SIEM Data RBAC: Unable to create data access scope

Question

Hi,

I am trying to apply my terraform code to create access scopes in SecOps SIEM and I get the following error even though the service account running this has the Chronicle API admin and Security Admin roles assigned:

│ Error: Error creating DataAccessScope: googleapi: Error 403: Permission 'chronicle.dataAccessScopes.create' denied on resource '//chronicle.googleapis.com/projects/<project name>/locations/europe-west3/instances/<customer ID>' (or it may not exist).

│ Details:

│ [

│ {

│ "@type": "type.googleapis.com/google.rpc.ErrorInfo",

│ "domain": "chronicle.googleapis.com",

│ "metadata": {

│ "permission": "chronicle.dataAccessScopes.create",

│ "resource": "projects/<project name>/locations/europe-west3/instances/<customer ID>"

│ },

│ "reason": "IAM_PERMISSION_DENIED"

│ }

│ ]

│

│ with google_chronicle_data_access_scope.data_access_scope["scope-vg-cs"],

│ on main.tf line 69, in resource "google_chronicle_data_access_scope" "data_access_scope":

│ 69: resource "google_chronicle_data_access_scope" "data_access_scope" {

│

╵

What am I missing please?

Thanks

JeremyLand · Answer

Quick check: where you see ‘projects//locations/europe-west3/instances/’ in the error does it actually include your project name and customer ID? or does it include the placeholders?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded