I’m using terraform to clone a vsphere template in our VMWare Cloud on AWS environment, following a guide from vmware: https://cloud.vmware.com/community/2019/11/19/infrastructure-code-terraform-vmware-vmware-cloud-aws/
The files have passed the validate and plan without errors, however when running an apply I am getting the following error:
vsphere_virtual_machine.vm: Creating…
Error: error cloning virtual machine: ServerFaultCode: Permission to perform this operation was denied.
on main.tf line 24, in resource “vsphere_virtual_machine” “vm”:
24: resource “vsphere_virtual_machine” “vm” {
I’ve manually performed a clone within vsphere on the same template, and it works without issue, so its not a permission problem that I can see.
I put debugging on and had the following output
> 2019-12-12T16:17:53.127Z [DEBUG] plugin.terraform-provider-vsphere_v1.13.0_x4.exe: 2019/12/12 16:17:53 [DEBUG] Cloning virtual machine "/SDDC-Datacenter/vm/Workloads/terraform-test"
> 2019/12/12 16:17:53 [DEBUG] vsphere_virtual_machine.vm: apply errored, but we're indicating that via the Error pointer rather than returning it: error cloning virtual machine: ServerFaultCode: Permission to perform this operation was denied.
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalMaybeTainted
> 2019/12/12 16:17:53 [TRACE] EvalMaybeTainted: vsphere_virtual_machine.vm encountered an error during creation, so it is now marked as tainted
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalWriteState
> 2019/12/12 16:17:53 [TRACE] EvalWriteState: removing state object for vsphere_virtual_machine.vm
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalApplyProvisioners
> 2019/12/12 16:17:53 [TRACE] EvalApplyProvisioners: vsphere_virtual_machine.vm has no state, so skipping provisioners
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalMaybeTainted
> 2019/12/12 16:17:53 [TRACE] EvalMaybeTainted: vsphere_virtual_machine.vm encountered an error during creation, so it is now marked as tainted
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalWriteState
> 2019/12/12 16:17:53 [TRACE] EvalWriteState: removing state object for vsphere_virtual_machine.vm
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalIf
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalIf
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalWriteDiff
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalApplyPost
> 2019/12/12 16:17:53 [ERROR] <root>: eval: *terraform.EvalApplyPost, err: error cloning virtual machine: ServerFaultCode: Permission to perform this operation was denied.
> 2019/12/12 16:17:53 [ERROR] <root>: eval: *terraform.EvalSequence, err: error cloning virtual machine: ServerFaultCode: Permission to perform this operation was denied.
> 2019/12/12 16:17:53 [TRACE] [walkApply] Exiting eval tree: vsphere_virtual_machine.vm
> 2019/12/12 16:17:53 [TRACE] vertex "vsphere_virtual_machine.vm": visit complete
> 2019/12/12 16:17:53 [TRACE] dag/walk: upstream of "meta.count-boundary (EachMode fixup)" errored, so skipping
> 2019/12/12 16:17:53 [TRACE] dag/walk: upstream of "provider.vsphere (close)" errored, so skipping
> 2019/12/12 16:17:53 [TRACE] dag/walk: upstream of "root" errored, so skipping
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: not making a backup, because the new snapshot is identical to the old
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: no state changes since last snapshot
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: writing snapshot at terraform.tfstate
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: removing lock metadata file .terraform.tfstate.lock.info
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: unlocked by closing terraform.tfstate
> 2019-12-12T16:17:53.188Z [DEBUG] plugin: plugin process exited: path=C:\Terraform\.terraform\plugins\windows_amd64\terraform-provider-vsphere_v1.13.0_x4.exe pid=20576
> 2019-12-12T16:17:53.188Z [DEBUG] plugin: plugin exited
Has anyone had this problem before or can help at all?