Enhanced Linked Mode causing 400 Bad Request cloning vsphere_virtual_machine in Vmware 7

[jlouisfoster]

Community Guidelines

• [X] I have read and agree to the HashiCorp Community Guidelines .
• [X] Vote on this issue by adding a 👍 reaction to the original issue initial description to help the maintainers prioritize.
• [X] Do not leave "+1" or other comments that do not add relevant information or questions.
• [X] If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Terraform

1.6.3

Terraform Provider

2.5.1

VMware vSphere

v7.0.3

Description

I’m facing a strange error when trying to create my vms with Terraform in our new datacenter using the vsphere plugin. Attached is a screenshot of the default error.

I can confirm that this only occurred once Enhance Linked Mode was enable and prior all the vm creations running identical config/code worked successfully. Due to time constraints we have disabled enhanced linked mode and are currently no longer facing issues.

This sounds somewhat similar to the following issues/discussions:

• https://discuss.hashicorp.com/t/terraform-vcenter-issues/37074
• https://github.com/hashicorp/terraform-provider-vsphere/issues/1819

Affected Resources or Data Sources

vsphere virtual machine creation

Terraform Configuration

Any configuration to create a simple linux or windows vm

Debug Output

Debug output is in screenshot.

Panic Output

No response

Expected Behavior

Expected behaviour is the creation of the vm

Actual Behavior

Fails with the 400 bad request

Steps to Reproduce

1. Enable enhanced linked mode in VMware
2. Attempt to create a vm using Terraform and vmware provider (linux or windows)

Environment Details

No response

Screenshots

No response

References

No response

[github-actions[bot]]

Hello, jlouisfoster! 🖐

Thank you for submitting an issue for this provider. The issue will now enter into the issue lifecycle.

If you want to contribute to this project, please review the contributing guidelines and information on submitting pull requests.

[tenthirtyam]

Please refer to https://github.com/hashicorp/terraform-provider-vsphere/issues/1534.

[jlouisfoster]

Hi,

Thanks for the quick response.

I believe the suggestion is to create 2 unique accounts for each datacenter and reduce global permissions and apply roles/permissions at the vCenter Server level – to limit the scope and visibility of the account.

1. Is there a reference for the exact roles/permissions to set for each account that could be provided?
2. He mentioned that if terraform is interacting with the content library we need global permissions for content library for each account – can this be elaborated?
3. How does that enhancement affect the original issue – is the problem isolate to the datacenter_id parameter?