Issue with "snowflake_notification_integration" direction param

harukitake commented 7 months ago

Terraform CLI and Provider Versions

Terraform v1.7.2

Terraform Configuration

before


resource "snowflake_notification_integration" "this" {
  name                  = "${upper(replace(var.prefix, "-", "_"))}_NOTIFICATION_INTEGRATION"
  enabled               = true
  direction             = "OUTBOUND"
  notification_provider = "AWS_SNS"
  aws_sns_topic_arn     = var.sns_topic_arn
  aws_sns_role_arn      = "arn:aws:iam::${local.account_id}:role/${local.sns_publisher_role_name}"
}

after

resource "snowflake_notification_integration" "this" {
  name                  = "${upper(replace(var.prefix, "-", "_"))}_NOTIFICATION_INTEGRATION"
  enabled               = true
  notification_provider = "AWS_SNS"
  aws_sns_topic_arn     = var.sns_topic_arn
  aws_sns_role_arn      = "arn:aws:iam::${local.account_id}:role/${local.sns_publisher_role_name}"
}

Expected Behavior

NO changes

Actual Behavior

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
  ~ update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # module.notification_integration.aws_iam_role.sns_publisher will be updated in-place
  ~ resource "aws_iam_role" "sns_publisher" {
      ~ assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRole"
                      - Condition = {
                          - StringEquals = {
                              - "sts:ExternalId" = "EXTERNAL_ID"
                            }
                        }
                      - Effect    = "Allow"
                      - Principal = {
                          - AWS = "arn:aws:iam:aaaaaa:user/bbbbbbb"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        id                    = "notification-integration-id"
        name                  = "notification-integration-name"
        tags                  = {}
        # (9 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.notification_integration.snowflake_notification_integration.this must be replaced
-/+ resource "snowflake_notification_integration" "this" {
      ~ aws_sns_external_id        = "SNS_EXTERNAL_ID" -> (known after apply)
      ~ aws_sns_iam_user_arn       = "arn:aws:iam::aaaaaaaa:user/bbbbbbb" -> (known after apply)
      + aws_sqs_external_id        = (known after apply)
      + aws_sqs_iam_user_arn       = (known after apply)
      ~ created_on                 = "2023-05-31 09:26:07.321 +0000 UTC" -> (known after apply)
      - direction                  = "OUTBOUND" -> null # forces replacement
      + gcp_pubsub_service_account = (known after apply)
      ~ id                         = "NOTIFICATION_INTEGRATION_ID" -> (known after apply)
        name                       = "NOTIFICATION_INTEGRATION_NAME"
        # (5 unchanged attributes hidden)
    }

Plan: 1 to add, 1 to change, 1 to destroy.

Steps to Reproduce

terraform apply

How much impact is this issue causing?

Medium

Logs

No response

Additional Information

I removed a parameter that became deprecated due to a version upgrade of the Terraform provider, expecting no change in behavior. However, an unexpected diff appeared. Is this a bug? If not, please advise on how to handle it.

I read https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#snowflake_notification_integration-resource-changes

sfc-gh-asawicki commented 7 months ago

Hey @harukitake. Thanks for reaching out to us.

We marked the direction deprecated but we did not remove the forceNew or added any diff suppresion for this parameter. The reason was, that this is just a deprecation warning. We've already learned that our users do not like the warning messages. Because of that:

we will remove the forceNew and suppress the diff for that param (should land in v0.86.0 or in v0.87.0)
we will keep that in mind with future deprecations (together with possible state migrations).

What you can do now:

Leave direction without change (you will see warnings) and wait for the version with the aforementioned changes.
Apply the changes - integration should be recreated without problems.

harukitake commented 7 months ago

Thanks. I will do this and wait for update.

Leave direction without change (you will see warnings) and wait for the version with the aforementioned changes.

sfc-gh-asawicki commented 7 months ago

Hey @harukitake. We released the fox as part of 0.86.0 release. Could you please check if this solves the issue for you?

harukitake commented 7 months ago

@sfc-gh-asawicki Thanks for quick fix.

It has resolved.

No changes. Your infrastructure matches the configuration.

sfc-gh-asawicki commented 7 months ago

Great to hear that. I'm closing the issue then.

Snowflake-Labs / terraform-provider-snowflake