Introduction
Problem
A user may encounter the following error while importing a Vault namespaced resource:
$ terraform import vault_mount.test testmount
│ Error: error reading from Vault: Error making API request.
│
│ Namespace: MyNamespace
│ URL: GET https://<vault-host>:8200/v1/sys/mounts
│ Code: 403. Errors:
│
│ * 1 error occurred:
│ * permission denied
│ Cause
Normally, the Vault provider uses the VAULT_NAMESPACE environment variable. However, users must set a different environment variable before importing namespaced resources.
Overview of possible solution
Solution:
- Set the
TERRAFORM_VAULT_NAMESPACE_IMPORTenvironment variable
$ export TERRAFORM_VAULT_NAMESPACE_IMPORT=MyNamespace
2. Run the import
$ terraform import vault_mount.test testmount
3. Unset the TERRAFORM_VAULT_NAMESPACE_IMPORTenvironment variable
$ unset TERRAFORM_VAULT_NAMESPACE_IMPORT
Outcome:
Upon setting the special environment variable, the resource should import successfully. If the import still fails, please contact HashiCorp Support for further assistance.