average-plastic-1653
09/16/2023, 12:33 AMError creating Secret: googleapi: Error 403: Secret Manager API has not been used in project dfir-jmtest0915-03-c99a0803a5d before or it is disabled. Enable it by visiting <https://console.developers.google.com/apis/api/secretmanager.googleapis.com/overview?project=dfir-jmtest0915-03-c99a0803a5d> then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
The services are enabled here:
# List of services to be enabled
services_to_enable = [
"<http://secretmanager.googleapis.com|secretmanager.googleapis.com>",
"<http://compute.googleapis.com|compute.googleapis.com>", # Compute Engine API
"<http://batch.googleapis.com|batch.googleapis.com>", # Batch API
"<http://workflows.googleapis.com|workflows.googleapis.com>", # Workflows API
"<http://eventarc.googleapis.com|eventarc.googleapis.com>", # Eventarc API
"<http://pubsub.googleapis.com|pubsub.googleapis.com>" # Cloud Pub/Sub API
]
# Enable each service
for service_id in services_to_enable:
service = projects.Service(
service_id,
project=project.project_id,
service=service_id,
disable_dependent_services=True
)
# Export the service id of the last servce to be enabled
pulumi.export("service_id", service_id)
pulumi.export("project_id", project.project_id)
the secret is created here
# Create the secret
secret = secretmanager.Secret("opensearch-password",
project = project.project_id,
replication=secretmanager.SecretReplicationArgs(
user_managed=secretmanager.SecretReplicationUserManagedArgs(
replicas=[
secretmanager.SecretReplicationUserManagedReplicaArgs(
location="us-east1",
),
],
),
),
secret_id="opensearch-password"
)
pulumi.export("secret.name", secret.name)
pulumi.export("secret.id", secret.id)
secret_version = secretmanager.SecretVersion("opensearch-password-version",
secret=secret.id,
secret_data=os_service.service_password)
pulumi.export("secret_version.name", secret_version.name)
pulumi.export("secret_version.id", secret_version.id)
billowy-army-68599
average-plastic-1653
09/17/2023, 7:21 PMsecret_manager_api = projects.Service(
"secret-manager-api-service",
project=project.project_id,
service="<http://secretmanager.googleapis.com|secretmanager.googleapis.com>",
disable_dependent_services=True
)
pulumi.export('secret_manager_service_id', secret_manager_api.id)
Added a depends_on when creating the secret in GCP Secret Manager:
# Create the secret
ossecret = secretmanager.Secret("opensearch-secret",
opts=pulumi.ResourceOptions(depends_on=[secret_manager_api]),
project = project.project_id,
replication=secretmanager.SecretReplicationArgs(
user_managed=secretmanager.SecretReplicationUserManagedArgs(
replicas=[
secretmanager.SecretReplicationUserManagedReplicaArgs(
location="us-east1",
),
],
),
),
secret_id="opensearch-password"
)