aws_lakeformation_permissions error with CREATE_TABLE, DROP permissions

[akuzni2]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

0.13.6

Affected Resource(s)

aws_lakeformation_permissions

Terraform Configuration Files

Relevant block from configuration:

resource "aws_lakeformation_permissions" "lf_permissions" {
  principal = "<lambda-principle>"
  permissions = ["CREATE_TABLE", "DROP"]
  permissions_with_grant_option = ["CREATE_TABLE", "DROP"]

    table {
    wildcard = true
    database_name = <db-name>
    }
}

Expected Behavior

Permissions should have been restricted with the additions of CREATE_TABLE and DROP.

Actual Behavior

Error: error creating Lake Formation Permissions (input: {
  Permissions: [
    "CREATE_TABLE",
    "DROP"
  ],
  PermissionsWithGrantOption: ["CREATE_TABLE", "DROP"],
  Principal: {
    DataLakePrincipalIdentifier: "<lambda-principal-arn>"
  },
  Resource: {
    Table: {
      DatabaseName: <my-db>,
      TableWildcard: {

      }
    }
  }
}): error creating Lake Formation Permissions: InvalidInputException: Permissions modification is invalid.

Steps to Reproduce

1. terraform apply

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.