search

HewlettPackard / terraform-provider-oneview

Automates the provisioning of physical infrastructure from a private cloud using templates from HPE OneView with Terraform
Apache License 2.0
49 stars 30 forks source link

Response Status: 403 Forbidden #437

Closed will-code-for-pizza closed 2 years ago

will-code-for-pizza commented 2 years ago

Hi,

I try to read all hardware servers via "oneview" provider. My credentials are correct and my user account in OneView has the role "Infrastructure administrator".

This is the result:

# terraform init
# terraform plan

│ Error: Error in response: Forbidden
│  Response Status: 403 Forbidden
│  Response Details: You are not allowed to access the requested resource.
│
│   with provider["registry.terraform.io/hewlettpackard/oneview"],
│   on main.tf line 31, in provider "oneview":
│   31: provider "oneview" {

If I strip down the main.tf to

terraform {
  required_providers {
    oneview = {
      source = "HewlettPackard/oneview"
      version = "6.3.1-13"
    }
  }
}

variable "username" {
   type = string
}

variable "password" {
   type = string
}

variable "endpoint" {
   type = string
}

variable "ssl_enabled" {
   type = string
}

variable "ovdomain" {
   type = string
}

## Create terraform OneView client
provider "oneview" {
        ov_username  = "${var.username}"
        ov_password  = "${var.password}"
        ov_endpoint  = "${var.endpoint}"
        ov_sslverify = "${var.ssl_enabled}"
        ov_domain    = "${var.ovdomain}"
        ov_apiversion = 3200
        ov_ifmatch = "*"
}

the result is

# terraform plan

No changes. Your infrastructure matches the configuration.

If I add these lines

data "oneview_server_hardware" "server_hardware" {
  name = "MY-SERVERNAME"
}

output "oneview_server_hardware_value" {
  value = data.oneview_server_hardware.server_hardware.uri
}

the error occurs.

Is this an access rights problem in OneView ?

Regards and thanks in advance.

ChrisLynchHPE commented 2 years ago

Did you follow the steps outlined in the readme page, under the Configuration section? You need to provide credentials using one of the two methods.

will-code-for-pizza commented 2 years ago

Hi Chris,

before I run

# terraform init
# terraform plan

I do a

# export TF_LOG_CORE=DEBUG; export TF_LOG_CORE=TRACE; export TF_LOG_PROVIDER=TRACE; export TF_LOG_PATH="logs.txt"; export TF_VAR_endpoint="http://139.1.x.x"; export TF_VAR_username="my-username"; export TF_VAR_password="my-password"; export TF_VAR_ssl_enabled="false"; export TF_VAR_ovdomain="my-domain"

and there a no missing variables, no prompts for input, etc.

Result:

│ Error: Error in response: Forbidden
│  Response Status: 403 Forbidden
│  Response Details: You are not allowed to access the requested resource.
│
│   with provider["registry.terraform.io/hewlettpackard/oneview"],
│   on main.tf line 31, in provider "oneview":
│   31: provider "oneview" {
│

Cheers.

will-code-for-pizza commented 2 years ago

Solved: I struggled with a proxy-setting problem. Terraform ignores the 'no_proxy' env variable and the 'access denied' message was sent by proxy.

Many thanks!

will-code-for-pizza commented 2 years ago

It depends to https://github.com/HewlettPackard/terraform-provider-oneview/issues/127#issuecomment-521135041

no_proxy was ignored. NO_PROXY was used.