vSphere: error cloning virtual machine

I’m using terraform to clone a vsphere template in our VMWare Cloud on AWS environment, following a guide from vmware: https://cloud.vmware.com/community/2019/11/19/infrastructure-code-terraform-vmware-vmware-cloud-aws/

The files have passed the validate and plan without errors, however when running an apply I am getting the following error:

vsphere_virtual_machine.vm: Creating…

Error: error cloning virtual machine: ServerFaultCode: Permission to perform this operation was denied.

on main.tf line 24, in resource “vsphere_virtual_machine” “vm”:
24: resource “vsphere_virtual_machine” “vm” {

I’ve manually performed a clone within vsphere on the same template, and it works without issue, so its not a permission problem that I can see.

I put debugging on and had the following output

>     2019-12-12T16:17:53.127Z [DEBUG] plugin.terraform-provider-vsphere_v1.13.0_x4.exe: 2019/12/12 16:17:53 [DEBUG] Cloning virtual machine "/SDDC-Datacenter/vm/Workloads/terraform-test"
> 2019/12/12 16:17:53 [DEBUG] vsphere_virtual_machine.vm: apply errored, but we're indicating that via the Error pointer rather than returning it: error cloning virtual machine: ServerFaultCode: Permission to perform this operation was denied.
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalMaybeTainted
> 2019/12/12 16:17:53 [TRACE] EvalMaybeTainted: vsphere_virtual_machine.vm encountered an error during creation, so it is now marked as tainted
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalWriteState
> 2019/12/12 16:17:53 [TRACE] EvalWriteState: removing state object for vsphere_virtual_machine.vm
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalApplyProvisioners
> 2019/12/12 16:17:53 [TRACE] EvalApplyProvisioners: vsphere_virtual_machine.vm has no state, so skipping provisioners
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalMaybeTainted
> 2019/12/12 16:17:53 [TRACE] EvalMaybeTainted: vsphere_virtual_machine.vm encountered an error during creation, so it is now marked as tainted
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalWriteState
> 2019/12/12 16:17:53 [TRACE] EvalWriteState: removing state object for vsphere_virtual_machine.vm
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalIf
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalIf
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalWriteDiff
> 2019/12/12 16:17:53 [TRACE] <root>: eval: *terraform.EvalApplyPost
> 2019/12/12 16:17:53 [ERROR] <root>: eval: *terraform.EvalApplyPost, err: error cloning virtual machine: ServerFaultCode: Permission to perform this operation was denied.
> 2019/12/12 16:17:53 [ERROR] <root>: eval: *terraform.EvalSequence, err: error cloning virtual machine: ServerFaultCode: Permission to perform this operation was denied.
> 2019/12/12 16:17:53 [TRACE] [walkApply] Exiting eval tree: vsphere_virtual_machine.vm
> 2019/12/12 16:17:53 [TRACE] vertex "vsphere_virtual_machine.vm": visit complete
> 2019/12/12 16:17:53 [TRACE] dag/walk: upstream of "meta.count-boundary (EachMode fixup)" errored, so skipping
> 2019/12/12 16:17:53 [TRACE] dag/walk: upstream of "provider.vsphere (close)" errored, so skipping
> 2019/12/12 16:17:53 [TRACE] dag/walk: upstream of "root" errored, so skipping
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: not making a backup, because the new snapshot is identical to the old
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: no state changes since last snapshot
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: writing snapshot at terraform.tfstate
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: removing lock metadata file .terraform.tfstate.lock.info
> 2019/12/12 16:17:53 [TRACE] statemgr.Filesystem: unlocked by closing terraform.tfstate
> 2019-12-12T16:17:53.188Z [DEBUG] plugin: plugin process exited: path=C:\Terraform\.terraform\plugins\windows_amd64\terraform-provider-vsphere_v1.13.0_x4.exe pid=20576
> 2019-12-12T16:17:53.188Z [DEBUG] plugin: plugin exited

Has anyone had this problem before or can help at all?

i have same issue, did you get any solution for this. some says to give full permission to the userid in vsphere. i can’t go for it.

2020/02/27 18:33:12 [ERROR] : eval: *terraform.EvalApplyPost, err: error reconfiguring virtual machine: error reconfiguring virtual machine: ServerFaultCode: Permission to perform this operation was denied.

2020/02/27 18:33:12 [ERROR] : eval: *terraform.EvalSequence, err: error reconfiguring virtual machine: error reconfiguring virtual machine: ServerFaultCode: Permission to perform this operation was denied.

Hi @rajbir1982 - I eventually got it working, assuming you’re connecting to VMWare Cloud on AWS ? I’ve documented it here: https://www.samakroyd.com/2020/03/02/vmware-cloud-on-aws-windows-provisioning-using-terraform/#more-49

Thanks for the links. My issue got resolved. User was not having correct permission at vcenter.

I have same issue, which permission is missing on vcenter? we have full admin access normally

rdeglise

    March 12

I have same issue, which permission is missing on vcenter? we have full admin access normally


Visit Topic or reply to this email to respond.


In Reply To

rajbir1982

    March 3

Thanks for the links. My issue got resolved. User was not having correct permission at vcenter.


Visit Topic or reply to this email to respond.

To unsubscribe from these emails, click here.