Unable to create dns zone

888 views
Skip to first unread message

mumblez

unread,
Apr 12, 2017, 6:00:58 AM4/12/17
to Terraform
Terraform version 0.9.2

cloud api and cloud dns api enabled
service account used by terraform is owner of the project

error:

* google_dns_managed_zone.default: Error creating DNS ManagedZone: googleapi: Error 403: Access Not Configured. Google Cloud DNS API has not been used
 in project **redacted** before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/dns/overview?project=**redacted** then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry., accessNotConfigured

Am I missing some other api?



mumblez

unread,
Apr 12, 2017, 6:02:38 AM4/12/17
to Terraform
I should add, api's were enabled 24 hours already!

Andrew Langhorn

unread,
Apr 12, 2017, 6:26:30 PM4/12/17
to terrafo...@googlegroups.com
Can you successfully create a zone using the UI or gcloud? If so, that shows that your API access is enabled, but if not, then I think I'd open a ticket with Google.

Have you double-checked your authentication credentials, too, to make sure Terraform is using credentials that exist, are valid, and which have permissions to do stuff?

mumblez

unread,
Apr 12, 2017, 7:24:36 PM4/12/17
to Terraform
Can you successfully create a zone using the UI or gcloud?

Yes, both ui console and gcloud

If so, that shows that your API access is enabled, but if not, then I think I'd open a ticket with Google.

Have you double-checked your authentication credentials, too, to make sure Terraform is using credentials that exist, are valid, and which have permissions to do stuff?

Same terraform service account is used in other projects, e.g as owner

Paddy Foran

unread,
Apr 13, 2017, 1:50:32 PM4/13/17
to terrafo...@googlegroups.com
Can you post your config?

Also, if they apply:

1. If you're using multiple projects (Service Account in one project, DNS in another) check to make sure that both projects have the DNS API enabled.
2. Check to make sure you're using the service account you think you're using.

Both of those have bitten me. :)


--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.

GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/5968ca53-4b9a-4651-80b2-59b5ef872990%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

mumblez

unread,
Apr 15, 2017, 8:50:17 AM4/15/17
to Terraform
Hi Paddy,

Success :), though nothing changed (honestly), I re-checked settings, terraform service account is owner in both projects and dns api is also enabled in both projects, maybe it takes more than 24 hours for the api to be properly enabled or something strange.

Thanks again :)

On Thursday, 13 April 2017 18:50:32 UTC+1, Paddy Foran wrote:
Can you post your config?

Also, if they apply:

1. If you're using multiple projects (Service Account in one project, DNS in another) check to make sure that both projects have the DNS API enabled.
2. Check to make sure you're using the service account you think you're using.

Both of those have bitten me. :)
On Wed, Apr 12, 2017 at 4:24 PM, mumblez <linh...@gmail.com> wrote:
Can you successfully create a zone using the UI or gcloud?

Yes, both ui console and gcloud

If so, that shows that your API access is enabled, but if not, then I think I'd open a ticket with Google.

Have you double-checked your authentication credentials, too, to make sure Terraform is using credentials that exist, are valid, and which have permissions to do stuff?

Same terraform service account is used in other projects, e.g as owner

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.

GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-too...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages