Case-mismatch error when creating STAGE using existing STORAGE INTEGRATION

[doctoryes]

I've found an issue that's causing an error when creating a stage using a existing storage integration. Here's the scenario:

• Existing STORAGE INTEGRATION from a previous Terraform apply.
• Addition of Terraform changes which include:
  • Modification to the STORAGE INTEGRATION
  • New STAGE which uses the STORAGE INTEGRATION above
  • New grants on the existing STORAGE INTEGRATION and the new STAGE
• Successful terraform plan
• terraform apply fails due to capitalization of the STORAGE INTEGRATION name.

The successful terraform plan yielded (roughly) this plan:

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
~ update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # snowflake_integration_grant.stage_programs_integration_usage will be created
+ resource "snowflake_integration_grant" "stage_programs_integration_usage" {
      + id               = (known after apply)
      + integration_name = "stage_edx_programs_reporting_s3_storage_integration"
      + privilege        = "ALL"
      + roles            = [
          + "PROGRAMS_RW",
          + "SECURITYADMIN",
          + "SYSADMIN",
        ]
    }

  # snowflake_stage.stage_edx_programs_reporting_s3_stage will be created
+ resource "snowflake_stage" "stage_edx_programs_reporting_s3_stage" {
      + aws_external_id     = (known after apply)
      + comment             = "Provides access to STAGE-EDX programs reporting S3 bucket from Snowflake."
      + database            = "PROD"
      + id                  = (known after apply)
      + name                = "stage_edx_programs_reporting_s3_stage"
      + schema              = "programs_reporting"
      + snowflake_iam_user  = (known after apply)
      + storage_integration = "stage_edx_programs_reporting_s3_storage_integration"
      + url                 = "s3://my_s3_bucket/"
    }

  # snowflake_stage_grant.stage_programs_stage_usage will be created
+ resource "snowflake_stage_grant" "stage_programs_stage_usage" {
      + database_name = "PROD"
      + id            = (known after apply)
      + privilege     = "USAGE"
      + roles         = [
          + "PROGRAMS_RW",
          + "SECURITYADMIN",
          + "SYSADMIN",
        ]
      + schema_name   = "programs_reporting"
      + stage_name    = "stage_edx_programs_reporting_s3_stage"
    }

  # snowflake_storage_integration.stage_edx_programs_reporting_s3_storage_integration must be replaced
-/+ resource "snowflake_storage_integration" "stage_edx_programs_reporting_s3_storage_integration" {
      ~ comment                   = "Storage integration used to access ALPHA_BETA programs S3 bucket." -> "Storage integration used to access ALPHA-BETA programs S3 bucket."
      ~ created_on                = "2020-04-30T21:37:48.394Z" -> (known after apply)
        enabled                   = true
      ~ id                        = "stage_edx_programs_reporting_s3_storage_integration" -> (known after apply)
      ~ name                      = "STAGE_EDX_PROGRAMS_REPORTING_S3_STORAGE_INTEGRATION" -> "stage_edx_programs_reporting_s3_storage_integration" # forces replacement
        storage_allowed_locations = [
            "s3://my_s3_bucket",
        ]
      ~ storage_aws_external_id   = "fake_external_id" -> (known after apply)
      ~ storage_aws_iam_user_arn  = "arn:aws:iam::999999999999:user/abcdefghijklmno" -> (known after apply)
        storage_aws_role_arn      = "arn:aws:iam::888888888888:role/programs_role"
        storage_provider          = "S3"
        type                      = "EXTERNAL_STAGE"
    }

Plan: 4 to add, 2 to change, 1 to destroy.

The terraform apply did not create the STAGE and generated this error:

running "/atlantis/bin/terraform0.12.24 apply -input=false -no-color \"/atlantis/repos/edx/terraform/2517/default/plans/snowflake/default.tfplan\"" in "/atlantis/repos/edx/terraform/2517/default/plans/snowflake": exit status 1
snowflake_storage_integration.stage_edx_programs_reporting_s3_storage_integration: Destroying... [id=stage_edx_programs_reporting_s3_storage_integration]
snowflake_role_grants.prod_rw["programs_reporting"]: Modifying... [id=PROGRAMS_REPORTING_RW]
snowflake_role_grants.prod_r["programs_reporting"]: Modifying... [id=PROGRAMS_REPORTING_R]
snowflake_storage_integration.stage_edx_programs_reporting_s3_storage_integration: Destruction complete after 1s
snowflake_storage_integration.stage_edx_programs_reporting_s3_storage_integration: Creating...
snowflake_role_grants.prod_rw["programs_reporting"]: Modifications complete after 2s [id=PROGRAMS_REPORTING_RW]
snowflake_storage_integration.stage_edx_programs_reporting_s3_storage_integration: Creation complete after 1s [id=stage_edx_programs_reporting_s3_storage_integration]
snowflake_role_grants.prod_r["programs_reporting"]: Modifications complete after 3s [id=PROGRAMS_REPORTING_R]

Error: Provider produced inconsistent final plan

When expanding the plan for
snowflake_integration_grant.stage_programs_integration_usage to include new
values learned so far during apply, provider
"registry.terraform.io/-/snowflake" produced an invalid new value for
.integration_name: was
cty.StringVal("stage_edx_programs_reporting_s3_storage_integration"), but now
cty.StringVal("STAGE_EDX_PROGRAMS_REPORTING_S3_STORAGE_INTEGRATION").

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

Error: Provider produced inconsistent final plan

When expanding the plan for
snowflake_stage.stage_edx_programs_reporting_s3_stage to include new values
learned so far during apply, provider "registry.terraform.io/-/snowflake"
produced an invalid new value for .storage_integration: was
cty.StringVal("stage_edx_programs_reporting_s3_storage_integration"), but now
cty.StringVal("STAGE_EDX_PROGRAMS_REPORTING_S3_STORAGE_INTEGRATION").

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

Perhaps it's the fact that the STORAGE INTEGRATION was already created by a previous terraform apply that yielded the name's uppercase/lowercase mismatch? However, the apply shows a destroy/create of that STORAGE INTEGRATION so 🤷‍♀️ ?

[ryanking]

My guess is that we need to add some diff suppression on case differences in the name.

[sfc-gh-asawicki]

We are closing this issue as part of a cleanup described in announcement. If you believe that the issue is still valid in v0.89.0, please open a new ticket.