0

I am trying to create VPC in GCP using Terraform but when i run terraform apply I am getting an error in terminal. I am new to terraform and GCP this is the code is have used

//Google Cloud provider
provider "google" {
 credentials = "${file("${var.credentials}")}"
 project     = "${var.gcp_project}"
 region      = "${var.region}"
}
// Create VPC
resource "google_compute_network" "vpc_network" {
 name                    = "${var.name}-vpc"
 auto_create_subnetworks = "false"
}

//variables.tf
variable "region" {}
variable "gcp_project" {}
variable "credentials" {}
variable "name" {}
variable "subnet_cidr" {}

// terraform.tfvars
region          = "europe-west2"
gcp_project     = "rock-prism-350316"
credentials     = "credentials.json"
name            = "dev"
subnet_cidr     = "10.10.0.0/24"

I am using a service account which has below access : Editor access for project, admin compute network

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

google_compute_network.vpc_network: Creating...
╷
│ Error: Error creating Network: Post 
"https://compute.googleapis.com/compute/v1/projects/rock-prism-350316/global/networks? 
alt=json": oauth2: cannot fetch token: unexpected EOF
│
│   with google_compute_network.vpc_network,
│   on main.tf line 8, in resource "google_compute_network" "vpc_network":
│    8:     resource "google_compute_network" "vpc_network" {
Improve this question
8
  • Looking at the code, I suspect the credentials line in the provider block. Looking here ... registry.terraform.io/providers/hashicorp/google/latest/docs/… It seems to want to be a file name. Your logic seems to be reading the content of the file. Try: credentials = "${var.credentials}" assuming that var.credentials contains the path to the JSON file Commented May 20, 2022 at 13:16
  • I gave the path and provided this change but it does not work Commented May 20, 2022 at 13:41
  • When you say it did not work ... did the message change or any other symptom change? Commented May 20, 2022 at 14:08
  • The error message still has not changed. Commented May 20, 2022 at 15:09
  • Is billing for the project setup? Is the account disabled? Commented May 20, 2022 at 19:31

2 Answers 2

Reset to default
1

You can use the contents of a key file or a file path in the provider (see credentials section).
The error message you're getting shows that it's trying to create a network in project rock-prism-350316 using credentials for project sunlit-vortex-184612

Try correcting the gcp_project value in your tfvars file. It's also a good idea to add the project parameter to your VPC resource:

//Google Cloud provider
provider "google" {
 credentials = "${file("${var.credentials}")}"
 project     = "${var.gcp_project}"
 region      = "${var.region}"
}
// Create VPC
resource "google_compute_network" "vpc_network" {
 name                    = "${var.name}-vpc"
 project                 = "${var.gcp_project}"
 auto_create_subnetworks = "false"
}

//variables.tf
variable "region" {}
variable "gcp_project" {}
variable "credentials" {}
variable "name" {}
variable "subnet_cidr" {}

// terraform.tfvars
region          = "europe-west2"
gcp_project     = "rock-prism-350316"
credentials     = "credentials.json"
name            = "dev"
subnet_cidr     = "10.10.0.0/24"
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

That is the name of the project which you are a part of. I can only see rock-prism-350316 in my google cloud console.
No, I don't have projects named rock-prism-350316 or sunlit-vortex-184612. Look again at the gcp_project value in your terraform.tfvars file posted in your question. You are loading credentials for one project and trying to use them to create resources in a different project.
I tried this out now am getting another error. which is │ Error: Error when reading or editing Project Service rock-prism-350316/compute.googleapis.com: Get "cloudresourcemanager.googleapis.com/v1/projects/…": oauth2: cannot fetch token: unexpected EOF
Check the contents of your credentials.json file. The third line should have the project ID rock-prism-350316 in it. If it's different then you're trying to use a key file from a different project, maybe an old project that you've deleted. If that's the case then create a new key for your service account and replace credentials.json with it.
Thanks for the feedback, I've updated my answer to take it into account.
|
0

The issue was there a security software installed on my device and that was blocking the communication between GCP provider and terraform. I had to disable this from services once that was done it was working fine. There was no issues in code or in authentication.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.