Data Manager

Troubleshooting Manual

This documentation does not apply to the most recent version of Data Manager. For documentation on the most recent version, go to the latest release.

Troubleshoot GCP Terraform errors

Template out of date

│ Error: Failed to read module directory
│
│ Module directory .terraform/modules/logging/modules/logging does not exist or cannot be read.

Possible Causes

The Terraform template is updated from the Splunk Cloud Platform side.

Possible Solutions

Re-download the template from Splunk Cloud Platform to ensure you have the latest template.

API is not enabled

│ Error: googleapi: Error 400: (89a44a80d565edc9): Dataflow API is not enabled. Please use the Cloud Platform Console, https://console.developers.google.com/apis/api/dataflow.googleapis.com/overview?project=test-c, to enable Dataflow API., failedPrecondition

Possible Causes

The GCP Service API is not enabled.

Possible Solutions

In your Google Cloud Platform deployment, navigate to APIs & Services and enable the appropriate APIs.

Access Denied

Error: error loading state: Failed to open state file at gs://temp-bucket/terraform/8491e82e-0741-4b5d-a030-b37f863431d0/default.tfstate: googleapi: got HTTP response code 403 with body: <?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message><Details>test-service-account@cdc-connector.iam.gserviceaccount.com does not have storage.objects.get access to the Google Cloud Storage object.</Details></Error>

Possible Causes

  • Specific permissions were not granted to the service account used to execute terraform apply.
  • Incorrect service account is used to execute terraform apply.
  • Terminal is caching failed results before permission is granted.

Possible Solutions

  1. Revisit the prerequisites page and assign proper permissions to service account.
  2. Ensure intended service account is used.
    1. export GOOGLE_APPLICATION_CREDENTIALS=<path_to_exported_credentials_json>
  3. Open a new terminal and run terraform apply.

Project role already exists

│ Error: Unable to verify whether custom project role projects/test-d/roles/SplunkDMSourceReadOnly_8491e82e07414b5da030b37f863431d0 already exists and must be undeleted: Error when reading or editing Custom Project Role "projects/test-d/roles/SplunkDMSourceReadOnly_8491e82e07414b5da030b37f863431d0": googleapi: Error 403: You don't have permission to get the role at projects/test-d/roles/SplunkDMSourceReadOnly_8491e82e07414b5da030b37f863431d0., forbidden

Possible Causes

This can be caused by performing terraform destroy on one input and re-applying it via terraform apply. The role would be deleted but GCP retains roles for a period of time before delete completion. To learn more, check with your GCP admin.

Possible Solutions

  1. Undelete the project role.
    1. Found under IAM & Admin -> Roles
  2. Create a new data input.
Last modified on 07 September, 2022
Troubleshoot GCP permissions   Troubleshoot GCP Data Inputs

This documentation applies to the following versions of Data Manager: 1.7.0

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters