-
-
Notifications
You must be signed in to change notification settings - Fork 125
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error listing files from datastore using API Token as credentials #1451
Comments
I have done further researches and tests:
So this issue is not related to CephFS at all; it is more about API tokens' permissions. I created a custom role with all the permissions enabled for the user, so the permissions errors on Datastore.Audit/AllocateSpace is odd. EDIT: I recreated my user but using CLI this time instead of creating it using Terraform, and there is no error, the instanciation of the resource file is working great. I give the following code block, maybe there are some error in the way I created my user resource "proxmox_virtual_environment_user" "user" {
user_id = "terraform@pve"
password = "incrediblepassword"
comment = "User managed by Terraform used to create token"
acl {
path = "/"
propagate = true
role_id = "Administrator"
}
}
resource "proxmox_virtual_environment_user_token" "token" {
token_name = "terratoken"
user_id = proxmox_virtual_environment_user.user.user_id
}
output "token_value" {
value = proxmox_virtual_environment_user_token.token.value
sensitive = true
} EDIT²: I have try to create the user using the provider (same hcl code as before), but instead of creating the token with the provider, I created by hand. With that way it is working, so there might be something to dig down here. |
Ok I found the issue. When I created the user, I did not set the privileges_separations. So by default the API token had restricted privileges. |
Describe the bug
Error listing files from a Cephfs datastore using API Token
To Reproduce
Steps to reproduce the behavior:
Minimal Terraform configuration that reproduces the issue.
You should have create a resource user before, and give to it a role to control the maximum of things; I gave the Administrator role to my user.
Expected behavior
After applying the configuration, there should be the following error:
TF_LOG=DEBUG terraform apply
): https://gist.github.com/Luquor/d5eaae14916174974fdec8550b32a620The text was updated successfully, but these errors were encountered: