You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using terragrunt to do the plan so i am using terragrunt plan to get these errors. The resources are inside of the GCP's foundation terraform download i take a small part of it. I have the exact same error in a service project in the same module too.
Here is my service account policy
{
"bindings": [
{
"members": [
"user:user@email..com"
],
"role": "roles/iam.serviceAccountTokenCreator"
},
{
"members": [
"user:user@email..com"
],
"role": "roles/owner"
}
],
"etag": "asdasdasd=",
"version": 1
}
The text was updated successfully, but these errors were encountered:
The error messages indicate an authentication issue, I cannot reproduce your issue when correctly authenticated.
I suggest you review authentication guidance , make sure that the identity to which you've granted the IAM roles is the identity used by terraform. (If you're running terraform on your local machine, the simplest option is to run gcloud auth application default-login and use your own user account credentials, the application default credentials will automatically be picked up by terraform.
TL;DR
I am unable to get a successful plan due to the permission error which i have already configured in my service account.
Expected behavior
The service account and the other errors should not appear since it has required permissions
Observed behavior
Got these errors
Terraform Configuration
Additional information
I am using terragrunt to do the plan so i am using
terragrunt plan
to get these errors. The resources are inside of the GCP's foundation terraform download i take a small part of it. I have the exact same error in a service project in the same module too.Here is my service account policy
{
"bindings": [
{
"members": [
"user:user@email..com"
],
"role": "roles/iam.serviceAccountTokenCreator"
},
{
"members": [
"user:user@email..com"
],
"role": "roles/owner"
}
],
"etag": "asdasdasd=",
"version": 1
}
The text was updated successfully, but these errors were encountered: