Whilst tinkering with IBM Key Protect, the computer was most definitely saying "No"
ic kp keys --instance-id $guid
Retrieving keys...
FAILED
kp.Error: correlation_id='8638482c-706f-4959-9d39-cb583f4e7692', msg='Unauthorized: The user does not have access to the specified resource'
Thankfully, the internet had the answer ( the internet is my friend ) : -
The error is actually described in the introduction to ibm_kms_key, but easily overread. The set region for the provider currently has to match the region of the KMS instance.
The referenced Terraform provider documentation - ibm_kms_key - adds some context: -
The region parameter in the provider.tf file must be set. If region parameter is not specified, us-south is used as default
I double-checked where my Key Protect instance was located: -
ic resource service-instances --output JSON | jq -r '.[] | select(.name | endswith("kms"))' | jq -r .region_id
eu-gb
and directed the CLI tool to target that region: -
ic kp region-set eu-gb
OK
and retried my command: -
ic kp keys --instance-id $guid
Retrieving keys...
OK
Key ID Key Name
595e2c8e-f99c-45c0-82c3-997dd646dcf3 terraform-state-key-davehay-1638264407
Good to go!
No comments:
Post a Comment