Terraform Import Resources and Looping Over Those Resources

Question

I am new to Terraform and looking to utilize it for management of Snowflake environment using the provider of "chanzuckerberg/snowflake". I am specifically looking to leverage it for managing an RBAC model for roles within Snowflake.

The scenario is that I have about 60 databases in Snowflake which would equate to a resource for each in Terraform. We will then create 3 roles (reader, writer, all privileges) for each database. We will expand our roles from there.

The first question is, can I leverage map or object variables to define all database names and their attributes and import them using a for_each within a single resource or do I need to create a resource for each database and then import them individually?

The second question is, what would be the best approach for creating the 3 roles per database? Is there a way to iterate over all the resources of type snowflake_database and create the 3 roles? I was imagining the use of modules, variables, and resources based on the research I have done.

Any help in understanding how this can be accomplished would be super helpful. I understand the basics of Terraform but this is a bit of a complex situation for a newbie like myself to visualize enough to implement it. Thanks all!

Update: This is what my project looks like and the error I am receiving is below it.

variables.tf:

variable "databases" {
  type = list(object(
    {
      name           = string
      comment        = string
      retention_days = number
  }))
}

databases.auto.tfvars:

databases = [
  {
    name           = "TEST_DB1"
    comment        = "Testing state."
    retention_days = 90
  },
  {
    name           = "TEST_DB2"
    comment        = ""
    retention_days = 1
  }
]

main.tf:

terraform {
  required_providers {
    snowflake = {
      source  = "chanzuckerberg/snowflake"
      version = "0.25.25"
    }
  }
}

provider "snowflake" {
  username = "user"
  account  = "my_account"
  region   = "my_region"
  password = "pwd"
  role     = "some_role"
}


resource "snowflake_database" "sf_database" {
  for_each = { for idx, db in var.databases: idx => db }

  name                        = each.value.name
  comment                     = each.value.comment
  data_retention_time_in_days = each.value.retention_days
}

To Import the resource I run:

terraform import snowflake_database.sf_databases["TEST_DB1"] db_test_db1

I am left with this error:

Error: resource address "snowflake_database.sf_databases["TEST_DB1"]" does not exist in the configuration.

Before importing this resource, please create its configuration in the root module. For example:

resource "snowflake_database" "sf_databases" { # (resource arguments) }

Answer 1

You should be able to define the databases using for_each and referring to the actual resources with brackets in the import command. Something like:

terraform import snowflake_database.resource_id_using_for_each[foreachkey]

You could then create three snowflake_role and three snowflake_database_grant definitions using for_each over the same map of databases used for the database definitions.

Answer 2

had this exact same problem and in the end the solution was quite simple.

you just need to wrap your import statement within single brackets.

so instead of

terraform import snowflake_database.sf_databases["TEST_DB1"] db_test_db1

do

terraform import 'snowflake_database.sf_databases["TEST_DB1"]' db_test_db1

this took way to long to figure out!