search

GoogleCloudPlatform / terraform-google-cloud-functions

Deploys Cloud Functions (Gen 2)
https://registry.terraform.io/modules/GoogleCloudPlatform/cloud-functions/google
Apache License 2.0
30 stars 25 forks source link

Investigate vpcServiceControlsUniqueIdentifier policy violation for secure-cloud-func-internal-server teardown #109

Closed g-awmalik closed 3 weeks ago

g-awmalik commented 3 months ago

Error details:

Step #11 - "secure-cloud-func-internal-server-teardown": Error: Error when reading or editing Resource projects/prj-scf-internal-server-8820/serviceAccounts/sa-cloud-function@prj-scf-internal-server-8820.iam.gserviceaccount.com for IAM Member (role "serviceAccount:service-570488395372@gcf-admin-robot.iam.gserviceaccount.com", "roles/iam.serviceAccountUser"): Error retrieving IAM policy for service account 'projects/prj-scf-internal-server-8820/serviceAccounts/sa-cloud-function@prj-scf-internal-server-8820.iam.gserviceaccount.com': googleapi: Error 403: Request is prohibited by organization's policy. vpcServiceControlsUniqueIdentifier: VQQnKfXtZ16NHnOmdJAy0E92tVT_8fZZRGvnndBWXZLKFx_KItn1EA
Step #11 - "secure-cloud-func-internal-server-teardown": Details:
Step #11 - "secure-cloud-func-internal-server-teardown": [
Step #11 - "secure-cloud-func-internal-server-teardown":   {
Step #11 - "secure-cloud-func-internal-server-teardown":     "@type": "type.googleapis.com/google.rpc.PreconditionFailure",
Step #11 - "secure-cloud-func-internal-server-teardown":     "violations": [
Step #11 - "secure-cloud-func-internal-server-teardown":       {
Step #11 - "secure-cloud-func-internal-server-teardown":         "description": "VQQnKfXtZ16NHnOmdJAy0E92tVT_8fZZRGvnndBWXZLKFx_KItn1EA",
Step #11 - "secure-cloud-func-internal-server-teardown":         "type": "VPC_SERVICE_CONTROLS"
Step #11 - "secure-cloud-func-internal-server-teardown":       }
Step #11 - "secure-cloud-func-internal-server-teardown":     ]
Step #11 - "secure-cloud-func-internal-server-teardown":   },
Step #11 - "secure-cloud-func-internal-server-teardown":   {
Step #11 - "secure-cloud-func-internal-server-teardown":     "@type": "type.googleapis.com/google.rpc.ErrorInfo",
Step #11 - "secure-cloud-func-internal-server-teardown":     "domain": "googleapis.com",
Step #11 - "secure-cloud-func-internal-server-teardown":     "metadata": {
Step #11 - "secure-cloud-func-internal-server-teardown":       "consumer": "projects/891562977321",
Step #11 - "secure-cloud-func-internal-server-teardown":       "service": "iam.googleapis.com",
Step #11 - "secure-cloud-func-internal-server-teardown":       "uid": "VQQnKfXtZ16NHnOmdJAy0E92tVT_8fZZRGvnndBWXZLKFx_KItn1EA"
Step #11 - "secure-cloud-func-internal-server-teardown":     },
Step #11 - "secure-cloud-func-internal-server-teardown":     "reason": "SECURITY_POLICY_VIOLATED"
Step #11 - "secure-cloud-func-internal-server-teardown":   }
Step #11 - "secure-cloud-func-internal-server-teardown": ]
Step #11 - "secure-cloud-func-internal-server-teardown": , forbidden
Step #11 - "secure-cloud-func-internal-server-teardown": }
Step #11 - "secure-cloud-func-internal-server-teardown":     destroy.go:11: 
Step #11 - "secure-cloud-func-internal-server-teardown":             Error Trace:    /builder/home/go/pkg/mod/github.com/gruntwork-io/terratest@v0.41.23/modules/terraform/destroy.go:11
github-actions[bot] commented 1 month ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days