3-networks-hub-and-spoke - Service Usage Consumer role missing on sa-terraform-net@prj-b-seed-8919.iam.gserviceaccount.com SA during tf apply shared #379
ichael@cloudshell:~/tef-olxyz/github/gcp-networks (tef-olxyz)$ ./tf-wrapper.sh apply shared
*************** TERRAFORM APPLY *******************
At environment: envs/shared
***************************************************
module.hierarchical_firewall_policy.random_string.suffix: Creating...
module.hierarchical_firewall_policy.random_string.suffix: Creation complete after 0s [id=3q5s]
module.dns_hub_vpc.module.vpc.google_compute_network.network: Creating...
module.hierarchical_firewall_policy.google_compute_organization_security_policy.policy: Creating...
odule.dns_hub_vpc.module.vpc.google_compute_network.network: Still creating... [10s elapsed]
module.dns_hub_vpc.module.vpc.google_compute_network.network: Still creating... [20s elapsed]
module.dns_hub_vpc.module.vpc.google_compute_network.network: Still creating... [30s elapsed]
module.dns_hub_vpc.module.vpc.google_compute_network.network: Creation complete after 33s [id=projects/prj-c-dns-hub-6f4b/global/networks/vpc-c-dns-hub]
module.dns_hub_region1_router1.google_compute_router.router: Creating...
google_dns_policy.default_policy: Creating...
module.dns_hub_region2_router2.google_compute_router.router: Creating...
module.dns_hub_region1_router2.google_compute_router.router: Creating...
module.dns_hub_region2_router1.google_compute_router.router: Creating...
module.dns_hub_vpc.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-dns-hub-us-central1"]: Creating...
module.dns-forwarding-zone.google_dns_managed_zone.forwarding[0]: Creating...
module.dns_hub_vpc.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-dns-hub-us-west1"]: Creating...
module.dns-forwarding-zone.google_dns_managed_zone.forwarding[0]: Creation complete after 2s [id=projects/prj-c-dns-hub-6f4b/managedZones/fz-dns-hub]
google_dns_policy.default_policy: Creation complete after 2s [id=projects/prj-c-dns-hub-6f4b/policies/dp-dns-hub-default-policy]
module.dns_hub_region1_router1.google_compute_router.router: Still creating... [10s elapsed]
module.dns_hub_region1_router2.google_compute_router.router: Still creating... [10s elapsed]
module.dns_hub_region2_router1.google_compute_router.router: Still creating... [10s elapsed]
module.dns_hub_vpc.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-dns-hub-us-west1"]: Still creating... [10s elapsed]
module.dns_hub_region2_router2.google_compute_router.router: Still creating... [10s elapsed]
module.dns_hub_vpc.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-dns-hub-us-central1"]: Still creating... [10s elapsed]
module.dns_hub_vpc.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-dns-hub-us-central1"]: Creation complete after 13s [id=projects/prj-c-dns-hub-6f4b/regions/us-central1/subnetworks/sb-c-dns-hub-us-central1]
module.dns_hub_region2_router1.google_compute_router.router: Creation complete after 13s [id=projects/prj-c-dns-hub-6f4b/regions/us-central1/routers/cr-c-dns-hub-us-central1-cr3]
module.dns_hub_region1_router2.google_compute_router.router: Creation complete after 16s [id=projects/prj-c-dns-hub-6f4b/regions/us-west1/routers/cr-c-dns-hub-us-west1-cr2]
module.dns_hub_vpc.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-dns-hub-us-west1"]: Creation complete after 17s [id=projects/prj-c-dns-hub-6f4b/regions/us-west1/subnetworks/sb-c-dns-hub-us-west1]
module.dns_hub_vpc.module.routes.google_compute_route.route["rt-c-dns-hub-1000-all-default-private-api"]: Creating...
module.dns_hub_region1_router1.google_compute_router.router: Still creating... [20s elapsed]
module.dns_hub_region2_router2.google_compute_router.router: Still creating... [20s elapsed]
module.dns_hub_region2_router2.google_compute_router.router: Creation complete after 23s [id=projects/prj-c-dns-hub-6f4b/regions/us-central1/routers/cr-c-dns-hub-us-central1-cr4]
module.dns_hub_region1_router1.google_compute_router.router: Creation complete after 25s [id=projects/prj-c-dns-hub-6f4b/regions/us-west1/routers/cr-c-dns-hub-us-west1-cr1]
module.dns_hub_vpc.module.routes.google_compute_route.route["rt-c-dns-hub-1000-all-default-private-api"]: Still creating... [10s elapsed]
module.dns_hub_vpc.module.routes.google_compute_route.route["rt-c-dns-hub-1000-all-default-private-api"]: Creation complete after 12s [id=projects/prj-c-dns-hub-6f4b/global/routes/rt-c-dns-hub-1000-all-default-private-api]
module.restricted_shared_vpc.random_id.random_access_level_suffix: Creating...
module.base_shared_vpc.data.google_compute_network.vpc_dns_hub: Reading...
module.restricted_shared_vpc.data.google_compute_network.vpc_dns_hub: Reading...
module.restricted_shared_vpc.random_id.random_access_level_suffix: Creation complete after 0s [id=Z_E]
module.restricted_shared_vpc.module.main.module.vpc.google_compute_network.network: Creating...
module.base_shared_vpc.module.main.module.vpc.google_compute_network.network: Creating...
module.restricted_shared_vpc.module.access_level_members.google_access_context_manager_access_level.access_level: Creating...
module.base_shared_vpc.data.google_compute_network.vpc_dns_hub: Read complete after 0s [id=projects/prj-c-dns-hub-6f4b/global/networks/vpc-c-dns-hub]
module.restricted_shared_vpc.data.google_compute_network.vpc_dns_hub: Read complete after 0s [id=projects/prj-c-dns-hub-6f4b/global/networks/vpc-c-dns-hub]
module.restricted_shared_vpc.module.main.module.vpc.google_compute_network.network: Still creating... [10s elapsed]
module.base_shared_vpc.module.main.module.vpc.google_compute_network.network: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.main.module.vpc.google_compute_network.network: Still creating... [20s elapsed]
module.base_shared_vpc.module.main.module.vpc.google_compute_network.network: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.main.module.vpc.google_compute_network.network: Still creating... [30s elapsed]
module.base_shared_vpc.module.main.module.vpc.google_compute_network.network: Still creating... [30s elapsed]
module.base_shared_vpc.module.main.module.vpc.google_compute_network.network: Creation complete after 32s [id=projects/prj-c-base-net-hub-5y8h/global/networks/vpc-c-shared-base-hub]
module.base_shared_vpc.module.main.module.vpc.google_compute_shared_vpc_host_project.shared_vpc_host[0]: Creating...
module.base_shared_vpc.module.private_service_connect.google_compute_global_address.private_service_connect: Creating...
module.base_shared_vpc.module.peering_zone.google_dns_managed_zone.peering[0]: Creating...
module.base_shared_vpc.module.private_service_connect.module.googleapis.google_dns_managed_zone.private[0]: Creating...
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy.fw_policy[0]: Creating...
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-base-hub-us-central1-proxy"]: Creating...
module.base_shared_vpc.google_dns_policy.default_policy: Creating...
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-base-hub-us-west1"]: Creating...
module.base_shared_vpc.module.private_service_connect.module.gcr.google_dns_managed_zone.private[0]: Creating...
module.restricted_shared_vpc.module.main.module.vpc.google_compute_network.network: Creation complete after 33s [id=projects/prj-c-restricted-net-hub-a8d5/global/networks/vpc-c-shared-restricted-hub]
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-base-hub-us-west1-proxy"]: Creating...
module.base_shared_vpc.module.peering_zone.google_dns_managed_zone.peering[0]: Creation complete after 2s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-to-dns-hub]
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-base-hub-us-central1"]: Creating...
module.base_shared_vpc.module.private_service_connect.module.googleapis.google_dns_managed_zone.private[0]: Creation complete after 2s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-apis]
module.restricted_shared_vpc.module.main.module.vpc.google_compute_shared_vpc_host_project.shared_vpc_host[0]: Creating...
module.base_shared_vpc.google_dns_policy.default_policy: Creation complete after 2s [id=projects/prj-c-base-net-hub-5y8h/policies/dp-c-shared-base-default-policy]
module.base_shared_vpc.module.private_service_connect.module.gcr.google_dns_managed_zone.private[0]: Creation complete after 2s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-gcr]
module.base_shared_vpc.module.private_service_connect.module.googleapis.google_dns_record_set.cloud-static-records["*/CNAME"]: Creating...
