diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 4e53f74..60cd1d0 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -8,19 +8,19 @@ repos:
       - id: tflint
 
   - repo: https://github.com/terraform-docs/terraform-docs
-    rev: "v0.16.0" # Get the latest from: https://github.com/terraform-docs/terraform-docs/releases
+    rev: "v0.18.0" # Get the latest from: https://github.com/terraform-docs/terraform-docs/releases
     hooks:
       - id: terraform-docs-go
         args: ["."]
 
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: "2.5.13" # Get the latest from: https://github.com/bridgecrewio/checkov/releases
+    rev: "3.2.194" # Get the latest from: https://github.com/bridgecrewio/checkov/releases
     hooks:
       - id: checkov
         args: [--skip-check, "CKV_TF_1"] # Terraform module sources do not use a git url with a commit hash revision
 
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: "v4.5.0" # Get the latest from: https://github.com/pre-commit/pre-commit-hooks/releases
+    rev: "v4.6.0" # Get the latest from: https://github.com/pre-commit/pre-commit-hooks/releases
     hooks:
       - id: check-merge-conflict
         args: ["--assume-in-merge"]
diff --git a/.terraform-docs.yml b/.terraform-docs.yml
index 5d31cc9..f6ffcef 100644
--- a/.terraform-docs.yml
+++ b/.terraform-docs.yml
@@ -6,6 +6,10 @@ sections:
   hide: []
   show: [all]
 
+recursive:
+  enabled: true
+  path: examples
+
 content: |-
   {{ .Header }}
 
diff --git a/README.md b/README.md
index 846fb07..4ffbfe4 100644
--- a/README.md
+++ b/README.md
@@ -88,6 +88,8 @@ module "snowflake_database_role" {
 | <a name="input_enabled"></a> [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no |
 | <a name="input_granted_database_roles"></a> [granted\_database\_roles](#input\_granted\_database\_roles) | Database Roles granted to this role | `list(string)` | `[]` | no |
+| <a name="input_granted_to_database_roles"></a> [granted\_to\_database\_roles](#input\_granted\_to\_database\_roles) | Fully qualified Parent Database Role name (`DB_NAME.ROLE_NAME`), to create parent-child relationship | `list(string)` | `[]` | no |
+| <a name="input_granted_to_roles"></a> [granted\_to\_roles](#input\_granted\_to\_roles) | List of Snowflake Account Roles to grant this role to | `list(string)` | `[]` | no |
 | <a name="input_id_length_limit"></a> [id\_length\_limit](#input\_id\_length\_limit) | Limit `id` to this many characters (minimum 6).<br>Set to `0` for unlimited length.<br>Set to `null` for keep the existing setting, which defaults to `0`.<br>Does not affect `id_full`. | `number` | `null` | no |
 | <a name="input_label_key_case"></a> [label\_key\_case](#input\_label\_key\_case) | Controls the letter case of the `tags` keys (label names) for tags generated by this module.<br>Does not affect keys of tags passed in via the `tags` input.<br>Possible values: `lower`, `title`, `upper`.<br>Default value: `title`. | `string` | `null` | no |
 | <a name="input_label_order"></a> [label\_order](#input\_label\_order) | The order in which the labels (ID elements) appear in the `id`.<br>Defaults to ["namespace", "environment", "stage", "name", "attributes"].<br>You can omit any of the 6 labels ("tenant" is the 6th), but at least one must be present. | `list(string)` | `null` | no |
@@ -95,7 +97,7 @@ module "snowflake_database_role" {
 | <a name="input_labels_as_tags"></a> [labels\_as\_tags](#input\_labels\_as\_tags) | Set of labels (ID elements) to include as tags in the `tags` output.<br>Default is to include all labels.<br>Tags with empty values will not be included in the `tags` output.<br>Set to `[]` to suppress all generated tags.<br>**Notes:**<br>  The value of the `name` tag, if included, will be the `id`, not the `name`.<br>  Unlike other `null-label` inputs, the initial setting of `labels_as_tags` cannot be<br>  changed in later chained modules. Attempts to change it will be silently ignored. | `set(string)` | <pre>[<br>  "default"<br>]</pre> | no |
 | <a name="input_name"></a> [name](#input\_name) | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'.<br>This is the only ID element not also included as a `tag`.<br>The "name" tag is set to the full `id` string. There is no tag with the value of the `name` input. | `string` | `null` | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no |
-| <a name="input_parent_database_role"></a> [parent\_database\_role](#input\_parent\_database\_role) | Fully qualified Parent Database Role name (`DB_NAME.ROLE_NAME`), to create parent-child relationship | `string` | `null` | no |
+| <a name="input_parent_database_role"></a> [parent\_database\_role](#input\_parent\_database\_role) | DEPRECATED variable - please use `granted_to_database_roles` instead | `string` | `null` | no |
 | <a name="input_regex_replace_chars"></a> [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.<br>Characters matching the regex will be removed from the ID elements.<br>If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
 | <a name="input_schema_grants"></a> [schema\_grants](#input\_schema\_grants) | Grants on a schema level | <pre>list(object({<br>    all_privileges             = optional(bool)<br>    with_grant_option          = optional(bool, false)<br>    privileges                 = optional(list(string), null)<br>    all_schemas_in_database    = optional(bool, false)<br>    future_schemas_in_database = optional(bool, false)<br>    schema_name                = optional(string, null)<br>  }))</pre> | `[]` | no |
 | <a name="input_schema_objects_grants"></a> [schema\_objects\_grants](#input\_schema\_objects\_grants) | Grants on a schema object level<br><br>  Example usage:<br><br>  schema\_objects\_grants = {<br>    "TABLE" = [<br>      {<br>        privileges  = ["SELECT"]<br>        object\_name = snowflake\_table.table\_1.name<br>        schema\_name = snowflake\_schema.this.name<br>      },<br>      {<br>        all\_privileges = true<br>        object\_name    = snowflake\_table.table\_2.name<br>        schema\_name    = snowflake\_schema.this.name<br>      }<br>    ]<br>    "ALERT" = [<br>      {<br>        all\_privileges = true<br>        on\_future      = true<br>        on\_all         = true<br>      }<br>    ]<br>  }<br><br>  Note: If you don't provide a schema\_name, the grants will be created for all objects of that type in the database.<br>        You can find a list of all object types [here](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_privileges_to_database_role#object_type) | <pre>map(list(object({<br>    all_privileges    = optional(bool)<br>    with_grant_option = optional(bool)<br>    privileges        = optional(list(string))<br>    object_name       = optional(string)<br>    on_all            = optional(bool, false)<br>    schema_name       = optional(string)<br>    on_future         = optional(bool, false)<br>  })))</pre> | `{}` | no |
@@ -121,14 +123,14 @@ module "snowflake_database_role" {
 
