The securitycenter.googleapis.com API requires a quota project, which is not set by default

[karimelmel]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to a user, that user is claiming responsibility for the issue.
• Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

Terraform v1.10.1
on arm

• provider registry.terraform.io/hashicorp/google v6.13.0

Affected Resource(s)

google_scc_v2_organization_mute_config

Terraform Configuration

resource "google_scc_v2_organization_mute_config" "mute_low_severity" {
  mute_config_id    = "mute_low_severity"
  organization = var.organization_id
  location     = "global"
  description  = "My custom Cloud Security Command Center Finding Organization mute Configuration"
  filter = "severity = \"LOW\""
  type = "STATIC"
}

Debug Output

│ Error: Error creating OrganizationMuteConfig: googleapi: Error 403: Your application is authenticating by using local Application Default Credentials. The securitycenter.googleapis.com API requires a quota project, which is not set by default. To learn how to set your quota project, see https://cloud.google.com/docs/authentication/adc-troubleshooting/user-creds .
│ Details:
│ [
│ {
│ "@type": "type.googleapis.com/google.rpc.ErrorInfo",
│ "domain": "googleapis.com",
│ "metadata": {
│ "consumer": "projects/764086051850",
│ "service": "securitycenter.googleapis.com"
│ },
│ "reason": "SERVICE_DISABLED"
│ }
│ ]
│
│ with google_scc_v2_organization_mute_config.mute_low_severity,
│ on main.tf line 7, in resource "google_scc_v2_organization_mute_config" "mute_low_severity":
│ 7: resource "google_scc_v2_organization_mute_config" "mute_low_severity" {
│
╵

Expected Behavior

No response

Actual Behavior

No response

Steps to reproduce

1. terraform apply

Important Factoids

I am deploying with ADC credentials. The project referenced in the error belongs to Google, which is the project for hosting ADC credentials.

│ Error: Error creating OrganizationMuteConfig: googleapi: Error 403: Your application is authenticating by using local Application Default Credentials. The securitycenter.googleapis.com API requires a quota project, which is not set by default. To learn how to set your quota project, see https://cloud.google.com/docs/authentication/adc-troubleshooting/user-creds .

ADC project is set.

References

No response

[karimelmel]

found workaround here: golang/oauth2#702 (comment)

[c2thorn]

This is determined by the API which the provider has a field for here: https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override-1