module.base_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_managed_zone.private[0]: Creating...
module.base_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_managed_zone.private[0]: Creation complete after 1s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-pkg-dev]
module.base_shared_vpc.module.private_service_connect.module.googleapis.google_dns_record_set.cloud-static-records["private/A"]: Creating...
module.base_shared_vpc.module.private_service_connect.module.googleapis.google_dns_record_set.cloud-static-records["*/CNAME"]: Creation complete after 3s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-apis/rrsets/*.googleapis.com./CNAME]
module.base_shared_vpc.module.private_service_connect.module.gcr.google_dns_record_set.cloud-static-records["/A"]: Creating...
module.base_shared_vpc.module.private_service_connect.module.googleapis.google_dns_record_set.cloud-static-records["private/A"]: Creation complete after 2s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-apis/rrsets/private.googleapis.com./A]
module.base_shared_vpc.module.private_service_connect.module.gcr.google_dns_record_set.cloud-static-records["*/CNAME"]: Creating...
module.base_shared_vpc.module.private_service_connect.module.gcr.google_dns_record_set.cloud-static-records["/A"]: Creation complete after 2s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-gcr/rrsets/gcr.io./A]
module.base_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_record_set.cloud-static-records["*/CNAME"]: Creating...
module.base_shared_vpc.module.private_service_connect.module.gcr.google_dns_record_set.cloud-static-records["*/CNAME"]: Creation complete after 3s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-gcr/rrsets/*.gcr.io./CNAME]
module.base_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_record_set.cloud-static-records["/A"]: Creating...
module.base_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_record_set.cloud-static-records["*/CNAME"]: Creation complete after 3s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-pkg-dev/rrsets/*.pkg.dev./CNAME]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-restricted-hub-us-west1-proxy"]: Creating...
module.base_shared_vpc.module.main.module.vpc.google_compute_shared_vpc_host_project.shared_vpc_host[0]: Still creating... [10s elapsed]
module.base_shared_vpc.module.private_service_connect.google_compute_global_address.private_service_connect: Still creating... [10s elapsed]
module.base_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_record_set.cloud-static-records["/A"]: Creation complete after 2s [id=projects/prj-c-base-net-hub-5y8h/managedZones/dz-c-shared-base-pkg-dev/rrsets/pkg.dev./A]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-restricted-hub-us-central1"]: Creating...
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy.fw_policy[0]: Still creating... [10s elapsed]
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-base-hub-us-central1-proxy"]: Still creating... [10s elapsed]
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-base-hub-us-west1"]: Still creating... [10s elapsed]
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-base-hub-us-west1-proxy"]: Still creating... [10s elapsed]
module.base_shared_vpc.module.main.module.vpc.google_compute_shared_vpc_host_project.shared_vpc_host[0]: Creation complete after 11s [id=prj-c-base-net-hub-5y8h]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-restricted-hub-us-west1"]: Creating...
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy.fw_policy[0]: Creation complete after 11s [id=projects/prj-c-base-net-hub-5y8h/global/firewallPolicies/fp-c-hub-and-spoke-base-firewalls]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-restricted-hub-us-central1-proxy"]: Creating...
module.base_shared_vpc.module.private_service_connect.google_compute_global_address.private_service_connect: Creation complete after 11s [id=projects/prj-c-base-net-hub-5y8h/global/addresses/global-psconnect-ip]
module.restricted_shared_vpc.google_dns_policy.default_policy: Creating...
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-base-hub-us-central1"]: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.main.module.vpc.google_compute_shared_vpc_host_project.shared_vpc_host[0]: Still creating... [10s elapsed]
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-base-hub-us-central1-proxy"]: Creation complete after 13s [id=projects/prj-c-base-net-hub-5y8h/regions/us-central1/subnetworks/sb-c-shared-base-hub-us-central1-proxy]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy.fw_policy[0]: Creating...
module.restricted_shared_vpc.google_dns_policy.default_policy: Creation complete after 2s [id=projects/prj-c-restricted-net-hub-a8d5/policies/dp-c-shared-restricted-default-policy]
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_association.vpc_associations["cHJvamVjdHMvcHJqLWMtYmFzZS1uZXQtaHViLTV5OGgvZ2xvYmFsL25ldHdvcmtzL3ZwYy1jLXNoYXJlZC1iYXNlLWh1Yg=="]: Creating...
module.restricted_shared_vpc.module.main.module.vpc.google_compute_shared_vpc_host_project.shared_vpc_host[0]: Creation complete after 11s [id=prj-c-restricted-net-hub-a8d5]
module.base_shared_vpc.module.private_service_connect.google_compute_global_forwarding_rule.forwarding_rule_private_service_connect: Creating...
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-base-hub-us-central1"]: Creation complete after 11s [id=projects/prj-c-base-net-hub-5y8h/regions/us-central1/subnetworks/sb-c-shared-base-hub-us-central1]
module.restricted_shared_vpc.module.peering_zone.google_dns_managed_zone.peering[0]: Creating...
module.restricted_shared_vpc.module.peering_zone.google_dns_managed_zone.peering[0]: Creation complete after 2s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-to-dns-hub]
module.restricted_shared_vpc.module.private_service_connect.google_compute_global_address.private_service_connect: Creating...
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_association.vpc_associations["cHJvamVjdHMvcHJqLWMtYmFzZS1uZXQtaHViLTV5OGgvZ2xvYmFsL25ldHdvcmtzL3ZwYy1jLXNoYXJlZC1iYXNlLWh1Yg=="]: Creation complete after 6s [id=projects/prj-c-base-net-hub-5y8h/global/firewallPolicies/fp-c-hub-and-spoke-base-firewalls/associations/fp-c-hub-and-spoke-base-firewalls-vpc-c-shared-base-hub]
module.restricted_shared_vpc.module.private_service_connect.module.googleapis.google_dns_managed_zone.private[0]: Creating...
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-restricted-hub-us-west1-proxy"]: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-restricted-hub-us-central1"]: Still creating... [10s elapsed]
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-base-hub-us-west1"]: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.private_service_connect.module.googleapis.google_dns_managed_zone.private[0]: Creation complete after 1s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-apis]
module.restricted_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_managed_zone.private[0]: Creating...
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-base-hub-us-west1-proxy"]: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-restricted-hub-us-west1"]: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-restricted-hub-us-central1-proxy"]: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_managed_zone.private[0]: Creation complete after 1s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-pkg-dev]
module.restricted_shared_vpc.module.private_service_connect.module.gcr.google_dns_managed_zone.private[0]: Creating...
module.restricted_shared_vpc.module.private_service_connect.module.gcr.google_dns_managed_zone.private[0]: Creation complete after 1s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-gcr]
module.restricted_shared_vpc.module.private_service_connect.module.googleapis.google_dns_record_set.cloud-static-records["*/CNAME"]: Creating...
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy.fw_policy[0]: Still creating... [10s elapsed]
module.base_shared_vpc.module.private_service_connect.google_compute_global_forwarding_rule.forwarding_rule_private_service_connect: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy.fw_policy[0]: Creation complete after 11s [id=projects/prj-c-restricted-net-hub-a8d5/global/firewallPolicies/fp-c-hub-and-spoke-restricted-firewalls]
module.restricted_shared_vpc.module.private_service_connect.module.googleapis.google_dns_record_set.cloud-static-records["restricted/A"]: Creating...
module.restricted_shared_vpc.module.private_service_connect.module.googleapis.google_dns_record_set.cloud-static-records["*/CNAME"]: Creation complete after 2s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-apis/rrsets/*.googleapis.com./CNAME]
module.restricted_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_record_set.cloud-static-records["*/CNAME"]: Creating...
module.base_shared_vpc.module.private_service_connect.google_compute_global_forwarding_rule.forwarding_rule_private_service_connect: Creation complete after 11s [id=projects/prj-c-base-net-hub-5y8h/global/forwardingRules/globalrule]
module.restricted_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_record_set.cloud-static-records["/A"]: Creating...
module.restricted_shared_vpc.module.private_service_connect.google_compute_global_address.private_service_connect: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_record_set.cloud-static-records["*/CNAME"]: Creation complete after 1s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-pkg-dev/rrsets/*.pkg.dev./CNAME]
module.restricted_shared_vpc.module.private_service_connect.module.gcr.google_dns_record_set.cloud-static-records["/A"]: Creating...
module.restricted_shared_vpc.module.private_service_connect.module.pkg_dev.google_dns_record_set.cloud-static-records["/A"]: Creation complete after 2s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-pkg-dev/rrsets/pkg.dev./A]
module.restricted_shared_vpc.module.private_service_connect.module.gcr.google_dns_record_set.cloud-static-records["*/CNAME"]: Creating...
