Terraform google bucket for static website for google storage - 403

3
votes

Trying to create a google bucket for the static website.

provider "google" {
  project = "myprojectname-123"
  credentials = "${file("storage-admin.json")}"
  region  = "us-central1"
  zone    = "us-central1-c"
}

resource "google_storage_bucket" "STANDARD" {
  name     = "mywebsite.com"
  storage_class = "STANDARD"
  location = "US"

  website {
    main_page_suffix = "index.html"
    not_found_page   = "404.html"
  }
}

> terraform apply

googleapi: Error 403: The bucket you tried to create is a domain name owned by another user., forbidden

Found this answer for AWS

Q: Is it possible to create storage domain centric storage/bucket from Terraform for Google Cloud?

1
google-cloud-platformterraform
It is possible but the error is that bucket name resolves to a name which is already being used by another user.Prashant
but that another user is me. and before that I have removed the bucket. waited for 10 min or so. maybe have to wait for 24h hour.. not sure.ses
Can Terraform create GCS bucket. Yes and reference is terraform.io/docs/providers/google/r/storage_bucket.htmlPrashant

1 Answers

5
votes

(Assuming that you have already verified the domain mywebsite.com, and that you are an owner of the domain)

I can see that you are creating the bucket using a service's account credentials:

provider "google" {

project = "myprojectname-123"

credentials = "${file("storage-admin.json")}"

region = "us-central1"

zone = "us-central1-c"

}

You will have to add that service account as an owner of the domain, since the terraform API Call to create those resources will use its credentials to create the bucket.

If the account is not on the owner list of the domain, you will receive the 403, with the message that you are getting. Documentation on how to add the service account as an owner.

As well, make sure that you add the service account as a domain owner, not a site owner.