I am new In terraform and I create a Kubernetes Cluster in GKE and I want to install ingress-nginx with helm.
So, I wrote the following:
provider "helm" {
kubernetes {
host = google_container_cluster.primary.endpoint
token = data.google_client_config.main.access_token
client_certificate = base64decode(google_container_cluster.primary.master_auth.0.client_certificate)
client_key = base64decode(google_container_cluster.primary.master_auth.0.client_key)
cluster_ca_certificate = base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)
}
}
resource "helm_release" "nginx_ingress_controller" {
name = "ingress-nginx"
repository = "https://kubernetes.github.io/ingress-nginx"
chart = "ingress-nginx"
namespace = "ingress-nginx"
create_namespace = true
wait = true
timeout = 300
}
I get the following Error and I don't know how to solve it. When I use helm to install ingress it works well but with Terraform I can't install it.
{"@level":"warn","@message":"Warning: Helm release \"ingress-nginx\" was created but has a failed status. Use the `helm` command to investigate the error, correct it, then run Terraform again.","@module":"terraform.ui","@timestamp":"2023-05-22T17:27:17.047328+03:00","diagnostic":{"severity":"warning","summary":"Helm release \"ingress-nginx\" was created but has a failed status. Use the `helm` command to investigate the error, correct it, then run Terraform again.","detail":"","address":"helm_release.nginx_ingress_controller","range":{"filename":"10-release.tf","start":{"line":13,"column":52,"byte":261},"end":{"line":13,"column":53,"byte":262}},"snippet":{"context":"resource \"helm_release\" \"nginx_ingress_controller\"","code":"resource \"helm_release\" \"nginx_ingress_controller\" {","start_line":13,"highlight_start_offset":51,"highlight_end_offset":52,"values":[]}},"type":"diagnostic"}
{"@level":"error","@message":"Error: failed pre-install: clusterroles.rbac.authorization.k8s.io \"ingress-nginx-admission\" is forbidden: User \"lively-shelter-294615@appspot.gserviceaccount.com\" cannot delete resource \"clusterroles\" in API group \"rbac.authorization.k8s.io\" at the cluster scope: requires one of [\"container.clusterRoles.delete\"] permission(s).","@module":"terraform.ui","@timestamp":"2023-05-22T17:27:17.048209+03:00","diagnostic":{"severity":"error","summary":"failed pre-install: clusterroles.rbac.authorization.k8s.io \"ingress-nginx-admission\" is forbidden: User \"lively-shelter-294615@appspot.gserviceaccount.com\" cannot delete resource \"clusterroles\" in API group \"rbac.authorization.k8s.io\" at the cluster scope: requires one of [\"container.clusterRoles.delete\"] permission(s).","detail":"","address":"helm_release.nginx_ingress_controller","range":{"filename":"10-release.tf","start":{"line":13,"column":52,"byte":261},"end":{"line":13,"column":53,"byte":262}},"snippet":{"context":"resource \"helm_release\" \"nginx_ingress_controller\"","code":"resource \"helm_release\" \"nginx_ingress_controller\" {","start_line":13,"highlight_start_offset":51,"highlight_end_offset":52,"values":[]}},"type":"diagnostic"}
I read a lot of similar questions but I can't solve the issue.