module.restricted_shared_vpc.module.private_service_connect.google_compute_global_address.private_service_connect: Creation complete after 11s [id=projects/prj-c-restricted-net-hub-a8d5/global/addresses/global-psconnect-ip]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_association.vpc_associations["cHJvamVjdHMvcHJqLWMtcmVzdHJpY3RlZC1uZXQtaHViLWE4ZDUvZ2xvYmFsL25ldHdvcmtzL3ZwYy1jLXNoYXJlZC1yZXN0cmljdGVkLWh1Yg=="]: Creating...
module.restricted_shared_vpc.module.private_service_connect.module.gcr.google_dns_record_set.cloud-static-records["/A"]: Creation complete after 2s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-gcr/rrsets/gcr.io./A]
module.restricted_shared_vpc.module.private_service_connect.google_compute_global_forwarding_rule.forwarding_rule_private_service_connect: Creating...
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-base-hub-us-west1-proxy"]: Creation complete after 26s [id=projects/prj-c-base-net-hub-5y8h/regions/us-west1/subnetworks/sb-c-shared-base-hub-us-west1-proxy]
module.base_shared_vpc.module.region1_router1[0].google_compute_router.router: Creating...
module.restricted_shared_vpc.module.private_service_connect.module.gcr.google_dns_record_set.cloud-static-records["*/CNAME"]: Creation complete after 1s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-gcr/rrsets/*.gcr.io./CNAME]
module.base_shared_vpc.module.region2_router1[0].google_compute_router.router: Creating...
module.restricted_shared_vpc.module.private_service_connect.module.googleapis.google_dns_record_set.cloud-static-records["restricted/A"]: Creation complete after 3s [id=projects/prj-c-restricted-net-hub-a8d5/managedZones/dz-c-shared-restricted-apis/rrsets/restricted.googleapis.com./A]
module.base_shared_vpc.module.region1_router2[0].google_compute_router.router: Creating...
module.base_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-base-hub-us-west1"]: Creation complete after 28s [id=projects/prj-c-base-net-hub-5y8h/regions/us-west1/subnetworks/sb-c-shared-base-hub-us-west1]
module.base_shared_vpc.module.region2_router2[0].google_compute_router.router: Creating...
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-restricted-hub-us-west1-proxy"]: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-restricted-hub-us-central1"]: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-restricted-hub-us-west1"]: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-restricted-hub-us-central1-proxy"]: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-restricted-hub-us-central1"]: Creation complete after 24s [id=projects/prj-c-restricted-net-hub-a8d5/regions/us-central1/subnetworks/sb-c-shared-restricted-hub-us-central1]
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["65530"]: Creating...
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-restricted-hub-us-west1"]: Creation complete after 23s [id=projects/prj-c-restricted-net-hub-a8d5/regions/us-west1/subnetworks/sb-c-shared-restricted-hub-us-west1]
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["1000"]: Creating...
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-west1/sb-c-shared-restricted-hub-us-west1-proxy"]: Creation complete after 25s [id=projects/prj-c-restricted-net-hub-a8d5/regions/us-west1/subnetworks/sb-c-shared-restricted-hub-us-west1-proxy]
module.restricted_shared_vpc.module.main.module.subnets.google_compute_subnetwork.subnetwork["us-central1/sb-c-shared-restricted-hub-us-central1-proxy"]: Creation complete after 24s [id=projects/prj-c-restricted-net-hub-a8d5/regions/us-central1/subnetworks/sb-c-shared-restricted-hub-us-central1-proxy]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_association.vpc_associations["cHJvamVjdHMvcHJqLWMtcmVzdHJpY3RlZC1uZXQtaHViLWE4ZDUvZ2xvYmFsL25ldHdvcmtzL3ZwYy1jLXNoYXJlZC1yZXN0cmljdGVkLWh1Yg=="]: Creation complete after 9s [id=projects/prj-c-restricted-net-hub-a8d5/global/firewallPolicies/fp-c-hub-and-spoke-restricted-firewalls/associations/fp-c-hub-and-spoke-restricted-firewalls-vpc-c-shared-restricted-hub]
module.base_shared_vpc.module.region1_router1[0].google_compute_router.router: Still creating... [10s elapsed]
module.base_shared_vpc.module.region2_router1[0].google_compute_router.router: Still creating... [10s elapsed]
module.base_shared_vpc.module.region1_router2[0].google_compute_router.router: Still creating... [10s elapsed]
module.base_shared_vpc.module.region2_router2[0].google_compute_router.router: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.private_service_connect.google_compute_global_forwarding_rule.forwarding_rule_private_service_connect: Creation complete after 11s [id=projects/prj-c-restricted-net-hub-a8d5/global/forwardingRules/globalrule]
module.restricted_shared_vpc.module.region1_router1[0].google_compute_router.router: Creating...
module.restricted_shared_vpc.module.region2_router1[0].google_compute_router.router: Creating...
module.restricted_shared_vpc.module.region2_router2[0].google_compute_router.router: Creating...
module.restricted_shared_vpc.module.region1_router2[0].google_compute_router.router: Creating...
module.base_shared_vpc.module.region2_router2[0].google_compute_router.router: Creation complete after 11s [id=projects/prj-c-base-net-hub-5y8h/regions/us-central1/routers/cr-c-shared-base-hub-us-central1-cr4]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["65530"]: Creating...
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["65530"]: Still creating... [10s elapsed]
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["1000"]: Still creating... [10s elapsed]
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["65530"]: Creation complete after 11s [id=projects/prj-c-base-net-hub-5y8h/global/firewallPolicies/fp-c-hub-and-spoke-base-firewalls/rules/65530]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["1000"]: Creating...
module.base_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["1000"]: Creation complete after 12s [id=projects/prj-c-base-net-hub-5y8h/global/firewallPolicies/fp-c-hub-and-spoke-base-firewalls/rules/1000]
module.base_shared_vpc.module.region1_router1[0].google_compute_router.router: Still creating... [20s elapsed]
module.base_shared_vpc.module.region2_router1[0].google_compute_router.router: Still creating... [20s elapsed]
module.base_shared_vpc.module.region1_router2[0].google_compute_router.router: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.region1_router1[0].google_compute_router.router: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.region2_router1[0].google_compute_router.router: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.region2_router2[0].google_compute_router.router: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.region1_router2[0].google_compute_router.router: Still creating... [10s elapsed]
module.base_shared_vpc.module.region2_router1[0].google_compute_router.router: Creation complete after 21s [id=projects/prj-c-base-net-hub-5y8h/regions/us-central1/routers/cr-c-shared-base-hub-us-central1-cr3]
module.base_shared_vpc.module.region1_router1[0].google_compute_router.router: Creation complete after 22s [id=projects/prj-c-base-net-hub-5y8h/regions/us-west1/routers/cr-c-shared-base-hub-us-west1-cr1]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["65530"]: Still creating... [10s elapsed]
module.base_shared_vpc.module.region1_router2[0].google_compute_router.router: Creation complete after 23s [id=projects/prj-c-base-net-hub-5y8h/regions/us-west1/routers/cr-c-shared-base-hub-us-west1-cr2]
module.restricted_shared_vpc.module.region1_router1[0].google_compute_router.router: Creation complete after 12s [id=projects/prj-c-restricted-net-hub-a8d5/regions/us-west1/routers/cr-c-shared-restricted-hub-us-west1-cr5]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["65530"]: Creation complete after 12s [id=projects/prj-c-restricted-net-hub-a8d5/global/firewallPolicies/fp-c-hub-and-spoke-restricted-firewalls/rules/65530]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["1000"]: Still creating... [10s elapsed]
module.restricted_shared_vpc.module.firewall_rules.google_compute_network_firewall_policy_rule.rules["1000"]: Creation complete after 12s [id=projects/prj-c-restricted-net-hub-a8d5/global/firewallPolicies/fp-c-hub-and-spoke-restricted-firewalls/rules/1000]
odule.restricted_shared_vpc.module.region2_router2[0].google_compute_router.router: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.region1_router2[0].google_compute_router.router: Still creating... [20s elapsed]
module.restricted_shared_vpc.module.region2_router2[0].google_compute_router.router: Creation complete after 22s [id=projects/prj-c-restricted-net-hub-a8d5/regions/us-central1/routers/cr-c-shared-restricted-hub-us-central1-cr8]
module.restricted_shared_vpc.module.region2_router1[0].google_compute_router.router: Creation complete after 22s [id=projects/prj-c-restricted-net-hub-a8d5/regions/us-central1/routers/cr-c-shared-restricted-hub-us-central1-cr7]
module.restricted_shared_vpc.module.region1_router2[0].google_compute_router.router: Creation complete after 22s [id=projects/prj-c-restricted-net-hub-a8d5/regions/us-west1/routers/cr-c-shared-restricted-hub-us-west1-cr6]
module.restricted_shared_vpc.time_sleep.wait_vpc_sc_propagation: Creating...
