Data Manager

Troubleshooting Manual

This documentation does not apply to the most recent version of Data Manager. For documentation on the most recent version, go to the latest release.

Troubleshoot GCP Terraform Errors

Template out of date

│ Error: Failed to read module directory
│
│ Module directory .terraform/modules/logging/modules/logging does not exist or cannot be read.

Possible Cause

Terraform template is updated from Splunk's side.

Possible Solutions

Re-download template from Splunk Cloud to ensure you have the latest template.

API is not enabled

│ Error: googleapi: Error 400: (89a44a80d565edc9): Dataflow API is not enabled. Please use the Cloud Platform Console, https://console.developers.google.com/apis/api/dataflow.googleapis.com/overview?project=test-c, to enable Dataflow API., failedPrecondition

Possible Cause

GCP Service API is not enabled.

Possible Solutions

In your Google Cloud Platform deployment, navigate to APIs & Services, and enable the appropriate APIs.

Access Denied

Error: error loading state: Failed to open state file at gs://temp-bucket/terraform/8491e82e-0741-4b5d-a030-b37f863431d0/default.tfstate: googleapi: got HTTP response code 403 with body: <?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message><Details>test-service-account@cdc-connector.iam.gserviceaccount.com does not have storage.objects.get access to the Google Cloud Storage object.</Details></Error>

Possible Cause

  • Specific permissions were not granted to the service account used to execute terraform apply
  • Incorrect service account is used to execute terraform apply
  • Terminal is caching failed results from before permission is granted


Possible Solutions

  1. Revisit to prerequisites page and assign proper permissions to service account
  2. Ensure intended service account is used
    1. export GOOGLE_APPLICATION_CREDENTIALS=<path_to_exported_credentials_json>
  3. Open a new terminal and run terraform apply

Project role already exists

│ Error: Unable to verify whether custom project role projects/test-d/roles/SplunkDMSourceReadOnly_8491e82e07414b5da030b37f863431d0 already exists and must be undeleted: Error when reading or editing Custom Project Role "projects/test-d/roles/SplunkDMSourceReadOnly_8491e82e07414b5da030b37f863431d0": googleapi: Error 403: You don't have permission to get the role at projects/test-d/roles/SplunkDMSourceReadOnly_8491e82e07414b5da030b37f863431d0., forbidden

Possible Cause

This can be caused by performing terraform destroy on one input and re-apply it via terraform apply. Role would have been "deleted" but GCP retain roles for a period of time before delete completion.

Possible Solutions

  1. Undelete the role
    1. Found under IAM & Admin -> Roles
  2. Create a new input
Last modified on 20 March, 2023
Troubleshoot GCP Permissions   Troubleshoot GCP Data Inputs

This documentation applies to the following versions of Data Manager: 1.8.2, 1.8.3


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters