Closed via-justa closed 1 year ago
Terraform v1.3.3 on darwin_arm64 + provider registry.terraform.io/hashicorp/googleworkspace v0.7.0
data.googleworkspace_user
terraform { required_providers { googleworkspace = { source = "hashicorp/googleworkspace" version = "0.7.0" } } } provider "googleworkspace" { customer_id = "xxxxxxxx" credentials = "key.json" oauth_scopes = [ "https://www.googleapis.com/auth/admin.directory.user", "https://www.googleapis.com/auth/admin.directory.userschema", ] } data "googleworkspace_user" "user" { primary_email = "user@domain.com" } output "custom_schemas" { value = data.googleworkspace_user.user.custom_schemas }
User is returned with custom schema
The service account have both scopes set. Call to retrieve user works Call to retrieve custom scheme fails with googleapi: Error 403: Not Authorized to access this resource/api, forbidden
googleapi: Error 403: Not Authorized to access this resource/api, forbidden
---[ REQUEST ]--------------------------------------- GET /admin/directory/v1/customer/xxxxxxxx/schemas/Employee_Information?alt=json&prettyPrint=false HTTP/1.1 Host: admin.googleapis.com User-Agent: google-api-go-client/0.5 X-Goog-Api-Client: gl-go/1.16.2 gdcl/0.79.0 Accept-Encoding: gzip -----------------------------------------------------: timestamp=2022-10-28T13:48:56.434+0200 2022-10-28T13:48:56.626+0200 [INFO] provider.terraform-provider-googleworkspace: 2022/10/28 13:48:56 [DEBUG] Google Workspace API Response Details: ---[ RESPONSE ]-------------------------------------- HTTP/2.0 403 Forbidden Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Cache-Control: private Content-Type: application/json; charset=UTF-8 Date: Fri, 28 Oct 2022 11:48:56 GMT Server: ESF Vary: Origin Vary: X-Origin Vary: Referer X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { "error": { "code": 403, "message": "Not Authorized to access this resource/api", "errors": [ { "message": "Not Authorized to access this resource/api", "domain": "global", "reason": "forbidden" } ] } }
Please list the steps required to reproduce the issue, for example:
terraform apply
Running the code from a local Mac M1 computer. User have 1 custom schema
Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example: Couldn't locate any that fully match
was missing impersonated_user_email
impersonated_user_email
Terraform Version
Affected Resource(s)
data.googleworkspace_user
Terraform Configuration Files
Expected Behavior
User is returned with custom schema
Actual Behavior
The service account have both scopes set. Call to retrieve user works Call to retrieve custom scheme fails with
googleapi: Error 403: Not Authorized to access this resource/api, forbidden
Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
terraform apply
Important Factoids
Running the code from a local Mac M1 computer. User have 1 custom schema
References
Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example: Couldn't locate any that fully match