odule.restricted_shared_vpc.time_sleep.wait_vpc_sc_propagation: Still creating... [20s elapsed]
module.restricted_shared_vpc.time_sleep.wait_vpc_sc_propagation: Still creating... [30s elapsed]
module.restricted_shared_vpc.time_sleep.wait_vpc_sc_propagation: Still creating... [40s elapsed]
module.restricted_shared_vpc.time_sleep.wait_vpc_sc_propagation: Still creating... [50s elapsed]
module.restricted_shared_vpc.time_sleep.wait_vpc_sc_propagation: Still creating... [1m0s elapsed]
module.restricted_shared_vpc.time_sleep.wait_vpc_sc_propagation: Creation complete after 1m0s [id=2024-04-13T21:53:16Z]
Error: Error waiting to create OrganizationSecurityPolicy: Error waiting for Creating OrganizationSecurityPolicy: error while retrieving operation: googleapi: Error 403: Caller does not have required permission to use project tef-olxyz. Grant the caller the roles/serviceusage.serviceUsageConsumer role, or a custom role with the serviceusage.services.use permission, by visiting https://console.developers.google.com/iam-admin/iam/project?project=tef-olxyz and then retry. Propagation of the new permission may take a few minutes.
Details:
[
{
"@type": "type.googleapis.com/google.rpc.Help",
"links": [
{
"description": "Google developer console IAM admin",
"url": "https://console.developers.google.com/iam-admin/iam/project?project=tef-olxyz"
}
]
},
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"domain": "googleapis.com",
"metadatas": {
"consumer": "projects/tef-olxyz",
"service": "compute.googleapis.com"
},
"reason": "USER_PROJECT_DENIED"
}
]
, forbidden
with module.hierarchical_firewall_policy.google_compute_organization_security_policy.policy,
on ../../modules/hierarchical_firewall_policy/main.tf line 27, in resource "google_compute_organization_security_policy" "policy":
27: resource "google_compute_organization_security_policy" "policy" {
Error: Error creating AccessLevel: googleapi: Error 403: Caller does not have required permission to use project tef-olxyz. Grant the caller the roles/serviceusage.serviceUsageConsumer role, or a custom role with the serviceusage.services.use permission, by visiting https://console.developers.google.com/iam-admin/iam/project?project=tef-olxyz and then retry. Propagation of the new permission may take a few minutes.
Details:
[
{
"@type": "type.googleapis.com/google.rpc.Help",
"links": [
{
"description": "Google developer console IAM admin",
"url": "https://console.developers.google.com/iam-admin/iam/project?project=tef-olxyz"
}
]
},
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"domain": "googleapis.com",
"metadata": {
"consumer": "projects/tef-olxyz",
"service": "accesscontextmanager.googleapis.com"
},
"reason": "USER_PROJECT_DENIED"
}
]
with module.restricted_shared_vpc.module.access_level_members.google_access_context_manager_access_level.access_level,
on .terraform/modules/restricted_shared_vpc.access_level_members/modules/access_level/main.tf line 21, in resource "google_access_context_manager_access_level" "access_level":
21: resource "google_access_context_manager_access_level" "access_level" {
ACM error on iam role - fixing
Error: Error creating AccessLevel: googleapi: Error 403: Caller does not have required permission to use project tef-olxyz. Grant the caller the roles/serviceusage.serviceUsageConsumer role, or a custom role with the serviceusage.services.use permission, by visiting https://console.developers.google.com/iam-admin/iam/project?project=tef-olxyz and then retry. Propagation of the new permission may take a few minutes.
Service Usage Consumer missing from sa-terraform-net
see #360 https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/issues/360#issuecomment-2053767440
3-networks-hub-and-spoke shared apply
ACM error on iam role - fixing
Service Usage Consumer missing from sa-terraform-net
sa-terraform-net@prj-b-seed-8919.iam.gserviceaccount.com