Regions issue - 404-NotAuthorizedOrNotFound, Authorization failed or requested resource not found.

[nugoncal]

Provider version: 4.78 Terraform version: v1.1.6

Executing terraform apply in Terraform CLI.

Yesterday, for the first time, we got a few errors when deploying an architecture which uses modules, when we are setting a region which is not the home region. For example, we are passing region = "sa-saopaulo-1", but home is "us-ashburn-1". Looks like in the module, the APIs being chosen are from the home region, instead of the desired region.

│ Error: 404-NotAuthorizedOrNotFound, Authorization failed or requested resource not found. │ Suggestion: Either the resource has been deleted or service Core Network Security Group need policy to access this resource. Policy reference: https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm │ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_network_security_group │ API Reference: https://docs.oracle.com/iaas/api/#/en/iaas/20160918/NetworkSecurityGroup/CreateNetworkSecurityGroup │ Request Target: POST https://iaas.us-ashburn-1.oraclecloud.com/20160918/networkSecurityGroups │ Provider version: 4.78.0, released on 2022-06-02. │ Service: Core Network Security Group │ Operation Name: CreateNetworkSecurityGroup │ OPC request ID: 0ff52d85c822881067ccb0e4277bb3ee/FB07F64431A061628849FF551AA66E0E/DC448FA18FF557FDD65B939748619F64 │ │ │ with module.oss-data-analytics.oci_core_network_security_group.LakehouseFSSSecurityGroup[0], │ on modules/oss-data-analytics/main.tf line 80, in resource "oci_core_network_security_group" "LakehouseFSSSecurityGroup": │ 80: resource "oci_core_network_security_group" "LakehouseFSSSecurityGroup" { │ ╵ ╷ │ Error: 400-InvalidParameter, Invalid Parameter │ Suggestion: Please update the parameter(s) in the Terraform config as per error message Invalid Parameter │ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/file_storage_file_system │ API Reference: https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/CreateFileSystem │ Request Target: POST https://filestorage.us-ashburn-1.oraclecloud.com/20171215/fileSystems │ Provider version: 4.78.0, released on 2022-06-02. │ Service: File Storage System │ Operation Name: CreateFileSystem │ OPC request ID: 446190fe207a4c988d20928615d75bc1/6EEF5194181A7B925C0B5B258D5915D3/78410F1F26581D3018D4C855E5F8CDEB │ │ │ with module.oss-data-analytics.oci_file_storage_file_system.LakehouseFilesystem[0], │ on modules/oss-data-analytics/main.tf line 252, in resource "oci_file_storage_file_system" "LakehouseFilesystem": │ 252: resource "oci_file_storage_file_system" "LakehouseFilesystem" { │ ╵ ╷ │ Error: 400-InvalidParameter, AvailabilityDomain could not be inferred from the Request │ Suggestion: Please update the parameter(s) in the Terraform config as per error message AvailabilityDomain could not be inferred from the Request │ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_instance │ API Reference: https://docs.oracle.com/iaas/api/#/en/iaas/20160918/Instance/LaunchInstance │ Request Target: POST https://iaas.us-ashburn-1.oraclecloud.com/20160918/instances │ Provider version: 4.78.0, released on 2022-06-02. │ Service: Core Instance │ Operation Name: LaunchInstance │ OPC request ID: 1faed5523b1019528f04f5048ad3cece/B78061A7AAC2D051F911DFEF4481CBE0/3DE41878120FF8D5440534C3AC0F2C31 │ │ │ with module.oss-data-analytics.oci_core_instance.analytics, │ on modules/oss-data-analytics/main.tf line 269, in resource "oci_core_instance" "analytics": │ 269: resource "oci_core_instance" "analytics" { │ ╵ ╷ │ Error: 400-InvalidParameter, AvailabilityDomain could not be inferred from the Request │ Suggestion: Please update the parameter(s) in the Terraform config as per error message AvailabilityDomain could not be inferred from the Request │ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_instance │ API Reference: https://docs.oracle.com/iaas/api/#/en/iaas/20160918/Instance/LaunchInstance │ Request Target: POST https://iaas.us-ashburn-1.oraclecloud.com/20160918/instances │ Provider version: 4.78.0, released on 2022-06-02. │ Service: Core Instance │ Operation Name: LaunchInstance │ OPC request ID: a2db06e6ba39b1dac194a11280d0ae35/746F5438B68DE2A4F5045E28058D350B/DB959F4FA73032DF3FD22508F772D7B0 │ │ │ with module.oss-data-analytics.oci_core_instance.bastion_instance[0], │ on modules/oss-data-analytics/main.tf line 364, in resource "oci_core_instance" "bastion_instance": │ 364: resource "oci_core_instance" "bastion_instance" { │ ╵ ╷ │ Error: 404-NotAuthorizedOrNotFound, Authorization failed or requested resource not found. │ Suggestion: Either the resource has been deleted or service Load Balancer need policy to access this resource. Policy reference: https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm │ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/load_balancer_load_balancer │ API Reference: │ Request Target: POST https://iaas.us-ashburn-1.oraclecloud.com/20170115/loadBalancers │ Provider version: 4.78.0, released on 2022-06-02. │ Service: Load Balancer │ Operation Name: CreateLoadBalancer │ OPC request ID: f61408cab3f1a2f91eb9c719ac0f14ea/7C049063EA8A451E68298247DC636822/0492141D306CF8DD6BA9CA928FA305E8 │ │ │ with module.oss-data-analytics.oci_load_balancer.lb01[0], │ on modules/oss-data-analytics/main.tf line 864, in resource "oci_load_balancer" "lb01": │ 864: resource "oci_load_balancer" "lb01" { │ ╵ ╷ │ Error: 404-NotAuthorizedOrNotFound, subnet with ID 'ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaadcxnijxaqpmzv4dhm6zrwwgolr74bxpgezosnvf6vixdf67ofonq' does not exist or you are not authorized to access it. │ Suggestion: Either the resource has been deleted or service Mysql Db System need policy to access this resource. Policy reference: https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm │ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/mysql_mysql_db_system │ API Reference: │ Request Target: POST https://mysql.us-ashburn-1.ocp.oraclecloud.com/20190415/dbSystems │ Provider version: 4.78.0, released on 2022-06-02. │ Service: Mysql Db System │ Operation Name: CreateDbSystem │ OPC request ID: 3ed62aacbbef4485385021d41aafaf58/FCA07424B5B43B40DDA49822FF11D86B/70BA465660CECB601FB9752CF9A07ED0 │ │ │ with module.mds-instance.oci_mysql_mysql_db_system.DBSystem, │ on .terraform/modules/mds-instance/mysql.tf line 9, in resource "oci_mysql_mysql_db_system" "DBSystem": │ 9: resource "oci_mysql_mysql_db_system" "DBSystem" { │

At the root level, we have the following code:

terraform { required_providers { oci = { source = "oracle/oci" } } }

provider "oci" { tenancy_ocid = var.tenancy_ocid region = var.region user_ocid = var.user_ocid fingerprint = var.fingerprint private_key_path = var.private_key_path }

provider "oci" { alias = "homeregion" tenancy_ocid = var.tenancy_ocid user_ocid = var.user_ocid fingerprint = var.fingerprint private_key_path = var.private_key_path region = data.oci_identity_region_subscriptions.home_region_subscriptions.region_subscriptions[0].region_name disable_auto_retries = "true" }

Example architecture where this happens: https://github.com/oracle-devrel/terraform-oci-arch-drupal

[ravinitp]

Thank you for reporting the issue. We observed the affected resources are not provided in the description or it's incorrect. We request you to add it in issue description as mentioned in below format. Example: affected_resources = oci_core_instance , oci_core_instances

If it's not related to any particular resource then mention affected resource as terraform. Example: affected_resources = terraform

As this works through automation, request you to follow exact syntax.

[wenzizone]

any updates on this, i have the same issues.