[Bug]: provider organization_name and account_name when you only have an account locator #3198
Comments
sfc-gh-jmichalak
removed
the
bug
|
Hi @jrobison-sb 👋 We'll add the link to the docs in our migration guide. I just want to confirm: are you able to use the new fields with reader and orgadmin accounts? I can't see that they have any limitations with the account name format. |
sfc-gh-jmichalak
added
the
docs
|
@sfc-gh-jmichalak thanks for taking a look.
There's already a link here (where it says "Read more in the docs").
I have not been able to do so, though I'm not entirely sure if it's user error on my part or something else. I tried it like this: My failed attempt at fixing the deprecation crashed a If this is a case of user error and I need to try some other format or something, I'm happy to try whatever... Thanks. |
|
Yup, we have a link, but I think we should be more explicit here and at least mention the other account format. I think your config is slightly incorrect. In our environments, the account name (in Format 1) does not match the account locator (in Format 2). Please make sure you use values from https://docs.snowflake.com/en/user-guide/admin-account-identifier#finding-the-organization-and-account-name-for-an-account or check them with These values should match |
|
Thanks @sfc-gh-jmichalak, that unblocked me and I'm all good now. Thanks for taking the time to set me straight on this. I'll leave this issue open in case there's a desire to use this issue to update the docs. Or if not, feel free to close this, I have no further questions. Thanks. |
|
I'm also facing an issue with this, even when using the proper org and account name as derived from above mentioned queries. Old config (working in 0.97): New config: I also tried to revert back to JWT with the new config but this did not work. The error I get, after a few minutes, is: |
|
The above error was caused by firewall whitelisting on our end, which is pretty obvious in hindsight. But if people are reading this: please realize the URL is changed, so if you had specific whitelisting based on the old URL this will have to be amended/expanded. |
|
Good pointer @maxnsdia. We will add it to the migration guide! |
|
@sfc-gh-asawicki @sfc-gh-jmichalak Can we somehow still use account |
|
Hey @waffleshop. Do you mean account locators? If so, then pls read https://docs.snowflake.com/en/user-guide/admin-account-identifier, short extract from it: |
|
@sfc-gh-asawicki Sorry. I meant |
|
Yes. This is aligned with the link (and extract) provided above. |
|
It doesn't seem to be aligned, from my point of view. I understand using locators is discouraged. However, it is not deprecated. All current Snowflake packages, modules, and tools support locators today. The go package within this provider supports it too. |
<!-- Feel free to delete comments as you fill this in --> - prove that using network policy with lowercase characters in oauth integration fails in Snowflake - update the migration guide regarding migrating provider configuration - rename `datasource` to `data source` - add missing examples and fix some examples in the docs - add notes about missing fields (they will be done in SNOW-1844996) - adjust documentation for provider configuration - improve quoting with import and resource configuration examples - some examples of replication and grants were not changed because they show a nicer setup, IMO - can discuss about this - add info about external changes not being detected for certain fields or resource types - change infobox format for some notes (`[!WARNING]` -> `!> Note`) because it isn't rendered properly in the registry - fix empty `using` in view masking policies - add links to documentation of the referenced resources - adjust enum validations to use `sdkValidation` with SDK converter function instead of `StringInSlice` - address #3247 by improving the documentation - update lists in `v1-preparations` files <!-- summary of changes --> ## Test Plan <!-- detail ways in which this PR has been tested or needs to be tested --> * [ ] acceptance tests <!-- add more below if you think they are relevant --> * [x] integration tests ## References #3198 #3251 ## TODO (next PRs): - check the migration guide once again
Terraform CLI Version
v1.9.1
Terraform Provider Version
v0.98.0
Company Name
No response
Terraform Configuration
Category
category:resource
Object type(s)
Provider connection config, no specific resource.
Expected Behavior
With the
accountattribute of the provider config now deprecated, and with account locators continuing to be supported, it should be clear how to migrate to the new configuration when the old configuration only uses an account locator and doesn't use theORGNAME-ACCOUNTNAMEconvention.Actual Behavior
With the
accountattribute of the provider config now deprecated, and with account locators continuing to be supported, it is not clear how to migrate to the new configuration when the old configuration only uses an account locator and doesn't use theORGNAME-ACCOUNTNAMEconvention.Steps to Reproduce
Try to migrate the above HCL to the new provider configuration which requires an
organization_nameand anaccount_name, but with an account that only has an account locator.For us, this happens with reader accounts (which aren't managed as properly named
snowflake_accountresources). And also with our ORGADMIN account, which, since it's only job is to manage other accounts, it never got a name itself.How much impact is this issue causing?
Low
Logs
No response
Additional Information
https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#behavior-change-deprecated-fields
#3166
Would you like to implement a fix?
The text was updated successfully, but these errors were encountered: