terraform-provider-google: google_project throws an error if org policy skipDefaultNetworkCreation is enforced

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave “+1” or “me too” comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
If an issue is assigned to the “modular-magician” user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to “hashibot”, a community member has claimed the issue already.

Terraform Version

Terraform v0.11.13
+ provider.google v2.5.1
+ provider.random v2.1.2

Affected Resource(s)

google_project

Terraform Configuration Files

resource "random_integer" "random" {
  max = 2000
  min = 1000
}
variable "credentials" {
  default = "credentials.json"
}

provider "google" {
  version     = "~> 2.2"
  credentials = "${file("${var.credentials}")}"
}

resource "google_project" "main" {
  name = "myproject"
  project_id = "myproject-${random_integer.random.id}"
  folder_id = "<set your folder>"
  auto_create_network = false
  billing_account = "<Set your billing account?"
}

Debug Output

Panic Output

Expected Behavior

Project without default network should be created.

Actual Behavior

Project is created with the following error

1 error(s) occurred:

* google_project.main: 1 error(s) occurred:
* google_project.main: Error deleting default network in project myproject-1285: Error deleting network: googleapi: Error 404: The resource 'projects/myproject-1285/global/networks/default' was not found, notFound

Steps to Reproduce

terraform apply

Important Factoids

Very important! In order to reproduce this issue you need to do:

Set organization policy constraints/compute.skipDefaultNetworkCreation to Enforced either on org level or on the folder level
Set auto_create_network = false

References

#0000

About this issue

Original URL
State: closed
Created 5 years ago
Comments: 18 (9 by maintainers)

Commits related to this issue

Catch 404s when deleting default networks. As seen in terraform-providers/terraform-provider-google#3582, it is now possible to set an organization policy that removes the default network from a proj... — committed to hashicorp/magic-modules by paddycarver 5 years ago
Catch 404s when deleting default networks. As seen in terraform-providers/terraform-provider-google#3582, it is now possible to set an organization policy that removes the default network from a proj... — committed to hashicorp/magic-modules by paddycarver 5 years ago

Most upvoted comments

I just ran into this as well. Removing auto_create_network or setting it to true does in fact work in this situation. I just think this should be handled by the google_project resource so that when auto_create_network is false, instead of trying to delete a default network that doesn’t exist, simply consider it success that the default network does in fact not exist.

bbrouwer on May 23, 2019

@eriksw we will leave this bug open until you don’t have to use "auto_create_network": true or omit it from your config as a work around.

chrisst on Jan 13, 2020

I’ll take a look!

paddycarver on Aug 20, 2019

@paddycarver I’m still seeing this error occur with v2.13.0:

Terraform version:

[root@ddf76968e6b8 setup]# terraform version
Terraform v0.12.6
+ provider.google v2.13.0
+ provider.google-beta v2.13.0
+ provider.null v2.1.2
+ provider.random v2.1.2

Error:

Error: Error deleting default network in project ci-network-b0ad: Error deleting network: googleapi: Error 404: The resource 'projects/ci-network-b0ad/global/networks/default' was not found, notFound

morgante on Aug 20, 2019