This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Error waiting for Create Service Networking Connection: Error code 7

Posted on 02-28-2024 07:25 AM
alebeta
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi Everyone,

I have been using successfully the following Terraform code to deploy databases on GCP

 

 

 

variable "db_machine_type" {
  type        = string
  description = "machine type for db instance"
}

variable "db_password" {
  description = "The password for the database"
  type        = string
  sensitive   = true
}

resource "google_compute_global_address" "private_ip_address" {
    provider      = google-beta
    name          = "${local.stage}-private-transit-ip"
    purpose       = "VPC_PEERING"
    address_type  = "INTERNAL"
    prefix_length = 24
    network       = google_compute_network.vpc.name
    project       = var.project_id
  }

resource "google_service_networking_connection" "private_vpc_connection" {
  provider                = google-beta
  network                 = google_compute_network.vpc.id
  service                 = "servicenetworking.googleapis.com"
  reserved_peering_ranges = [google_compute_global_address.private_ip_address.name]
}

resource "google_sql_database" "database" {
  name     = "${local.stage}-db"
  instance = google_sql_database_instance.default.name
}

resource "google_sql_database_instance" "default" {
  provider            = google-beta
  name                = "${local.stage}-instance"
  project             = var.project_id
  region              = var.region
  database_version    = "POSTGRES_14"
  deletion_protection = false

  depends_on = [
    google_service_networking_connection.private_vpc_connection,
  ]

  settings {
    tier = var.db_machine_type
    ip_configuration {
      ipv4_enabled                                  = false
      private_network                               = google_compute_network.vpc.id
      enable_private_path_for_google_cloud_services = true
      require_ssl                                   = false
    }
  }
}

resource "google_sql_user" "root" {
  name     = "user"
  instance = google_sql_database_instance.default.name
  password = var.db_password
}

 

 

 

But when applying from today started receiving the following error message

 

 

google_service_networking_connection.private_vpc_connection: Creating...
google_service_networking_connection.private_vpc_connection: Still creating... [10s elapsed]
╷
│ Error: Error waiting for Create Service Networking Connection: Error code 7, message: Permission denied on resource project 1029508354172.
│ Help Token: AX4KC-h9o8vNlPdEjJVx5sPVaS1EVogSUd9r8V6nEKutfx0r91IzqE5srpA9x06tpcBvxHO1ab5C2C-j_bUdUZdtmp_ikgryte7UNYlCpnwzw3gQ
│
│   with google_service_networking_connection.private_vpc_connection,
│   on database.tf line 21, in resource "google_service_networking_connection" "private_vpc_connection":
│   21: resource "google_service_networking_connection" "private_vpc_connection" {

 

 

I was surprise to see the error pointing to a project number which does not belong to me and is not the project I specified in my terraform.

In the internet I found someone else having the same issue since yesterday. But there is not solution to the problem
https://www.reddit.com/r/googlecloud/comments/1b18zd7/permission_denied_on_different_project_number/

If anyone can give me a hint on how to solve the issue will be much appreaciated.

Thanks in advance

 

2 3 2,102
Topic Labels
3 REPLIES 3
Top Labels in this Space
Top Solution Authors
View all