 | Name | Version |
 |------|---------|
-| <a name="provider_snowflake"></a> [snowflake](#provider\_snowflake) | >= 0.87 |
+| <a name="provider_snowflake"></a> [snowflake](#provider\_snowflake) | >= 0.90 |
 
 ## Requirements
 
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_snowflake"></a> [snowflake](#requirement\_snowflake) | >= 0.87 |
+| <a name="requirement_snowflake"></a> [snowflake](#requirement\_snowflake) | >= 0.90 |
 
 ## Resources
 
@@ -136,6 +138,8 @@ module "snowflake_database_role" {
 |------|------|
 | [snowflake_database_role.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/database_role) | resource |
 | [snowflake_grant_database_role.granted_database_roles](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_database_role) | resource |
+| [snowflake_grant_database_role.granted_to_database_roles](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_database_role) | resource |
+| [snowflake_grant_database_role.granted_to_role](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_database_role) | resource |
 | [snowflake_grant_database_role.parent_database_role](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_database_role) | resource |
 | [snowflake_grant_privileges_to_database_role.database_grants](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_privileges_to_database_role) | resource |
 | [snowflake_grant_privileges_to_database_role.schema_grants](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/grant_privileges_to_database_role) | resource |
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 545aeb0..f84f3a5 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -166,24 +166,26 @@ terraform apply tfplan
 
 | Name | Version |
 |------|---------|
-| <a name="provider_snowflake"></a> [snowflake](#provider\_snowflake) | 0.87.2 |
+| <a name="provider_snowflake"></a> [snowflake](#provider\_snowflake) | >=0.90 |
 
 ## Requirements
 
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_snowflake"></a> [snowflake](#requirement\_snowflake) | 0.87.2 |
+| <a name="requirement_snowflake"></a> [snowflake](#requirement\_snowflake) | >=0.90 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [snowflake_database.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/database) | resource |
-| [snowflake_database_role.db_role_1](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/database_role) | resource |
-| [snowflake_database_role.db_role_2](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/database_role) | resource |
-| [snowflake_database_role.db_role_3](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/database_role) | resource |
-| [snowflake_schema.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/schema) | resource |
-| [snowflake_table.table_1](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/table) | resource |
-| [snowflake_table.table_2](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/table) | resource |
+| [snowflake_database.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/database) | resource |
+| [snowflake_database_role.db_role_1](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/database_role) | resource |
+| [snowflake_database_role.db_role_2](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/database_role) | resource |
+| [snowflake_database_role.db_role_3](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/database_role) | resource |
+| [snowflake_role.role_1](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/role) | resource |
+| [snowflake_role.role_2](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/role) | resource |
+| [snowflake_schema.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/schema) | resource |
+| [snowflake_table.table_1](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/table) | resource |
+| [snowflake_table.table_2](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/table) | resource |
 <!-- END_TF_DOCS -->
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 06f5e97..2c58387 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -41,6 +41,13 @@ resource "snowflake_table" "table_2" {
   }
 }
 
+resource "snowflake_role" "role_1" {
+  name = "ROLE_1"
+}
+
+resource "snowflake_role" "role_2" {
+  name = "ROLE_2"
+}
 resource "snowflake_database_role" "db_role_1" {
   database = snowflake_database.this.name
   name     = "DB_ROLE_1"
@@ -63,11 +70,18 @@ module "snowflake_database_role" {
   database_name = snowflake_database.this.name
   name          = "TEST_DB_ROLE"
 
