changes after review

pkg/datasources/roles.go

@@ -1,13 +1,94 @@
 package datasources
 
 import (
+	"context"
+	"database/sql"
+	"fmt"
+	"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
+var accountRolesSchema = map[string]*schema.Schema{
+	"pattern": {
+		Type:        schema.TypeString,
+		Optional:    true,
+		Description: "Filters the command output by object name.",
+	},
+	"roles": {
+		Type:        schema.TypeList,
+		Computed:    true,
+		Description: "List of all the roles which you can view across your entire account, including the system-defined roles and any custom roles that exist.",
+		Elem: &schema.Resource{
+			Schema: map[string]*schema.Schema{
+				"name": {
+					Type:        schema.TypeString,
+					Computed:    true,
+					Description: "Identifier for the role.",
+				},
+				"comment": {
+					Type:        schema.TypeString,
+					Computed:    true,
+					Description: "The comment on the role",
+				},
+				"owner": {
+					Type:        schema.TypeString,
+					Computed:    true,
+					Description: "The owner of the role",
+				},
+			},
+		},
+	},
+}
+
 func Roles() *schema.Resource {
 	return &schema.Resource{
 		ReadContext:        ReadAccountRoles,
 		Schema:             accountRolesSchema,
 		DeprecationMessage: "This resource is deprecated and will be removed in a future major version release. Please use snowflake_account_roles instead.",
 	}
 }
+
+func ReadAccountRoles(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics {
+	db := meta.(*sql.DB)
+	client := sdk.NewClientFromDB(db)
+
+	req := sdk.NewShowRoleRequest()
+	if pattern, ok := d.GetOk("pattern"); ok {
+		req.WithLike(sdk.NewLikeRequest(pattern.(string)))
+	}
+
+	roles, err := client.Roles.Show(ctx, req)
+	if err != nil {
+		return diag.Diagnostics{
+			diag.Diagnostic{
+				Severity: diag.Error,
+				Summary:  "Failed to show account roles",
+				Detail:   fmt.Sprintf("Search pattern: %v, err: %s", d.Get("pattern").(string), err),
+			},
+		}
+	}
+
+	mappedRoles := make([]map[string]any, len(roles))
+	for i, role := range roles {
+		mappedRoles[i] = map[string]any{
+			"name":    role.Name,
+			"comment": role.Comment,
+			"owner":   role.Owner,
+		}
+	}
+
+	if err := d.Set("roles", mappedRoles); err != nil {
+		return diag.Diagnostics{
+			diag.Diagnostic{
+				Severity: diag.Error,
+				Summary:  "Failed to set roles",
+				Detail:   fmt.Sprintf("Search pattern: %v, err: %s", d.Get("pattern").(string), err),
+			},
+		}
+	}
+
+	d.SetId("roles_read")
+
+	return nil
+}

pkg/datasources/roles_acceptance_test.go

@@ -2,6 +2,11 @@ package datasources_test
 
 import (
 	"fmt"
+	acc "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/acceptance"
+	"github.com/hashicorp/terraform-plugin-testing/config"
+	"github.com/hashicorp/terraform-plugin-testing/terraform"
+	"github.com/hashicorp/terraform-plugin-testing/tfversion"
+	"strconv"
 	"strings"
 	"testing"
 
