Reputation: 11
Error while registering to fleet and installing Anthos Service Mesh (Error: local-exec provisioner error)
I am trying to register and install ASM in GCP project. We have shared VPC and we are trying to deploy GKE and ASM in one of the service project. We are using network from host project for the deployment.
GKE setup is already completed using below module : GKE Private Cluster Module
As a next step we are registering the cluster to the fleet and ASM instalment. For this we are using below module : ASM Module
While running the ASM module via github pipeline we are getting below error, looks like it's permission issue, but the service account what we used for provisioning the resource already have "GKE Hub Admin" role.
How to debug and identify the actual problem? Please share your views ?
ERROR: (gcloud.container.clusters.get-credentials) ResponseError: code=403, message=Required "container.clusters.get" permission(s) for "". module.asm.module.asm.module.cpr.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): + cleanup module.asm.module.asm.module.cpr.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): + rm -rf /tmp/kubectl_wrapper_25817_7345 ╷ │ Error: local-exec provisioner error
Upvotes: 1
Views: 225
Answers (1)
Reputation: 1
the service account you are using to deploy the clusters need to have those permissions.
Upvotes: 0
Related Questions
- Cloud Run For Anthos With Terraform
- Terraform kubectl provider error: failed to create kubernetes rest client for read of resource
- terraform kubectl provider not found
- Failed to construct REST client
- Error: host for provisioner cannot be empty
- terraform - Unable to fetch service account from Kubernetes: serviceaccounts "<name of service account>" not found
- Error on registering a cluster in GKE console
- Error when creating gcp vm instance via terraform
- Can't register any Kubernetes cluster to Google Anthos - 'Unknown Error'
- Cloud Run for Anthos: Configuration "<DEPLOY-NAME>" does not have any ready Revision