Terraform: googleapi: Error 403: Permission denied on resource project

Solution 1:

For someone like me: my problem was that I was using an invalid key in the provider block.

provider "google" {
  credentials = "this_was_wrong.json"
  project = "project-id"
}

As Eddie Knight said in his answer:

It's very possible that you are experiencing permission issues. At one point today I found myself attempting to target a project that existed... but the account I was authenticated to via gcloud was not the account I thought it was.

Solution 2:

I stumbled across your unanswered question just now while I was experiencing a similar error message, so I'll put my experience here in case someone else comes across it.

I am running into errors and not sure if it is really related to permissions

It's very possible that you are experiencing permission issues. At one point today I found myself attempting to target a project that existed... but the account I was authenticated to via gcloud was not the account I thought it was. In that case you'll need to either change the project id or change your authentication for gcloud.

It is also possible that your issue is related to the subnet. Check your IAM roles to ensure that you have given yourself permission to work on that subnet.

Side note... I also got a permissions error at one point due to targeting a non-existent zone

In sum:

  1. Check that you're using the correct account
  2. Check that you're using the right project
  3. Check that you've assigned IAM roles properly

Solution 3:

I have seen this problem and in my case it was project id was not correct in .tfvars file. enter image description here