Getting a 404 when trying to create a secret versi...
# general
Getting a 404 when trying to create a secret version in GCP, anyone know why this might be happening? Using Pulumi 3.28 and F#
Hi there. Are you getting a 404 from GCP? Can you share a bit more detail, maybe some of the error message?
Hi @miniature-musician-31262, sure thing. Here’s the error.
Copy code
error: update failed
SECRET-REDACTED-version (gcp:secretmanager:SecretVersion)
error: 1 error occurred:
	* Error creating SecretVersion: googleapi: got HTTP response code 404 with body: <!DOCTYPE html>
<html lang=en>
  <meta charset=utf-8>
  <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
  <title>Error 404 (Not Found)!!1</title>
    *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(// 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(// no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(// no-repeat 0% 0%/100% 100%;-moz-border-image:url(// 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(// no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
  <a href=//><span id=logo aria-label=Google></span></a>
  <p><b>404.</b> <ins>That's an error.</ins>
  <p>The requested URL <code>/v1/SECRET-REDACTED:addVersion?alt=json</code> was not found on this server.  <ins>That's all we know.</ins>

    5 unchanged
Duration: 4s
That’s interesting. Do you see that only for this resource, or for any GCP resource in the stack?
Also, if you could share a little code, that might help; I don’t have the F# handy to work with secretsmanager 😅
This is the only resource I see the error for. Creating the secret itself works fine, for example. Here’s a gist: I’m using for the Computation Expression syntax. That version uses Pulumi.Gcp version 6.17.
Thanks much. I think this gist may be missing some code, though 🤔
Maybe I’m missing a dep somewhere
You should also have a
with the following contents:
Copy code
module Program

open Pulumi.FSharp

let infra () =
    let secrets = SecretManager.secrets ()

    dict [] infra |> ignore
I’ll see if I can get some help interally on this one, as I’ve not had much luck reproducing it yet
Are you sure you’ve enabled the Secret Manager API?
(In the GCP console)
Yep. I created both the secret and the secretversion manually and tried importing them, but importing the secretversion failed, so I deleted it and tried to recreate using Pulumi
Trying to import gives the following error:
Copy code
$ pulumi import gcp:secretmanager/secretVersion:SecretVersion default projects/REDACTED-PROJECT/secrets/REDACTED-SECRET/versions/1
Previewing import (REDACTED-ORG/dev)


     Type                                Name                                            Plan       Info
     pulumi:pulumi:Stack                 REDACTED-STACK                                   1 error
 =   └─ gcp:secretmanager:SecretVersion  default  import     1 error
  gcp:secretmanager:SecretVersion (default):
    error: Preview failed: refreshing urn:pulumi:dev::REDACTED::gcp:secretmanager/secretVersion:SecretVersion::default: 1 error occurred:
        * Error reading SecretVersion: googleapi: Error 403: Permission 'secretmanager.versions.access' denied for resource 'projects/REDACTED/secrets/REDACTED-SECRET/versions/1' (or it may not exist).
  pulumi:pulumi:Stack (REDACTED-STACK):
    error: preview failed
That bit makes sense, as I don’t have
privileges, but that doesn’t prevent me from creating, destroying or disabling secrets. Just viewing them
Okay, so turns out importing was failing because I needed the access privilege to be set for the user pulumi was authenticated as. The other error was because I was using the SecretId property instead of the Name property (where the name property has the full URI including the project)