terraform – I want to clone Google Cloud Platform Cloud SQL between two different projects but got error 403 “The caller does not have permission”
Here below is my terraform source code
provider "google" {
project = var.preprod_id
region = var.reqion
}
provider "google" {
alias = "source"
project = var.prod_id
region = var.reqion
}
data "google_sql_database_instance" "source" {
provider = google.source
name = "plan-flow-db"
}
resource "google_sql_database_instance" "clone" {
provider = google
name = "cloned-plan-flow-db"
region = var.reqion
database_version = data.google_sql_database_instance.source.database_version
clone {
source_instance_name = data.google_sql_database_instance.source.name
}
}
I use IAM and with configuration like this below
preprod
- owner
- cloud sql admin
- cloud sql viewer
- cloud sql client
prod
- owner
- cloud sql admin
- cloud sql viewer
- cloud sql client
however I stuck at this error
╷
│ Error: Error, failed to create instance cloned-plan-flow-db: googleapi: Error 403: The caller does not have permission, forbidden
│
│ with google_sql_database_instance.clone,
│ on main.tf line 16, in resource "google_sql_database_instance" "clone":
│ 16: resource "google_sql_database_instance" "clone" {
│
╵
anyone have ever solve this problem?
Read more here: Source link