@@ -43,6 +48,80 @@ func TestAcc_Roles(t *testing.T) {
 	})
 }
 
+func TestAcc_AccountRoles_basic(t *testing.T) {
+	accountRoleNamePrefix := "account_roles_test_prefix_"
+	accountRoleName1 := accountRoleNamePrefix + strings.ToUpper(acctest.RandStringFromCharSet(10, acctest.CharSetAlpha))
+	accountRoleName2 := accountRoleNamePrefix + strings.ToUpper(acctest.RandStringFromCharSet(10, acctest.CharSetAlpha))
+	accountRoleName3 := strings.ToUpper(acctest.RandStringFromCharSet(10, acctest.CharSetAlpha))
+	comment := strings.ToUpper(acctest.RandStringFromCharSet(10, acctest.CharSetAlpha))
+
+	configVariables := config.Variables{
+		"account_role_name_1": config.StringVariable(accountRoleName1),
+		"account_role_name_2": config.StringVariable(accountRoleName2),
+		"account_role_name_3": config.StringVariable(accountRoleName3),
+		"pattern":             config.StringVariable(accountRoleNamePrefix + "%"),
+		"comment":             config.StringVariable(comment),
+	}
+
+	resource.Test(t, resource.TestCase{
+		ProtoV6ProviderFactories: acc.TestAccProtoV6ProviderFactories,
+		PreCheck:                 func() { acc.TestAccPreCheck(t) },
+		TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+			tfversion.RequireAbove(tfversion.Version1_5_0),
+		},
+		Steps: []resource.TestStep{
+			{
+				ConfigDirectory: config.TestNameDirectory(),
+				ConfigVariables: configVariables,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.snowflake_account_roles.test", "roles.#", "2"),
+					containsAccountRole(accountRoleName1, comment),
+					containsAccountRole(accountRoleName2, comment),
+					doesntContainAccountRole(accountRoleName3, comment),
+				),
+			},
+		},
+	})
+}
+
+func doesntContainAccountRole(name string, comment string) func(s *terraform.State) error {
+	return func(state *terraform.State) error {
+		err := containsAccountRole(name, comment)(state)
+		if err.Error() == fmt.Sprintf("role %s not found", name) {
+			return nil
+		}
+		return fmt.Errorf("expected %s not to be present", name)
+	}
+}
+
+func containsAccountRole(name string, comment string) func(s *terraform.State) error {
+	return func(s *terraform.State) error {
+		for _, rs := range s.RootModule().Resources {
+			if rs.Type != "snowflake_account_roles" {
+				continue
+			}
+
+			iter, err := strconv.ParseInt(rs.Primary.Attributes["roles.#"], 10, 32)
+			if err != nil {
+				return err
+			}
+
+			for i := 0; i < int(iter); i++ {
+				if rs.Primary.Attributes[fmt.Sprintf("roles.%d.name", i)] == name {
+					actualComment := rs.Primary.Attributes[fmt.Sprintf("roles.%d.comment", i)]
+					if actualComment != comment {
+						return fmt.Errorf("expected comment: %s, but got: %s", comment, actualComment)
+					}
+
+					return nil
+				}
+			}
+		}
+
+		return fmt.Errorf("role %s not found", name)
+	}
+}
+
 func roles(roleName, roleName2, comment string) string {
 	return fmt.Sprintf(`
 		resource snowflake_role "test_role" {

pkg/provider/provider.go

@@ -431,7 +431,6 @@ func getResources() map[string]*schema.Resource {
 		"snowflake_account":                                 resources.Account(),
 		"snowflake_account_password_policy_attachment":      resources.AccountPasswordPolicyAttachment(),
 		"snowflake_account_parameter":                       resources.AccountParameter(),
-		"snowflake_account_role":                            resources.AccountRole(),
 		"snowflake_alert":                                   resources.Alert(),
 		"snowflake_api_integration":                         resources.APIIntegration(),
 		"snowflake_database":                                resources.Database(),
@@ -518,7 +517,6 @@ func getDataSources() map[string]*schema.Resource {
 		"snowflake_resource_monitors":                  datasources.ResourceMonitors(),
 		"snowflake_role":                               datasources.Role(),
 		"snowflake_roles":                              datasources.Roles(),
-		"snowflake_account_roles":                      datasources.AccountRoles(),
 		"snowflake_row_access_policies":                datasources.RowAccessPolicies(),
 		"snowflake_schemas":                            datasources.Schemas(),
 		"snowflake_sequences":                          datasources.Sequences(),