search

terraform-google-modules / terraform-google-project-factory

Creates an opinionated Google Cloud project by using Shared VPC, IAM, and Google Cloud APIs
https://registry.terraform.io/modules/terraform-google-modules/project-factory/google
Apache License 2.0
826 stars 535 forks source link

Errors attempting to run gke_shared_vpc_subnets example #384

Closed trodge closed 4 years ago

trodge commented 4 years ago

Attempting to apply the example gke_shared_vpc I encountered the following errors:

thomasrodgers@thomasrodgers2:~/Code/terraform-google-project-factory/examples/gke_shared_vpc$ terraform apply
var.billing_account
  billing account

  Enter a value: *Value Hidden*

var.credentials_path
  Path to a Service Account credentials file with permissions documented in the readme

  Enter a value: key.json

var.org_id
  organization id

  Enter a value: *Value Hidden*

var.shared_vpc
  The ID of the host project which hosts the shared VPC

  Enter a value: thomasrodgers-host

Error: Error in function call

  on ../../modules/core_project_factory/main.tf line 300, in resource "google_compute_subnetwork_iam_member" "service_account_role_to_vpc_subnets":
 300:     index(
 301: 
 302: 
 303: 
    |----------------
    | count.index is 0
    | var.shared_vpc_subnets is list of string with 1 element

Call to function "index" failed: item not found.

Error: Error in function call

  on ../../modules/core_project_factory/main.tf line 308, in resource "google_compute_subnetwork_iam_member" "service_account_role_to_vpc_subnets":
 308:     index(split("/", var.shared_vpc_subnets[count.index]), "regions") + 1,
    |----------------
    | count.index is 0
    | var.shared_vpc_subnets is list of string with 1 element

Call to function "index" failed: item not found.

Error: Error in function call

  on ../../modules/core_project_factory/main.tf line 346, in resource "google_compute_subnetwork_iam_member" "apis_service_account_role_to_vpc_subnets":
 346:     index(
 347: 
 348: 
 349: 
    |----------------
    | count.index is 0
    | var.shared_vpc_subnets is list of string with 1 element

Call to function "index" failed: item not found.

Error: Error in function call

  on ../../modules/core_project_factory/main.tf line 354, in resource "google_compute_subnetwork_iam_member" "apis_service_account_role_to_vpc_subnets":
 354:     index(split("/", var.shared_vpc_subnets[count.index]), "regions") + 1,
    |----------------
    | count.index is 0
    | var.shared_vpc_subnets is list of string with 1 element

Call to function "index" failed: item not found.

Error: Error in function call

  on ../../modules/core_project_factory/main.tf line 435, in resource "google_compute_subnetwork_iam_member" "gke_shared_vpc_subnets":
 435:     index(
 436: 
 437: 
 438: 
    |----------------
    | count.index is 0
    | var.shared_vpc_subnets is list of string with 1 element

Call to function "index" failed: item not found.

Error: Error in function call

  on ../../modules/core_project_factory/main.tf line 443, in resource "google_compute_subnetwork_iam_member" "gke_shared_vpc_subnets":
 443:     index(split("/", var.shared_vpc_subnets[count.index]), "regions") + 1,
    |----------------
    | count.index is 0
    | var.shared_vpc_subnets is list of string with 1 element

Call to function "index" failed: item not found.
morgante commented 4 years ago

Sorry for the issue! Can you try changing this line and seeing if it fixes your issue?

  default     = null
trodge commented 4 years ago

Same errors:

Error: Invalid function argument

  on ../../modules/core_project_factory/main.tf line 280, in resource "google_project_iam_member" "controlling_group_vpc_membership":
 280:   count = var.shared_vpc_enabled && length(var.shared_vpc_subnets) == 0 ? local.shared_vpc_users_length : 0
    |----------------
    | var.shared_vpc_subnets is null

Invalid value for "value" parameter: argument must not be null.

