Request had insufficient authentication scopes on terraform when creating gcp mysql

0
votes

Keep getting this error: Error, failed to create instance group-database-instance: googleapi: Error 403: Request had insufficient authentication scopes. More details: Reason: insufficientPermissions, Message: Insufficient Permission

I have added a service account with editor permissions to use all gcp resources and added directed terraform to a credentials file generated. Would this be an error in the code or something else?

1
mysqlgoogle-cloud-platformterraform
1) You are probably not using the service account that has the correct roles. 2) A common misperception is that Owner/Editor have permissions to all resources - they do not. 3) Edit your question, show the roles assigned to the service account and then show how you are using the service account. 4) I recommend testing the service account with the CLI gcloud first, then with Terraform. - John Hanley

1 Answers

2
votes

Based on the error message you have provided and the task you would like to accomplish, it would seem that you might need to add a scope when creating your instance.

To use the Google Kubernetes Engine API for a GCE virtual machines, you will need to add the Cloud Platform Scope ("https://www.googleapis.com/auth/cloud-platform") to your VM when it is created.

Additionally, if you are using the gcloud command-line, you can follow along with something like:

gcloud compute instances create NAME --scopes=https://www.googleapis.com/auth/cloud-platform

If you are using the Cloud Console UI, when you are creating a VM instance, look for the "Identity and API access" section, and select "Allow full access to all Cloud APIs".