victorgetz
commented
1 year ago Error which i see:
│ Error: unable to query roles: Action Forbidden, error message: {"error":{"code":403,"message":"Policy doesn't allow iam:roles:listRoles to be performed.","title":"Forbidden"}}
│
│ with module.vaultkeys_bucket.data.opentelekomcloud_identity_role_v3.obs_read_role,
│ on .terraform/modules/vaultkeys_bucket/modules/obs_restricted/group.tf line 9, in data "opentelekomcloud_identity_role_v3" "obs_read_role":
│ 9: data "opentelekomcloud_identity_role_v3" "obs_read_role" {
│ If i set the unscoped token this resource works but then i get this error:
│ Error: error creating OpenTelekomCloud KMSv1 client: No suitable endpoint could be found in the service catalog.
│
│ with module.encyrpted_secrets_bucket.opentelekomcloud_kms_key_v1.encrypted_secrets_key,
│ on .terraform/modules/encyrpted_secrets_bucket/modules/obs_secrets_writer/main.tf line 5, in resource "opentelekomcloud_kms_key_v1" "encrypted_secrets_key":
│ 5: resource "opentelekomcloud_kms_key_v1" "encrypted_secrets_key" {
│ 
Ninja243
bbung
I discovered when you use the terraform with the top level project like this:
I will give some error since the scoped token for eu-de does not include the _secuadmin role.
If i use the unscoped token it works but i get problems with KMS Key creation. If i use AK/SK everything works perfect.