The provider hashicorp/google does not support resource type │ "google_vertex_ai_endpoint_iam_member".

MoeAlkhalkhali commented 4 months ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
If an issue is assigned to a user, that user is claiming responsibility for the issue.
Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

Terraform v1.7.3 on Linux

provider registry.terraform.io/hashicorp/google v5.33.0
provider registry.terraform.io/hashicorp/google-beta v5.33.0

Affected Resource(s)

google_vertex_ai_endpoint_iam_member

Terraform Configuration

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "~> 5.33.0"
    }
  }
}
provider "google" {
  project = "XXXXXXXX"
}
provider "google-beta" {
  project = "XXXXXXXX"
}
resource "google_vertex_ai_endpoint_iam_member" "member" {
  project  = "XXXXXXXX"
  location = "australia-souteast1"
  endpoint = "dummy"
  role     = "roles/aiplatform.user"
  member   = "XXXXXXXX"
}

Debug Output

https://gist.github.com/MoeAlkhalkhali/e6f18abff6005cb898eefbe8ebf0d2ae

Expected Behavior

Should be able add an iam member to an endpoint

Actual Behavior

Failing to get resource from the provider

Steps to reproduce

Create a file named main.tf with the below contents
terraform { required_providers { google = { source = "hashicorp/google" version = "~> 5.33.0" } } } provider "google" { project = "XXXXXXXX" } provider "google-beta" { project = "XXXXXXXX" } resource "google_vertex_ai_endpoint_iam_member" "member" { project = "XXXXXXXX" location = "australia-souteast1" endpoint = "dummy" role = "roles/aiplatform.user" member = "XXXXXXXX" }
Run terraform init
run terraform plan

Important Factoids

No response

References

No response

b/346928090

ggtisc commented 4 months ago

Hi @MoeAlkhalkhali !

I detected a bad configuration in your code, trying to reproduce this issue I got no errors with the terraform and Google providers following the configuration of terraform registry.

The bad configuration I noticed is that you are using an invalid value for the endpoint attribute. You need to follow the shared example and use a google_vertex_ai_endpoint for this value like this:

provider "google" {
  project = "my-project"
}

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google-beta"
      version = "5.33.0"
    }
  }
}

resource "google_vertex_ai_endpoint" "vertex_ai_endpoint_18388" {
  project = "my-project"
  location = "us-central1"
  display_name = "vertex-ai-endpoint-18388"
  name = "vertex-ai-endpoint-18388"
}

resource "google_vertex_ai_endpoint_iam_member" "vertex_ai_endpoint_member_18388" {
  project = "my-project"
  location = "us-central1"
  endpoint = google_vertex_ai_endpoint.vertex_ai_endpoint_18388.name
  role = "roles/viewer"
  member = "user:example@example.com"
}

MoeAlkhalkhali commented 4 months ago

Hi @MoeAlkhalkhali !

I detected a bad configuration in your code, trying to reproduce this issue I got no errors with the terraform and Google providers following the configuration of terraform registry.

The bad configuration I noticed is that you are using an invalid value for the endpoint attribute. You need to follow the shared example and use a google_vertex_ai_endpoint for this value like this:
provider "google" {
  project = "my-project"
}

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google-beta"
      version = "5.33.0"
    }
  }
}

resource "google_vertex_ai_endpoint" "vertex_ai_endpoint_18388" {
  project = "my-project"
  location = "us-central1"
  display_name = "vertex-ai-endpoint-18388"
  name = "vertex-ai-endpoint-18388"
}

resource "google_vertex_ai_endpoint_iam_member" "vertex_ai_endpoint_member_18388" {
  project = "my-project"
  location = "us-central1"
  endpoint = google_vertex_ai_endpoint.vertex_ai_endpoint_18388.name
  role = "roles/viewer"
  member = "user:example@example.com"
}

Hi @ggtisc, I've hardcoded the endpoint name and tried the endpoint id, issue is still present. The error is pretty specific The provider hashicorp/google does not support resource type "google_vertex_ai_endpoint_iam_member".

ggtisc commented 4 months ago

This looks more like troubleshooting than a bug, because after some tries the result again is successful and without errors.

Have you applied the suggested configuration and checked the official documentation links to verify that you have everything correct?

I noticed also that you are using a custom role and this is other thing that you need to check here

MoeAlkhalkhali commented 4 months ago

Hi @ggtisc, I've copied the exact code now as specified in the documentation and i get the same error. `terraform { required_providers { google = { source = "hashicorp/google" version = "~> 5.33.0" } } } provider "google" { project = "XXXX" } provider "google-beta" { project = "XXXX" } resource "google_vertex_ai_endpoint" "endpoint" { name = "endpoint-name" display_name = "sample-endpoint" description = "A sample vertex endpoint" location = "us-central1" region = "us-central1" labels = { label-one = "value-one" } network = "projects/${data.google_project.project.number}/global/networks/${google_compute_network.vertex_network.name}" encryption_spec { kms_key_name = "kms-name" } depends_on = [ google_service_networking_connection.vertex_vpc_connection ] }

resource "google_service_networking_connection" "vertex_vpc_connection" { network = google_compute_network.vertex_network.id service = "servicenetworking.googleapis.com" reserved_peering_ranges = [google_compute_global_address.vertex_range.name] }

resource "google_compute_global_address" "vertex_range" { name = "address-name" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 24 network = google_compute_network.vertex_network.id }

resource "google_compute_network" "vertex_network" { name = "network-name" }

resource "google_kms_crypto_key_iam_member" "crypto_key" { crypto_key_id = "kms-name" role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-aiplatform.iam.gserviceaccount.com" }

data "google_project" "project" {}

resource "google_vertex_ai_endpoint_iam_member" "member" { project = google_vertex_ai_endpoint.endpoint.project location = google_vertex_ai_endpoint.endpoint.location endpoint = google_vertex_ai_endpoint.endpoint.name role = "roles/viewer" member = "user:XXXXXX" }`

MoeAlkhalkhali commented 4 months ago

Looking into the repository it looks like there is no codefor the google_vertex_ai_endpoint_iam_member

https://github.com/hashicorp/terraform-provider-google/tree/main/google/services/vertexai

ggtisc commented 4 months ago

Confirmed issue!

Using both provider versions together as in terraform registry causes the following error:

│ Error: Invalid resource type
│ 
│   on main.tf line 15, in resource "google_vertex_ai_endpoint_iam_member" "member":
│   15: resource "google_vertex_ai_endpoint_iam_member" "member" {
│ 
│ The provider hashicorp/google does not support resource type "google_vertex_ai_endpoint_iam_member".

It just can be avoided with this configuration:

provider "google" {
  project = "my-project"
}

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google-beta"
      version = "5.33.0"
    }
  }
}

But according to the documentation it should work with both configurations.

MoeAlkhalkhali commented 4 months ago

Hi @ggtisc , thanks for the information, explicitly specifying the module in the resource block seems to fix the issue

drussov commented 4 months ago

I have the same issue. I have explicitly fixed provider version (version = "5.33.0"). However I'm getting the same error:

│ Error: Invalid resource type
│
│   on modules\services\indexer\vertexai.tf line 14, in resource "google_vertex_ai_endpoint_iam_member" "predictor":
│   14: resource "google_vertex_ai_endpoint_iam_member" "predictor" {
│
│ The provider hashicorp/google does not support resource type "google_vertex_ai_endpoint_iam_member".

hashicorp / terraform-provider-google