Hi,
Β
I am trying to apply my terraform code to create access scopes in SecOps SIEM and I get the following error even though the service account running this has the Chronicle API admin and Security Admin roles assigned:
Β
β Error: Error creating DataAccessScope: googleapi: Error 403: Permission 'chronicle.dataAccessScopes.create' denied on resource '//chronicle.googleapis.com/projects/<project name>/locations/europe-west3/instances/<customer ID>' (or it may not exist).
β Details:
β [
β {
β "@type": "type.googleapis.com/google.rpc.ErrorInfo",
β "domain": "chronicle.googleapis.com",
β "metadata": {
β "permission": "chronicle.dataAccessScopes.create",
β "resource": "projects/<project name>/locations/europe-west3/instances/<customer ID>"
β },
β "reason": "IAM_PERMISSION_DENIED"
β }
β ]
β
β with google_chronicle_data_access_scope.data_access_scope["scope-vg-cs"],
β on main.tf line 69, in resource "google_chronicle_data_access_scope" "data_access_scope":
β 69: resource "google_chronicle_data_access_scope" "data_access_scope" {
β
β΅
Β
What am I missing please?
Β
Thanks
Β
