Introduction
In HCP Terraform, users who are granted the organizational level View all workspaces permission can read the Sentinel policy check outputs on the run pages; however are unable to view the OPA policy check outputs. This article demonstrates the least required permissions for users to be able to read OPA policy check outputs.
Problem
HCP Terraform users with View all workspaces permission see the error message An error occurred. Please try again. when reading OPA policy check outputs of a run.
Solution
To be able to read the OPA policy check outputs, grant either one of the permissions at either project level or workspace level listed below,
- Workspace level:
- Custom: Run access - Read
- Fixed Permission Sets: Workspace - Read
- Project level:
- Custom: Run access - Read
- Fixed Permission Sets: Project - Read