Closed ameyaptk closed 5 years ago
A debug log?..
The log enumerates the init, plan and apply processes. svc-proj.log
Also, one thing of note is that while using google_project_services
, the resource google_compute_shared_vpc_service_project
is not executed. This resource is used to attach a service-project to a host-project.
main.tf -
# Attach service project to host project
resource "google_compute_shared_vpc_service_project" "new_service_project" {
host_project = "${var.host_proj_id}"
service_project = "${google_project.project.project_id}"
}
Planned, but not executed
+ resource "google_compute_shared_vpc_service_project" "new_service_project" {
+ host_project = "proj-1b3843f3"
+ id = (known after apply)
+ service_project = "proj-3996e442"
}
Per the docs (https://www.terraform.io/docs/providers/google/r/google_project_services.html):
Note: This resource attempts to be the authoritative source on all enabled APIs, which often leads to conflicts when certain actions enable other APIs. If you do not need to ensure that exclusively a particular set of APIs are enabled, you should most likely use the google_project_service resource, one resource per API.
This tends to happen when a dependency isn't being enabled in the google_project_services
resource. I believe that the oslogin.googleapis.com
API is that dependency. Can you confirm whether the following list is stable if you apply it again?
~ services = [
"bigquery-json.googleapis.com",
"cloudbilling.googleapis.com",
"cloudresourcemanager.googleapis.com",
+ "compute.googleapis.com",
]
We'd expect to see the dependencies for compute.googleapis.com
enabled in the next apply after this.
If you're only interested in enabling individual services and not managing them authoritatively, try using google_project_service
instead.
Per the docs (https://www.terraform.io/docs/providers/google/r/google_project_services.html):
Note: This resource attempts to be the authoritative source on all enabled APIs, which often leads to conflicts when certain actions enable other APIs. If you do not need to ensure that exclusively a particular set of APIs are enabled, you should most likely use the google_project_service resource, one resource per API.
This tends to happen when a dependency isn't being enabled in the
google_project_services
resource. I believe that theoslogin.googleapis.com
API is that dependency. Can you confirm whether the following list is stable if you apply it again?~ services = [ "bigquery-json.googleapis.com", "cloudbilling.googleapis.com", "cloudresourcemanager.googleapis.com", + "compute.googleapis.com", ]
We'd expect to see the dependencies for
compute.googleapis.com
enabled in the next apply after this.If you're only interested in enabling individual services and not managing them authoritatively, try using
google_project_service
instead.
I was unable to re-run the plan as I got an error with google_compute_shared_vpc_service_project
resource saying that project/proj-3996e442
did not exist. I fail to understand how google_project_services
should affect google_compute_shared_vpc_service_project
I'm not sure! Can you isolate the resources and try again?
I had the same problem, following @rileykarson hint that it was due to dependencies being disabled I just added all the services that terraform plan
indicated would be disabled to the services list and now it works.
I'm going to close this out as stale & based on @RoGryza's success. If this reoccurs, please file a new issue or bump this one.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!
Community Note
Terraform Version
0.12.0
Affected Resource(s)
Terraform Configuration Files
Here is the snippet from
main.tf
which creates a resource project and enables API services on the project.main.tf
module is defined as:
The plan created is-
No errors are seen while applying.
Expected Behavior
We expect the 4 APIs above to be enabled on the project.
Actual Behavior
Only 3 (all except compute.googleapis.com) are enabled.
Important Factoids
Funny thing is if i run
plan
again right after theapply
above, it shows the following. Note the '+' next tocompute.googleapis.com
. Which means it was never applied?