+  granted_to_roles = [
+    snowflake_role.role_1.name,
+    snowflake_role.role_2.name
+  ]
+
+  granted_to_database_roles = [
+    "${snowflake_database.this.name}.${snowflake_database_role.db_role_1.name}"
+  ]
 
-  parent_database_role = snowflake_database_role.db_role_1.name
   granted_database_roles = [
-    snowflake_database_role.db_role_2.name,
-    snowflake_database_role.db_role_3.name
+    "${snowflake_database.this.name}.${snowflake_database_role.db_role_2.name}",
+    "${snowflake_database.this.name}.${snowflake_database_role.db_role_3.name}"
   ]
 
   database_grants = {
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index d0efb7a..59ae521 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     snowflake = {
       source  = "Snowflake-Labs/snowflake"
-      version = "0.87.2"
+      version = ">=0.90"
     }
   }
 
diff --git a/examples/simple/README.md b/examples/simple/README.md
index c2a583d..c4735c3 100644
--- a/examples/simple/README.md
+++ b/examples/simple/README.md
@@ -70,19 +70,19 @@ No inputs.
 
 | Name | Version |
 |------|---------|
-| <a name="provider_snowflake"></a> [snowflake](#provider\_snowflake) | 0.87.2 |
+| <a name="provider_snowflake"></a> [snowflake](#provider\_snowflake) | >= 0.90 |
 
 ## Requirements
 
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_snowflake"></a> [snowflake](#requirement\_snowflake) | 0.87.2 |
+| <a name="requirement_snowflake"></a> [snowflake](#requirement\_snowflake) | >= 0.90 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [snowflake_database.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/database) | resource |
-| [snowflake_schema.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.87.2/docs/resources/schema) | resource |
+| [snowflake_database.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/database) | resource |
+| [snowflake_schema.this](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/resources/schema) | resource |
 <!-- END_TF_DOCS -->
diff --git a/examples/simple/versions.tf b/examples/simple/versions.tf
index d0efb7a..e9e6249 100644
--- a/examples/simple/versions.tf
+++ b/examples/simple/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     snowflake = {
       source  = "Snowflake-Labs/snowflake"
-      version = "0.87.2"
+      version = ">= 0.90"
     }
   }
 
diff --git a/main.tf b/main.tf
index 78a9ea2..04b17ce 100644
--- a/main.tf
+++ b/main.tf
@@ -16,17 +16,31 @@ resource "snowflake_database_role" "this" {
   comment  = var.comment
 }
 
+resource "snowflake_grant_database_role" "granted_to_role" {
+  for_each = toset(module.this.enabled ? var.granted_to_roles : [])
+
+  database_role_name = local.database_role_name
+  parent_role_name   = each.value
+}
+
 resource "snowflake_grant_database_role" "parent_database_role" {
   count = module.this.enabled && var.parent_database_role != null ? 1 : 0
 
   database_role_name        = local.database_role_name
-  parent_database_role_name = "${one(snowflake_database_role.this[*].database)}.${var.parent_database_role}"
+  parent_database_role_name = var.parent_database_role
+}
+
+resource "snowflake_grant_database_role" "granted_to_database_roles" {
+  for_each = toset(module.this.enabled ? var.granted_to_database_roles : [])
+
+  database_role_name        = local.database_role_name
+  parent_database_role_name = each.value
 }
 
 resource "snowflake_grant_database_role" "granted_database_roles" {
   for_each = toset(module.this.enabled ? var.granted_database_roles : [])
 
-  database_role_name        = each.value != null ? "${one(snowflake_database_role.this[*].database)}.${each.value}" : null
+  database_role_name        = each.value
   parent_database_role_name = local.database_role_name
 }
 
diff --git a/variables.tf b/variables.tf
index 4b283ed..fa89cef 100644
--- a/variables.tf
+++ b/variables.tf
@@ -16,11 +16,23 @@ variable "descriptor_name" {
 }
 
 variable "parent_database_role" {
-  description = "Fully qualified Parent Database Role name (`DB_NAME.ROLE_NAME`), to create parent-child relationship"
+  description = "DEPRECATED variable - please use `granted_to_database_roles` instead"
   type        = string
   default     = null
 }
 
+variable "granted_to_roles" {
+  description = "List of Snowflake Account Roles to grant this role to"
+  type        = list(string)
+  default     = []
+}
+
+variable "granted_to_database_roles" {
+  description = "Fully qualified Parent Database Role name (`DB_NAME.ROLE_NAME`), to create parent-child relationship"
+  type        = list(string)
+  default     = []
+}
+
 variable "granted_database_roles" {
   description = "Database Roles granted to this role"
   type        = list(string)
diff --git a/versions.tf b/versions.tf
index 16ac227..b755edb 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     snowflake = {
       source  = "Snowflake-Labs/snowflake"
-      version = ">= 0.87"
+      version = ">= 0.90"
     }
   }
 }