Error: Invalid function argument

  on ../../modules/core_project_factory/main.tf line 296, in resource "google_compute_subnetwork_iam_member" "service_account_role_to_vpc_subnets":
 296:   count    = var.shared_vpc_enabled && length(var.shared_vpc_subnets) > 0 ? length(var.shared_vpc_subnets) : 0
    |----------------
    | var.shared_vpc_subnets is null

Invalid value for "value" parameter: argument must not be null.

Error: Invalid function argument

  on ../../modules/core_project_factory/main.tf line 320, in resource "google_compute_subnetwork_iam_member" "group_role_to_vpc_subnets":
 320:   count = var.shared_vpc_enabled && length(var.shared_vpc_subnets) > 0 && var.manage_group ? length(var.shared_vpc_subnets) : 0
    |----------------
    | var.shared_vpc_subnets is null

Invalid value for "value" parameter: argument must not be null.

Error: Invalid function argument

  on ../../modules/core_project_factory/main.tf line 343, in resource "google_compute_subnetwork_iam_member" "apis_service_account_role_to_vpc_subnets":
 343:   count = var.shared_vpc_enabled && length(var.shared_vpc_subnets) > 0 ? length(var.shared_vpc_subnets) : 0
    |----------------
    | var.shared_vpc_subnets is null

Invalid value for "value" parameter: argument must not be null.

Error: Invalid function argument

  on ../../modules/core_project_factory/main.tf line 432, in resource "google_compute_subnetwork_iam_member" "gke_shared_vpc_subnets":
 432:   count    = local.gke_shared_vpc_enabled && length(var.shared_vpc_subnets) != 0 ? length(var.shared_vpc_subnets) : 0
    |----------------
    | var.shared_vpc_subnets is null

Invalid value for "value" parameter: argument must not be null.

thomasrodgers@thomasrodgers2:~/Code/terraform-google-project-factory/examples/gke_shared_vpc$
morgante commented 4 years ago

That's unfortunate. Can you try this:

  default     = []
trodge commented 4 years ago

That got me to the next error:

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # module.project-factory.module.project-factory.data.null_data_source.default_service_account will be read during apply
  # (config refers to values not yet known)
 <= data "null_data_source" "default_service_account"  {
      + has_computed_default = (known after apply)
      + id                   = (known after apply)
      + inputs               = {
          + "email" = (known after apply)
        }
      + outputs              = (known after apply)
      + random               = (known after apply)
    }

  # module.project-factory.module.project-factory.google_compute_shared_vpc_service_project.shared_vpc_attachment[0] will be created
  + resource "google_compute_shared_vpc_service_project" "shared_vpc_attachment" {
      + host_project    = "thomasrodgers-host"
      + id              = (known after apply)
      + service_project = (known after apply)
    }

  # module.project-factory.module.project-factory.google_project.main will be created
  + resource "google_project" "main" {
      + auto_create_network = false
      + billing_account     = "<deleted>"
      + folder_id           = (known after apply)
      + id                  = (known after apply)
      + name                = "sample-gke-shared-project"
      + number              = (known after apply)
      + org_id              = "<removed>"
      + project_id          = (known after apply)
      + skip_delete         = (known after apply)
    }

  # module.project-factory.module.project-factory.google_project_iam_member.controlling_group_vpc_membership[0] will be created
  + resource "google_project_iam_member" "controlling_group_vpc_membership" {
      + etag    = (known after apply)
      + id      = (known after apply)
      + member  = (known after apply)
      + project = "thomasrodgers-host"
      + role    = "roles/compute.networkUser"
    }

  # module.project-factory.module.project-factory.google_project_iam_member.controlling_group_vpc_membership[1] will be created
  + resource "google_project_iam_member" "controlling_group_vpc_membership" {
      + etag    = (known after apply)
      + id      = (known after apply)
      + member  = (known after apply)
      + project = "thomasrodgers-host"
      + role    = "roles/compute.networkUser"
    }

  # module.project-factory.module.project-factory.google_project_iam_member.controlling_group_vpc_membership[2] will be created
  + resource "google_project_iam_member" "controlling_group_vpc_membership" {
      + etag    = (known after apply)
      + id      = (known after apply)
      + member  = (known after apply)
      + project = "thomasrodgers-host"
      + role    = "roles/compute.networkUser"
    }

  # module.project-factory.module.project-factory.google_project_iam_member.controlling_group_vpc_membership[3] will be created
  + resource "google_project_iam_member" "controlling_group_vpc_membership" {
      + etag    = (known after apply)
      + id      = (known after apply)
      + member  = (known after apply)
      + project = "thomasrodgers-host"
      + role    = "roles/compute.networkUser"
    }

  # module.project-factory.module.project-factory.google_project_iam_member.gke_host_agent[0] will be created
  + resource "google_project_iam_member" "gke_host_agent" {
      + etag    = (known after apply)
      + id      = (known after apply)
      + member  = (known after apply)
      + project = "thomasrodgers-host"
      + role    = "roles/container.hostServiceAgentUser"
    }

  # module.project-factory.module.project-factory.google_service_account.default_service_account will be created
  + resource "google_service_account" "default_service_account" {
      + account_id   = "project-service-account"
      + display_name = "sample-gke-shared-project Project Service Account"
      + email        = (known after apply)
      + id           = (known after apply)
      + name         = (known after apply)
      + project      = (known after apply)
      + unique_id    = (known after apply)
    }

  # module.project-factory.module.project-factory.null_resource.preconditions will be created
  + resource "null_resource" "preconditions" {
      + id       = (known after apply)
      + triggers = {
          + "billing_account"  = "<deleted>"
          + "credentials_path" = "key.json"
          + "folder_id"        = ""
          + "org_id"           = "<org_id>"
          + "shared_vpc"       = "thomasrodgers-host"
        }
    }

  # module.project-factory.module.project-factory.random_id.random_project_id_suffix will be created
  + resource "random_id" "random_project_id_suffix" {
      + b64         = (known after apply)
      + b64_std     = (known after apply)
      + b64_url     = (known after apply)
      + byte_length = 2
      + dec         = (known after apply)
      + hex         = (known after apply)
      + id          = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_delete.random_id.cache will be created
  + resource "random_id" "cache" {
      + b64         = (known after apply)
      + b64_std     = (known after apply)
      + b64_url     = (known after apply)
      + byte_length = 4
      + dec         = (known after apply)
      + hex         = (known after apply)
      + id          = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_deprivilege.random_id.cache will be created
  + resource "random_id" "cache" {
      + b64         = (known after apply)
      + b64_std     = (known after apply)
      + b64_url     = (known after apply)
      + byte_length = 4
      + dec         = (known after apply)
      + hex         = (known after apply)
      + id          = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_disable.null_resource.copy[0] will be created
  + resource "null_resource" "copy" {
      + id       = (known after apply)
      + triggers = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_disable.null_resource.decompress[0] will be created
  + resource "null_resource" "decompress" {
      + id       = (known after apply)
      + triggers = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_disable.null_resource.decompress_destroy[0] will be created
  + resource "null_resource" "decompress_destroy" {
      + id       = (known after apply)
      + triggers = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_disable.null_resource.run_command[0] will be created
  + resource "null_resource" "run_command" {
      + id       = (known after apply)
      + triggers = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_disable.null_resource.upgrade[0] will be created
  + resource "null_resource" "upgrade" {
      + id       = (known after apply)
      + triggers = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_disable.null_resource.upgrade_destroy[0] will be created
  + resource "null_resource" "upgrade_destroy" {
      + id       = (known after apply)
      + triggers = (known after apply)
    }

  # module.project-factory.module.project-factory.module.gcloud_disable.random_id.cache will be created
  + resource "random_id" "cache" {
      + b64         = (known after apply)
      + b64_std     = (known after apply)
      + b64_url     = (known after apply)
      + byte_length = 4
      + dec         = (known after apply)
      + hex         = (known after apply)
      + id          = (known after apply)
    }

