👀 Views: 218 💬 Answers: 1 📅 Created: 2025-07-15

oci terraform permissions HCL

I'm stuck on something that should probably be simple..... I've looked through the documentation and I'm still confused about I'm currently working with an scenario while trying to apply changes to an existing resource stack in Oracle Cloud Infrastructure (OCI) Resource Manager... My stack consists of multiple resources defined in Terraform, and I'm running into an "Insufficient permissions" behavior when executing the `terraform apply` command. The behavior message I'm receiving is: ``` behavior: behavior applying plan: 1 behavior(s) occurred: * oci_core_instance.instance: Insufficient permissions to perform action ``` I have ensured that the policies in place for my compartment allow the necessary actions for the resources I'm trying to manage. My policies look like this: ``` Allow group DevOps to manage instances in compartment my_compartment Allow group DevOps to manage volumes in compartment my_compartment Allow group DevOps to manage virtual-network-family in compartment my_compartment ``` I've double-checked that my user is part of the `DevOps` group. However, I also noticed that the resources were created by a different user who was assigned additional permissions. I suspect that the ownership of the resources might be causing this scenario. To troubleshoot, I tried running `terraform plan` to see if there were any discrepancies in the current state vs. the desired state, but I received the same permissions behavior. Here’s a snippet of my Terraform provider configuration: ```hcl provider "oci" { tenancy_ocid = var.tenancy_ocid user_ocid = var.user_ocid fingerprint = var.fingerprint private_key_path = var.private_key_path region = "us-ashburn-1" } ``` I've also attempted to refresh the state with `terraform refresh`, but that did not resolve the permissions scenario either. Is there a way to manage resources created by another user in the same compartment, or could there be a policy that I’m overlooking? Any insights on how to correctly apply the stack changes without running into permissions issues would be greatly appreciated. This is part of a larger API I'm building. For context: I'm using Hcl on Windows. Am I missing something obvious? Any help would be greatly appreciated! I'm working in a Ubuntu 20.04 environment. I appreciate any insights!