)
terraform import "\"test_role\"|ROLE|\"test_parent_role\""
terraform import snowflake_grant_account_role.example '"test_role"|ROLE|"test_parent_role"'
```
4 changes: 3 additions & 1 deletion docs/resources/grant_application_role.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ description: |-

---

!> **V1 release candidate** This resource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release. To migrate from older grant resources please follow the [migration guide](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#migration-from-old-grant-resources-to-new-ones).

# snowflake_grant_application_role (Resource)


Expand Down Expand Up @@ -65,5 +67,5 @@ Import is supported using the following syntax:

```shell
# format is application_role_name (string) | object_type (ACCOUNT_ROLE|APPLICATION) | grantee_name (string)
terraform import "\"my_application\".\"app_role_1\"|ACCOUNT_ROLE|\"my_role\""
terraform import snowflake_grant_application_role.example '"my_application"."app_role_1"|ACCOUNT_ROLE|"my_role"'
```
4 changes: 3 additions & 1 deletion docs/resources/grant_database_role.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ description: |-

---

!> **V1 release candidate** This resource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release. To migrate from older grant resources please follow the [migration guide](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#migration-from-old-grant-resources-to-new-ones).

# snowflake_grant_database_role (Resource)


Expand Down Expand Up @@ -85,5 +87,5 @@ Import is supported using the following syntax:

```shell
# format is database_role_name (string) | object_type (ROLE|DATABASE ROLE|SHARE) | grantee_name (string)
terraform import "\"ABC\".\"test_db_role\"|ROLE|\"test_parent_role\""
terraform import snowflake_grant_database_role.example '"ABC"."test_db_role"|ROLE|"test_parent_role"'
```
28 changes: 15 additions & 13 deletions docs/resources/grant_ownership.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ description: |-

---

!> **V1 release candidate** This resource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release. To migrate from older grant resources please follow the [migration guide](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#migration-from-old-grant-resources-to-new-ones).

~> **Note** For more details about granting ownership, please visit [`GRANT OWNERSHIP` Snowflake documentation page](https://docs.snowflake.com/en/sql-reference/sql/grant-ownership).

!> **Warning** Grant ownership resource still has some limitations. Delete operation is not implemented for on_future grants (you have to remove the config and then revoke ownership grant on future X manually).
Expand Down Expand Up @@ -299,7 +301,7 @@ Optional:

Import is supported using the following syntax:

`terraform import "<role_type>|<role_identifier>|<outbound_privileges_behavior>|<grant_type>|<grant_data>"`
`terraform import snowflake_grant_ownership.example '<role_type>|<role_identifier>|<outbound_privileges_behavior>|<grant_type>|<grant_data>'`

where:
- role_type - string - type of granted role (either ToAccountRole or ToDatabaseRole)
Expand All @@ -311,43 +313,43 @@ where:
It has varying number of parts, depending on grant_type. All the possible types are:

### OnObject
`terraform import "<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnObject|<object_type>|<object_name>"`
`terraform import snowflake_grant_ownership.example '<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnObject|<object_type>|<object_name>'`

### OnAll (contains inner types: InDatabase | InSchema)

#### InDatabase
`terraform import "<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnAll|<object_type_plural>|InDatabase|<database_name>"`
`terraform import snowflake_grant_ownership.example '<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnAll|<object_type_plural>|InDatabase|<database_name>'`

#### InSchema
`terraform import "<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnAll|<object_type_plural>|InSchema|<schema_name>"`
`terraform import snowflake_grant_ownership.example '<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnAll|<object_type_plural>|InSchema|<schema_name>'`

### OnFuture (contains inner types: InDatabase | InSchema)

#### InDatabase
`terraform import "<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnFuture|<object_type_plural>|InDatabase|<database_name>"`
`terraform import snowflake_grant_ownership.example '<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnFuture|<object_type_plural>|InDatabase|<database_name>'`

#### InSchema
`terraform import "<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnFuture|<object_type_plural>|InSchema|<schema_name>"`
`terraform import snowflake_grant_ownership.example '<role_type>|<role_identifier>|<outbound_privileges_behavior>|OnFuture|<object_type_plural>|InSchema|<schema_name>'`

### Import examples

#### OnObject on Schema ToAccountRole
`terraform import "ToAccountRole|\"account_role\"|COPY|OnObject|SCHEMA|\"database_name\".\"schema_name\""`
`terraform import snowflake_grant_ownership.example 'ToAccountRole|"account_role"|COPY|OnObject|SCHEMA|"database_name"."schema_name"'`

#### OnObject on Schema ToDatabaseRole
`terraform import "ToDatabaseRole|\"database_name\".\"database_role_name\"|COPY|OnObject|SCHEMA|\"database_name\".\"schema_name\""`
`terraform import snowflake_grant_ownership.example 'ToDatabaseRole|"database_name"."database_role_name"|COPY|OnObject|SCHEMA|"database_name"."schema_name"'`

#### OnObject on Table
`terraform import "ToAccountRole|\"account_role\"|COPY|OnObject|TABLE|\"database_name\".\"schema_name\".\"table_name\""`
`terraform import snowflake_grant_ownership.example 'ToAccountRole|"account_role"|COPY|OnObject|TABLE|"database_name"."schema_name"."table_name"'`

#### OnAll InDatabase
`terraform import "ToAccountRole|\"account_role\"|REVOKE|OnAll|TABLES|InDatabase|\"database_name\""`
`terraform import snowflake_grant_ownership.example 'ToAccountRole|"account_role"|REVOKE|OnAll|TABLES|InDatabase|"database_name"'`

#### OnAll InSchema
`terraform import "ToAccountRole|\"account_role\"||OnAll|TABLES|InSchema|\"database_name\".\"schema_name\""`
`terraform import snowflake_grant_ownership.example 'ToAccountRole|"account_role"||OnAll|TABLES|InSchema|"database_name"."schema_name"'`

#### OnFuture InDatabase
`terraform import "ToAccountRole|\"account_role\"||OnFuture|TABLES|InDatabase|\"database_name\""`
`terraform import snowflake_grant_ownership.example 'ToAccountRole|"account_role"||OnFuture|TABLES|InDatabase|"database_name"'`

#### OnFuture InSchema
`terraform import "ToAccountRole|\"account_role\"|COPY|OnFuture|TABLES|InSchema|\"database_name\".\"schema_name\""`
`terraform import snowflake_grant_ownership.example 'ToAccountRole|"account_role"|COPY|OnFuture|TABLES|InSchema|"database_name"."schema_name"'`
32 changes: 17 additions & 15 deletions docs/resources/grant_privileges_to_account_role.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ description: |-

---

!> **V1 release candidate** This resource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release. To migrate from older grant resources please follow the [migration guide](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#migration-from-old-grant-resources-to-new-ones).