  # module.project-factory.module.project-factory.module.project_services.google_project_service.project_services["cloudbilling.googleapis.com"] will be created
  + resource "google_project_service" "project_services" {
      + disable_dependent_services = true
      + disable_on_destroy         = true
      + id                         = (known after apply)
      + project                    = (known after apply)
      + service                    = "cloudbilling.googleapis.com"
    }

  # module.project-factory.module.project-factory.module.project_services.google_project_service.project_services["compute.googleapis.com"] will be created
  + resource "google_project_service" "project_services" {
      + disable_dependent_services = true
      + disable_on_destroy         = true
      + id                         = (known after apply)
      + project                    = (known after apply)
      + service                    = "compute.googleapis.com"
    }

  # module.project-factory.module.project-factory.module.project_services.google_project_service.project_services["container.googleapis.com"] will be created
  + resource "google_project_service" "project_services" {
      + disable_dependent_services = true
      + disable_on_destroy         = true
      + id                         = (known after apply)
      + project                    = (known after apply)
      + service                    = "container.googleapis.com"
    }

Plan: 22 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

module.project-factory.module.project-factory.null_resource.preconditions: Creating...
module.project-factory.module.project-factory.module.gcloud_disable.random_id.cache: Creating...
module.project-factory.module.project-factory.random_id.random_project_id_suffix: Creating...
module.project-factory.module.project-factory.module.gcloud_deprivilege.random_id.cache: Creating...
module.project-factory.module.project-factory.module.gcloud_delete.random_id.cache: Creating...
module.project-factory.module.project-factory.null_resource.preconditions: Provisioning with 'local-exec'...
module.project-factory.module.project-factory.random_id.random_project_id_suffix: Creation complete after 0s [id=mjo]
module.project-factory.module.project-factory.module.gcloud_disable.random_id.cache: Creation complete after 0s [id=Ip4Ubw]
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Executing: ["pip3" "install" "-r" "/usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt"]
module.project-factory.module.project-factory.module.gcloud_delete.random_id.cache: Creation complete after 0s [id=Rwhm3Q]
module.project-factory.module.project-factory.module.gcloud_deprivilege.random_id.cache: Creation complete after 0s [id=b63_9A]
module.project-factory.module.project-factory.module.gcloud_disable.null_resource.upgrade_destroy[0]: Creating...
module.project-factory.module.project-factory.module.gcloud_disable.null_resource.upgrade_destroy[0]: Creation complete after 0s [id=413536097308901372]
module.project-factory.module.project-factory.module.gcloud_disable.null_resource.decompress_destroy[0]: Creating...
module.project-factory.module.project-factory.module.gcloud_disable.null_resource.decompress_destroy[0]: Creation complete after 0s [id=3401050141008955475]
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: google-api-python-client~=1.7 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from -r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 1)) (1.7.11)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: google-auth~=1.6 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from -r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 2)) (1.11.2)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: requests~=2.22 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from -r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 3)) (2.23.0)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: httplib2<1dev,>=0.9.2 in /usr/lib/python3/dist-packages (from google-api-python-client~=1.7->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 1)) (0.11.3)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: six<2dev,>=1.6.1 in /usr/lib/python3/dist-packages (from google-api-python-client~=1.7->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 1)) (1.12.0)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: google-auth-httplib2>=0.0.3 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from google-api-python-client~=1.7->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 1)) (0.0.3)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: uritemplate<4dev,>=3.0.0 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from google-api-python-client~=1.7->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 1)) (3.0.1)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: cachetools<5.0,>=2.0.0 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from google-auth~=1.6->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 2)) (4.0.0)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: setuptools>=40.3.0 in /usr/lib/python3/dist-packages (from google-auth~=1.6->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 2)) (41.2.0)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: rsa<4.1,>=3.1.4 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from google-auth~=1.6->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 2)) (4.0)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: pyasn1-modules>=0.2.1 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from google-auth~=1.6->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 2)) (0.2.8)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: urllib3!=1.25.0,!=1.25.1,<1.26,>=1.21.1 in /usr/lib/python3/dist-packages (from requests~=2.22->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 3)) (1.24.1)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: idna<3,>=2.5 in /usr/lib/python3/dist-packages (from requests~=2.22->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 3)) (2.6)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: certifi>=2017.4.17 in /usr/lib/python3/dist-packages (from requests~=2.22->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 3)) (2018.8.24)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: chardet<4,>=3.0.2 in /usr/lib/python3/dist-packages (from requests~=2.22->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 3)) (3.0.4)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Requirement already satisfied: pyasn1>=0.1.3 in /usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages (from rsa<4.1,>=3.1.4->google-auth~=1.6->-r /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/requirements.txt (line 2)) (0.4.8)
module.project-factory.module.project-factory.null_resource.preconditions: Provisioning with 'local-exec'...
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Executing: ["/bin/sh" "-c" "python3 /usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/preconditions.py --billing_account=\--credentials_path=\"key.json\" --folder_id=\"\" --impersonate_service_account=\"\" --org_id= --shared_vpc=\"thomasrodgers-host\" "]
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Traceback (most recent call last):
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):   File "/usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/preconditions.py", line 493, in <module>
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):     retcode = main(sys.argv)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):   File "/usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/preconditions.py", line 475, in main
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):     results.append(validator.validate(credentials))
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):   File "/usr/local/google/home/thomasrodgers/Code/terraform-google-project-factory/examples/gke_shared_vpc/../../modules/core_project_factory/scripts/preconditions/preconditions.py", line 145, in validate
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):     response = request.execute()
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):   File "/usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages/googleapiclient/_helpers.py", line 130, in positional_wrapper
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):     return wrapped(*args, **kwargs)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):   File "/usr/local/google/home/thomasrodgers/.local/lib/python3.7/site-packages/googleapiclient/http.py", line 856, in execute
module.project-factory.module.project-factory.null_resource.preconditions (local-exec):     raise HttpError(resp, content, uri=self.uri)
module.project-factory.module.project-factory.null_resource.preconditions (local-exec): googleapiclient.errors.HttpError: <HttpError 400 when requesting https://cloudresourcemanager.googleapis.com/v1/organizations/%5C128653134652:testIamPermissions?alt=json returned "Request contains an invalid argument.". Details: "[{'@type': 'type.googleapis.com/google.rpc.DebugInfo', 'detail': '[ORIGINAL ERROR] generic::invalid_argument: com.google.apps.framework.request.BadRequestException: Invalid organization resource name: organizations/\\128653134652'}]">

module.project-factory.module.project-factory.null_resource.preconditions: Creation complete after 4s [id=5483468419683519774]
module.project-factory.module.project-factory.google_project.main: Creating...

Error: error creating project sample-gke-shared-project-9a3a (sample-gke-shared-project): googleapi: Error 400: field [parent] has issue [Parent id must be numeric.], badRequest. If you received a 403 error, make sure you have the `roles/resourcemanager.projectCreator` permission

  on ../../modules/core_project_factory/main.tf line 96, in resource "google_project" "main":
  96: resource "google_project" "main" {
morgante commented 4 years ago

The org_id you supplied looks incorrect:

  + resource "google_project" "main" {
      + auto_create_network = false
      + billing_account     = "019970-D6BDB5-6AF850"
      + folder_id           = (known after apply)
      + id                  = (known after apply)
      + name                = "sample-gke-shared-project"
      + number              = (known after apply)
      + org_id              = "\\128653134652"
      + project_id          = (known after apply)
      + skip_delete         = (known after apply)
    }

Make sure the org_id is only the numeric org ID.

trodge commented 4 years ago

It looks like I had quotes around the org_id. Removing the quotes appears to make the module work again.