terraform-provider-oci icon indicating copy to clipboard operation
terraform-provider-oci copied to clipboard

Published 20 hours ago verified publisher icon oracle

404-NotAuthorizedOrNotFound while creating Instance

Open ashishrah2611 opened this issue 2 years ago • 12 comments

Error:

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve.

Enter a value: yes

oci_core_instance.test_instance[0]: Creating... ╷ │ Error: 404-NotAuthorizedOrNotFound │ Provider version: 4.61.0, released on 2022-01-26.
│ Service: Core Instance │ Error Message: Authorization failed or requested resource not found. │ OPC request ID: 1b42d32018453a4ce9ad7ab109fd57a6/B3A8AFCEB7C20E221594D44F8BD1BE2F/1731C4D1F61555671EF5579CD06│ Suggestion: Either the resource has been deleted or service Core Instance need policy to access this resource. Policy reference: https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm │ │ │ with oci_core_instance.test_instance[0], │ on ocienv.tf line 110, in resource "oci_core_instance" "test_instance": │ 110: resource "oci_core_instance" "test_instance" { │ ╵

############VERSION######### PS C:\tfoci> terraform -v Terraform v1.1.4 on windows_amd64

  • provider registry.terraform.io/hashicorp/oci v4.61.0
  • provider registry.terraform.io/hashicorp/opc v1.4.1 PS C:\tfoci>

####Mine .tf#################

terraform { required_providers { oci = { source = "hashicorp/oci" version = "4.61.0" } } } variable "tenancy_ocid" { default = "ocid1.tenancy.oc1..a:::::::::::::::::::::::::::::::::::::::::mowcq" }

variable "user_ocid" { default = "ocid1.user.oc1..::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::h3ckq" }

variable "fingerprint" { default = "e5:94:f8:ba:e4:1a:f7:64:87:c2:20:08:8b:d5:13:78" }

variable "private_key_path" { default = "C:\tfoci\oracleidentitycloudservice_ashish.rahangdale-01-31-10-37.pem" }

variable "region" { default = "ap-seoul-1" }

variable "compartment_ocid" { default = "ocid1.compartment.oc1..:::::::::::::::::::::::::::::::::::::::::::::::::::qz4qqqfjzq" }

variable "subnet_ocid" { default = "ocid1.subnet.oc1.ap-seoul-1.::::::::::::::::::::::::::::::::::::::::::::::::::::::::ka" }

/* variable "ssh_public_key" { }

variable "ssh_private_key" { } */ provider "oci" { tenancy_ocid = var.tenancy_ocid user_ocid = var.user_ocid fingerprint = var.fingerprint private_key_path = var.private_key_path region = var.region }

data "oci_identity_availability_domain" "ad"{ compartment_id = var.tenancy_ocid ad_number = 1 }

data "oci_objectstorage_namespace" "ns" {}

Defines the number of instances to deploy

variable "num_instances" { default = "1" } variable "num_iscsi_volumes_per_instance" { default = "1" }

variable "num_paravirtualized_volumes_per_instance" { default = "2" }

variable "instance_shape" { default = "VM.Standard.E2.1.Micro" }

variable "instance_ocpus" { default = 1 }

variable "instance_shape_config_memory_in_gbs" { default = 1 }

variable "instance_image_ocid" { type = map(string)

default = { # See https://docs.us-phoenix-1.oraclecloud.com/images/ # https://docs.oracle.com/en-us/iaas/images/image/c918702c-8d3a-4895-a5f5-2e953eac4087/ # Oracle-provided image "Oracle-Linux-7.5-2018.10.16-0" ap-seoul-1 = "oci1.image.oc1.ap-seoul-1.aaaaaaaacd2rve4fvn5hxktbuhp4qvoulvrmdo7ypoqadidgofeji2cfuxda" } }

variable "db_size" { default = "50" # size in GBs }

variable "tag_namespace_description" { default = "Just a test" }

variable "tag_namespace_name" { default = "testexamples-tag-namespace" }

resource "oci_core_instance" "test_instance" { count = var.num_instances availability_domain = "${data.oci_identity_availability_domain.ad.name}" compartment_id = var.compartment_ocid display_name = "TestInstanceTest" shape = var.instance_shape

shape_config { ocpus = var.instance_ocpus memory_in_gbs = var.instance_shape_config_memory_in_gbs }

create_vnic_details { subnet_id = var.subnet_ocid display_name = "Primaryvnic" assign_public_ip = true assign_private_dns_record = true }

source_details { source_type = "image" source_id = var.instance_image_ocid[var.region] }

resource "oci_objectstorage_bucket" "TestBucketAshish1234554321" { compartment_id = "${var.compartment_ocid}" namespace = "${data.oci_objectstorage_namespace.ns.namespace}" name = "TestBucketAshish1234554321" //access_type = "NoPublicAccess" } */

ashishrah2611 avatar Feb 01 '22 12:02 ashishrah2611

@ashishrah2611 What is your setting var.region? It's probably that the region doesn't match with your expected region (ap-seoul-1). I got the same issue several days ago and fixing the region was helpful. Hope this helps.

icy avatar Feb 11 '22 16:02 icy

hey man, did you manage to solve it? I have the same problem.

dellabeneta avatar Mar 04 '22 00:03 dellabeneta

OCI provider errors might be confusing and do not give helpful hints as described here I suggest you double check your provider config (tenancy_ocid, user_ocid). Best thing to do is follow official documentation step-by-step. I noted correct tenance_ocid and user_ocid after adding RSA key to my account

MaximShepelev avatar May 25 '22 21:05 MaximShepelev

apparently this can eat about anything, for me it was due to wrongly passing a list of subnets to oci_core_instance.create_vnic_details.subnet_id, just forgot to one() it, you'd expect such basic type validation right in the provider, not getting up to API at all, and failing the plan

famousgarkin avatar Oct 31 '22 15:10 famousgarkin

I have the same problem

djkerya avatar Dec 28 '22 19:12 djkerya

Yep, the error is incredible misaligned. In my case I was using a image from another region:

ocid1.image.oc1.[region].aaaaaaaaovmgmjdepm5x372pzvkq7nuwhwt3vaiexr3wfweyozl2br5e6wsq

guitcastro avatar Feb 09 '23 03:02 guitcastro

Thank you for reporting the issue. We observed the affected resources are not provided in the description or it's incorrect. We request you to add it in issue description as mentioned in below format. Example: affected_resources = oci_core_instance , oci_core_instances

If it's not related to any particular resource then mention affected resource as terraform. Example: affected_resources = terraform

As this works through automation, request you to follow exact syntax.

ravinitp avatar Mar 29 '23 12:03 ravinitp

I run in the same issue and for me, it was the image id

jplorier avatar May 04 '23 02:05 jplorier

Same and the list of the images ocid by region is available here: https://docs.oracle.com/en-us/iaas/images/

jfx avatar May 30 '23 18:05 jfx

Morning Guys!

I am facing the same issue when I try to create a VCN

│ Error: 404-NotAuthorizedOrNotFound, Authorization failed or requested resource not found.

And, until now, I havent found a way to fix

mancier avatar Jul 20 '23 14:07 mancier

Hi Guys!,

Same issue, in my case, this is presented when Packer is creating the Custom Image on Oracle OCI. The step oracle-oci: Updating image schema... presents following message.

oracle-oci: Error updating image schema: Error returned by Compute Service. Http Status Code: 404. Error Code: NotAuthorizedOrNotFound. Opc request id:

Btw, the same pipeline (same tenant, user and others ) was working a couple of months ago.

Blake-hub-cloud avatar Jul 24 '23 21:07 Blake-hub-cloud

Same and the list of the images ocid by region is available here: https://docs.oracle.com/en-us/iaas/images/

I cannot believe how stupid this approach is. So for all others: Please double-check the image id…. it's an own ID for all locations.

janis-ax avatar Sep 26 '23 13:09 janis-ax