!> **Warning** Be careful when using `always_apply` field. It will always produce a plan (even when no changes were made) and can be harmful in some setups. For more details why we decided to introduce it to go our document explaining those design decisions (coming soon).

Expand Down Expand Up @@ -344,7 +346,7 @@ Optional:

Import is supported using the following syntax:

`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|<grant_type>|<grant_data>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|<grant_type>|<grant_data>'`

where:
- account_role_name - fully qualified identifier
Expand All @@ -357,62 +359,62 @@ where:
It has varying number of parts, depending on grant_type. All the possible types are:

### OnAccount
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnAccount`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnAccount'`

### OnAccountObject
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnAccountObject|<object_type>|<object_name>`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnAccountObject|<object_type>|<object_name>'`

### OnSchema

On schema contains inner types for all options.

#### OnSchema
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchema|OnSchema|<schema_name>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchema|OnSchema|<schema_name>'`

#### OnAllSchemasInDatabase
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchema|OnAllSchemasInDatabase|<database_name>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchema|OnAllSchemasInDatabase|<database_name>'`

#### OnFutureSchemasInDatabase
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchema|OnFutureSchemasInDatabase|<database_name>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchema|OnFutureSchemasInDatabase|<database_name>'`

### OnSchemaObject

On schema object contains inner types for all options.

#### OnObject
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnObject|<object_type>|<object_name>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnObject|<object_type>|<object_name>'`

#### OnAll

On all contains inner types for all options.

##### InDatabase
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnAll|<object_type_plural>|InDatabase|<identifier>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnAll|<object_type_plural>|InDatabase|<identifier>'`

##### InSchema
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnAll|<object_type_plural>|InSchema|<identifier>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnAll|<object_type_plural>|InSchema|<identifier>'`

#### OnFuture

On future contains inner types for all options.

##### InDatabase
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnFuture|<object_type_plural>|InDatabase|<identifier>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnFuture|<object_type_plural>|InDatabase|<identifier>'`

##### InSchema
`terraform import "<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnFuture|<object_type_plural>|InSchema|<identifier>"`
`terraform import snowflake_grant_privileges_to_account_role.example '<account_role_name>|<with_grant_option>|<always_apply>|<privileges>|OnSchemaObject|OnFuture|<object_type_plural>|InSchema|<identifier>'`

### Import examples

#### Grant all privileges OnAccountObject (Database)
`terraform import "\"test_db_role\"|false|false|ALL|OnAccountObject|DATABASE|\"test_db\""`
`terraform import snowflake_grant_privileges_to_account_role.example '"test_db_role"|false|false|ALL|OnAccountObject|DATABASE|"test_db"'`

#### Grant list of privileges OnAllSchemasInDatabase
`terraform import "\"test_db_role\"|false|false|CREATE TAG,CREATE TABLE|OnSchema|OnAllSchemasInDatabase|\"test_db\""`
`terraform import snowflake_grant_privileges_to_account_role.example '"test_db_role"|false|false|CREATE TAG,CREATE TABLE|OnSchema|OnAllSchemasInDatabase|"test_db"'`

#### Grant list of privileges on table
`terraform import "\"test_db_role\"|false|false|SELECT,DELETE,INSERT|OnSchemaObject|OnObject|TABLE|\"test_db\".\"test_schema\".\"test_table\""`
`terraform import snowflake_grant_privileges_to_account_role.example '"test_db_role"|false|false|SELECT,DELETE,INSERT|OnSchemaObject|OnObject|TABLE|"test_db"."test_schema"."test_table"'`

#### Grant list of privileges OnAll tables in schema
`terraform import "\"test_db_role\"|false|false|SELECT,DELETE,INSERT|OnSchemaObject|OnAll|TABLES|InSchema|\"test_db\".\"test_schema\""`
`terraform import snowflake_grant_privileges_to_account_role.example '"test_db_role"|false|false|SELECT,DELETE,INSERT|OnSchemaObject|OnAll|TABLES|InSchema|"test_db"."test_schema"'`

Loading
Loading