Skip to content
This repository was archived by the owner on Jan 17, 2025. It is now read-only.
This repository was archived by the owner on Jan 17, 2025. It is now read-only.

non-unique ids in redshift_grant possible #43

Closed
#51
Closed
non-unique ids in redshift_grant possible#43
#51
Labels
bugSomething isn't working
@mtesch-um

Description

@mtesch-um
mtesch-um
opened on Dec 31, 2021

The following produces a state with two redshift_grant resources having identical id. I think makes it impossible to ever have an import for the redshift_grant resource?

Maybe it could use . or - to join the parts? (invalid name characters https://docs.aws.amazon.com/redshift/latest/dg/r_names.html)

(yeah, it's a little contrived, but imagine it were object_type = "table" instead of schema eventually someone is going to have something like that, even if it does seem like poor naming choices)

Working import for would be really helpful for the process of terraforming an existing database - to validate that the grant resource matches the existing db grants. ie terraform import redshift_grant.mygrant y.table.x

terraform {
  required_providers {
    redshift = {
      source  = "brainly/redshift"
      version = "0.5.1"
    }
  }
}

variable "redshift_host" { type = string }
variable "redshift_username" { type = string }
variable "redshift_password" {
  type      = string
  sensitive = true
}
variable "redshift_database" { type = string }

provider "redshift" {
  host            = var.redshift_host
  username        = var.redshift_username
  password        = var.redshift_password
  database        = var.redshift_database
  sslmode         = "require"
  max_connections = 0
}

resource "redshift_user" "user" {
  name      = "xuser"
}

resource "redshift_group" "y_schema" {
  name  = "y_schema"
  users = [redshift_user.user.name]
}

resource "redshift_group" "y" {
  name  = "y"
  users = [redshift_user.user.name]
}

resource "redshift_schema" "x" {
  name  = "x"
  owner = redshift_user.user.name
}

resource "redshift_schema" "schema_x" {
  name  = "schema_x"
  owner = redshift_user.user.name
}

resource "redshift_grant" "grants" {
  group       = redshift_group.y_schema.name
  schema      = redshift_schema.x.name
  object_type = "schema"
  privileges  = ["USAGE"]
  #privileges = ["SELECT", "INSERT", "UPDATE", "DELETE", "DROP", "REFERENCES"]
}

resource "redshift_grant" "grants2" {
  group       = redshift_group.y.name
  schema      = redshift_schema.schema_x.name
  object_type = "schema"
  privileges  = ["USAGE"]
  #privileges = ["SELECT", "INSERT", "UPDATE", "DELETE", "DROP", "REFERENCES"]
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions