RESOLVE ALL permission missing in snowflake_account_grant

[insani4c]

Provider Version

0.66

Terraform Version

1.4

Describe the bug

When trying to grant RESOLVE ALL with the snowflake_account_grant resource, the following error is returned:

Error: expected privilege to be one of [MANAGE GRANTS APPLY TAG CREATE DATABASE EXECUTE TASK PURCHASE DATA EXCHANGE LISTING CREATE DATA EXCHANGE LISTING CREATE FAILOVER GROUP MONITOR EXECUTION MONITOR USAGE MONITOR SECURITY MANAGE ORGANIZATION SUPPORT CASES APPLY ROW ACCESS POLICY CREATE ACCOUNT CREATE INTEGRATION AUDIT OVERRIDE SHARE RESTRICTIONS EXECUTE MANAGED TASK IMPORT SHARE MONITOR APPLY MASKING POLICY APPLY SESSION POLICY CREATE WAREHOUSE PROVISION APPLICATION APPLY PASSWORD POLICY CREATE SHARE CREATE USER CREATE CREDENTIAL CREATE NETWORK POLICY ALL PRIVILEGES MANAGE USER SUPPORT CASES ATTACH POLICY CREATE ROLE MANAGE ACCOUNT SUPPORT CASES], got RESOLVE ALL

In the Snowflake console, the following SQL statement is however valid: grant resolve all on account to role SOME_ROLE_NAME;

RESOLVE ALL permission on a role is required for instance to see schemas (which are not owned by the role, but to which the role might have USAGE permissions)

Expected behavior

RESOLVE ALL is accepted as value for the privilege key in snowflake_account_grant

Code samples and commands

resource "snowflake_account_grant" "some_role_grant" {
  roles             = ["SOME_ROLE"]
  privilege       = "RESOLVE ALL"

  with_grant_option = false
}

[insani4c]

Created PR: https://github.com/Snowflake-Labs/terraform-provider-snowflake/pull/1861

[sfc-gh-jcieslak]

Hey 👋 Closing the issue as it's referring to the deprecated resource and we're not supporting them. Please, try to use the latest provider version with the non-deprecated resources (e.g. snowflake_grant_privileges_to_account_role). If the issue persists on the non-deprecated resource, please create a new GitHub issue. The migration guide may help during migration to the latest resources.