search

microsoft / terraform-provider-fabric

Terraform Provider for Microsoft Fabric
https://registry.terraform.io/providers/microsoft/fabric
Mozilla Public License 2.0
22 stars 4 forks source link

[bug] Permissions to access fabric_workspace #88

Open GiulioMezzotero opened 1 day ago

GiulioMezzotero commented 1 day ago

🐛 What happened?

Until the new release we could create workspaces associated with a fabric capacity with terraform but since the release of the new version (0.1.0-beta.5) we get this error:

│ Error: read operation │ │ with module.fabric_workspace.fabric_workspace.prod_workspace, │ on ../modules/fabric-workspace/main.tf line 1, in resource "fabric_workspace" "prod_workspace": │ 1: resource "fabric_workspace" "prod_workspace" { │ │ Could not read resource: The caller does not have sufficient permissions to access the requested resource

🔬 How to reproduce?

No response

🏗️ Code Sample / Log

No response

📷 Screenshots

No response

📈 Expected behavior

No response

🌌 Environment (Provider Version)

0.1.0-beta.5

🌌 Environment (Terraform Version)

1.9.8

🌌 Environment (OS)

Linux

📎 Additional context

No response

🔰 Code of Conduct

DariuszPorowski commented 1 day ago

Hi @GiulioMezzotero

I can't repro this error on the current or previous version and all test passing as well for that context.

May you share what authentication method do you use? I assume Service Principal, but I'd like to confirm.

In general, the error indicates that the principle used for authentication does not have permission to the workspace. You can check what access is assigned to the workspace in the workspace Manage access section. The principal should be listed there.

Image

GiulioMezzotero commented 1 day ago

Hi @DariuszPorowski, I am testing this locally by authenticating with my personal account. By logging into Fabric I can create a workspace manually so I don't think it's a permissions issue. In addition to that, I would like to create workspaces directly from terraform so I wouldn't even have to go and verify that I have access to the workspace because it shouldn't exist yet.

DariuszPorowski commented 14 hours ago

Hi @GiulioMezzotero

Can you provide more details (currently provided details are not sufficient to investigate the case) like

and what do you mean by "personal account"? This account type is not supported - only organizational (work) accounts.

p.s. Please make sure you redact all sensitive data from code/logs/etc before posting.