Plan: 10 to add, 0 to change, 0 to destroy.
╷
│ Error: Error create fortios client: Error using Token to login:
│ <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
│ <html><head>
│ <title>403 Forbidden</title>
│ </head><body>
│ <h1>Forbidden</h1>
│ <p>You don't have permission to access this resource.</p>
│ <p>Additionally, a 403 Forbidden
│ error was encountered while trying to use an ErrorDocument to handle the request.</p>
│ </body></html>
│
│
│ with provider["registry.terraform.io/fortinetdev/fortios"],
│ on versions.tf line 21, in provider "fortios":
│ 21: provider "fortios" {
│
╵
fixing by using the username password option of the fortios provider instead of the token - and switching to the last VM I authenticated on - index 1
day1/versions.tf
provider "fortios" {
# TODO: automatically find which peer is primary at the moment of deployment
# for now we just go to the first instance
hostname = data.terraform_remote_state.base.outputs.fgt-mgmt-eips[1]
username = "admin"
password = "m...1"
#token = data.terraform_remote_state.base.outputs.api-key
insecure = "true"
michael@cloudshell:~/fortigate-terraform-olapp/fortigate-tutorial-gcp/terraform/day1 (fortigate-terraform-olapp)$ terraform plan -out tf.plan
Plan: 31 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ public_ip = (known after apply)
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Saved the plan to: tf.plan
To perform exactly these actions, run the following command to apply:
terraform apply "tf.plan"
1920
michael@cloudshell:~/fortigate-terraform-olapp/fortigate-tutorial-gcp/terraform/day1 (fortigate-terraform-olapp)$ terraform apply --parallelism=1 tf.plan
fortios_firewall_address.tier2: Creating...
fortios_firewall_address.tier2: Creation complete after 1s [id=gcp-tier2]
fortios_firewall_address.tier1: Creating...
fortios_firewall_address.tier1: Creation complete after 0s [id=gcp-tier1]
google_compute_network.tier2: Creating...
however, I think this authentication issue occurred because I changed the default password from the instance id between day0 and day1 - so on me, retesting without the pw change
before running make sure you have more than the default 5 VPC quota on your project as well day1 issue on fortios during plan
https://github.com/fortinet/fortigate-tutorial-gcp/blob/main/terraform/day1/versions.tf#L21
fixing by using the username password option of the fortios provider instead of the token - and switching to the last VM I authenticated on - index 1