Skip to content

Permissions issue while trying to create VPC in GCP #6723

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
kevinchu85 opened this issue Jul 1, 2020 · 2 comments
Closed

Permissions issue while trying to create VPC in GCP #6723

kevinchu85 opened this issue Jul 1, 2020 · 2 comments

Comments

@kevinchu85
Copy link

Hello All,

New to Terraform and was trying to setup a VPC for my GCP environment and came across permissions issue, hope someone can guide me on how to resolve this issue. I had a look at the old closed issues and gave a number of access to the service account but unfortunately none of that is helping with getting the VPC created. I am getting the following error.

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:

  • create

Terraform will perform the following actions:

google_compute_network.vpc_network will be created

  • resource "google_compute_network" "vpc_network" {
    • auto_create_subnetworks = true
    • delete_default_routes_on_create = false
    • gateway_ipv4 = (known after apply)
    • id = (known after apply)
    • ipv4_range = (known after apply)
    • name = "terraform-network"
    • project = (known after apply)
    • routing_mode = (known after apply)
    • self_link = (known after apply)
      }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.

Enter a value: yes

google_compute_network.vpc_network: Creating...

Error: Error creating Network: googleapi: Error 403: Required 'compute.networks.create' permission for 'projects/kevinproject-262403/global/networks/terraform-network', forbidden

on main.tf line 13, in resource "google_compute_network" "vpc_network":
13: resource "google_compute_network" "vpc_network"{

Have the following permissions for the service account that I am using.

Compute Admin
Compute Network Admin
Kubernetes Engine Admin
Kubernetes Engine Cluster Admin
Project - Editor
@kevinchu85
Copy link
Author

I am not sure how I resolved this issue but after creating a new project and going with the same permissions it is working now
the only difference is this time I only game the service account the following permissions

Compute Admin
Compute Network Admin
Project-Editor

@ghost
Copy link

ghost commented Jul 31, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Jul 31, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kevinchu85