You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
2024-12-07T18:57:55.329+0100 [INFO] Terraform version: 1.5.7
2024-12-07T18:57:55.330+0100 [DEBUG] using github.com/hashicorp/go-tfe v1.26.0
2024-12-07T18:57:55.330+0100 [DEBUG] using github.com/hashicorp/hcl/v2 v2.16.2
2024-12-07T18:57:55.330+0100 [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.0
2024-12-07T18:57:55.330+0100 [DEBUG] using github.com/zclconf/go-cty v1.12.2
2024-12-07T18:57:55.330+0100 [INFO] Go runtime version: go1.23.1
Affected Resource(s)
nutanix_user_group
Terraform Configuration Files
locals {
# read authorization_policies from the filecluster_admin_yaml=yamldecode(file("${path.module}/../../../../../../data/iam_config/cluster_admin.yaml"))
# Convert the list to a set of stringscluster_admin_user_groups=toset([
foruser_groupinlocal.cluster_admin_yaml.iam_entities.segment[var.segment].user_groups:user_group.name
])
}
data"nutanix_user_group""user_groups_cluster_admin" {
for_each=local.cluster_admin_user_groupsuser_group_distinguished_name=each.value# the name as written in the yaml file
}
{
"filter": "",
"kind": "user_group",
"length": 100
}
......
later on in the logs, because the user is not found, Terraform is trying the following:
---[ REQUEST ]---------------------------------------
POST /api/nutanix/v3/user_groups/list HTTP/1.1
Host: <censored_url>:9440
User-Agent: nutanix/v3
Content-Length: 52
Accept: application/json
Authorization: Basic cnVodo0RVgmeTQ0gMi0r33TTa=
Content-Type: application/json
Accept-Encoding: gzip
Of course that fails, and the output is:
2024-12-07T18:25:59.051+0100 [ERROR] vertex "module.authorization_policies.data.nutanix_user_group.user_groups_vm_admin["cn=suser0021-l,ou=BetriebsGroups,ou=comp,ou=adGroups,dc=ad,dc=domainname,dc=com"]" error: error reading group with error error: {
"api_version": "3.1",
"code": 422,
"message_list": [
{
"details": {
"kind": [
"'user' is not one of ['user_group']"
]
},
"message": "Request could not be processed.",
"reason": "INVALID_REQUEST"
}
],
"state": "ERROR"
}
I am not sure why exactly this happens, but since this is only happening on a single PC where we have a ton of users, I assume that the initial API call being limited to 100 results by default, is not able to find the user_group which is looking for. I've manually tested with a higher enough length, and the user_group can be found, but not with length 100.
I guess because the user_group cannot be found, terraform will try that with kind: user instead user_group ... but that can't work.
Best regards
Casian
The text was updated successfully, but these errors were encountered:
Nutanix Cluster Information
Terraform Version
2024-12-07T18:57:55.329+0100 [INFO] Terraform version: 1.5.7
2024-12-07T18:57:55.330+0100 [DEBUG] using github.com/hashicorp/go-tfe v1.26.0
2024-12-07T18:57:55.330+0100 [DEBUG] using github.com/hashicorp/hcl/v2 v2.16.2
2024-12-07T18:57:55.330+0100 [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.0
2024-12-07T18:57:55.330+0100 [DEBUG] using github.com/zclconf/go-cty v1.12.2
2024-12-07T18:57:55.330+0100 [INFO] Go runtime version: go1.23.1
Affected Resource(s)
nutanix_user_group
Terraform Configuration Files
Debug Output
---[ REQUEST ]---------------------------------------
POST /api/nutanix/v3/user_groups/list HTTP/1.1
Host: <censored_url>:9440
User-Agent: nutanix/v3
Content-Length: 47
Accept: application/json
Authorization: Basic cnVoMTo0RVgmeTQ0b0tZMi0hLTg=
Content-Type: application/json
Accept-Encoding: gzip
{
"filter": "",
"kind": "user_group",
"length": 100
}
......
later on in the logs, because the user is not found, Terraform is trying the following:
---[ REQUEST ]---------------------------------------
POST /api/nutanix/v3/user_groups/list HTTP/1.1
Host: <censored_url>:9440
User-Agent: nutanix/v3
Content-Length: 52
Accept: application/json
Authorization: Basic cnVodo0RVgmeTQ0gMi0r33TTa=
Content-Type: application/json
Accept-Encoding: gzip
{
"filter": "",
"kind": "user",
"length": 100,
"offset": 0
}
Of course that fails, and the output is:
2024-12-07T18:25:59.051+0100 [ERROR] vertex "module.authorization_policies.data.nutanix_user_group.user_groups_vm_admin["cn=suser0021-l,ou=BetriebsGroups,ou=comp,ou=adGroups,dc=ad,dc=domainname,dc=com"]" error: error reading group with error error: {
"api_version": "3.1",
"code": 422,
"message_list": [
{
"details": {
"kind": [
"'user' is not one of ['user_group']"
]
},
"message": "Request could not be processed.",
"reason": "INVALID_REQUEST"
}
],
"state": "ERROR"
}
References
#697
I am not sure why exactly this happens, but since this is only happening on a single PC where we have a ton of users, I assume that the initial API call being limited to 100 results by default, is not able to find the user_group which is looking for. I've manually tested with a higher enough length, and the user_group can be found, but not with length 100.
I guess because the user_group cannot be found, terraform will try that with kind: user instead user_group ... but that can't work.
Best regards
Casian
The text was updated successfully, but these errors were encountered: