terraform-provider-google: Error on google_dns_record_set but ressource is created

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
  • Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment.
  • If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

Terraform v0.14.10
+ provider registry.terraform.io/hashicorp/google v3.66.1
+ provider registry.terraform.io/hashicorp/helm v2.1.1
+ provider registry.terraform.io/hashicorp/kubernetes v1.13.3
+ provider registry.terraform.io/hashicorp/null v3.1.0
+ provider registry.terraform.io/hashicorp/random v3.1.0
+ provider registry.terraform.io/hashicorp/template v2.2.0
+ provider registry.terraform.io/hashicorp/vault v2.19.0

Your version of Terraform is out of date! The latest version
is 0.15.1. You can update by downloading from https://www.terraform.io/downloads.html

Affected Resource(s)

  • google_dns_record_set

Terraform Configuration Files

provider "google" {
  alias = "lh"
  project = "project_id"
}

data "google_dns_managed_zone" "prod_public" {
  provider = google.lh
  name = "myzone"
}


resource "google_dns_record_set" "jenkins_hostname" {
  provider = google.lh
  name = "jenkins.${data.google_dns_managed_zone.prod_public.dns_name}"
  type = "A"
  ttl  = 300

  managed_zone = data.google_dns_managed_zone.prod_public.name

  rrdatas = [google_compute_global_address.jenkins_ip.address]
}

Expected Behavior

No Error and my record set is present on my gcp console.

# google_dns_record_set.jenkins_hostname will be created
  + resource "google_dns_record_set" "jenkins_hostname" {
      + id           = (known after apply)
      + managed_zone = "my-zone"
      + name         = "jenkins.xxxxx."
      + project      = (known after apply)
      + rrdatas      = [
          + "35.xxx.xxx.xx",
        ]
      + ttl          = 300
      + type         = "A"
    }

Actual Behavior

Error: Error when reading or editing DNSResourceDnsRecordSet "projects/my-project/managedZones/myzone/rrsets/jenkins.xxxxxxx./A": googleapi: Error 403: Forbidden, forbidden

  on dns.tf line 12, in resource "google_dns_record_set" "jenkins_hostname":
  12: resource "google_dns_record_set" "jenkins_hostname" {

But when i check on my gcp console my record set is present.

RecordSet List:

gcloud dns record-sets list --zone=my-zone --project=my-project
jenkins.xxxxxxx.  A     300    35.xxx.xxx.xx

Steps to Reproduce

  1. terraform apply

Important Factoids

I opened an issue #9016 and i tried new provider version(3.66.1), but i have still problem. Can you help me?

References

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Reactions: 1
  • Comments: 30

Most upvoted comments

@thnee the fix will be in v3.67.0 based on

https://github.com/hashicorp/terraform-provider-google/pull/9102/files

+2
edwardmedia on May 7, 2021

@thnee if you want u can change version to 3.63.0 like that:

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "3.63.0"
    }
  }
}

version 3.63.0 is the latest version without the dns problem. That change solved my problem while waiting for the new release.

+1
tyki6 on May 7, 2021
Read more comments on GitHub
← terraform-provider-google: Error installing provider "google"
terraform-provider-google: Error: Provider produced inconsistent final plan →