Skip to content

IAM resources fail with RegionNotSupport when provider region is not cn-beijing #1

Open
Open
IAM resources fail with RegionNotSupport when provider region is not cn-beijing#1

Description

@cofyc
cofyc
opened on Mar 23, 2026

Bug Report

Description

IAM resources (user, group, role, policy, accesskey, project) fail with RegionNotSupport error when the provider is configured with any region other than cn-beijing (e.g. cn-shanghai, ap-southeast-1).

IAM is a global service in Volcengine, anchored to cn-beijing. The Cloud Control API at cloudcontrol.<region>.volcengineapi.com rejects IAM requests for non-cn-beijing regions.

Provider Version

  • volcengine/volcenginecc v0.0.33
  • Terraform >= 1.5

Steps to Reproduce

Save the following as main.tf:

terraform {
  required_providers {
    volcenginecc = {
      source  = "volcengine/volcenginecc"
      version = "0.0.33"
    }
  }
  required_version = ">= 1.5"
}

variable "volcengine_access_key" {
  type = string
}
variable "volcengine_secret_key" {
  type = string
}

provider "volcenginecc" {
  region     = "cn-shanghai"
  access_key = var.volcengine_access_key
  secret_key = var.volcengine_secret_key
}

# Import existing IAM user — triggers GetResource read during plan
import {
  to = volcenginecc_iam_user.bot_terraform
  id = "bot-terraform"
}
resource "volcenginecc_iam_user" "bot_terraform" {
  user_name    = "bot-terraform"
  description  = ""
  display_name = ""
  email        = ""
}

# Import existing IAM project — also triggers read during plan
import {
  to = volcenginecc_iam_project.default
  id = "default"
}
resource "volcenginecc_iam_project" "default" {
  project_name = "default"
  display_name = "默认项目"
  description  = ""
}

Then run:

export TF_VAR_volcengine_access_key="your-ak"
export TF_VAR_volcengine_secret_key="your-sk"
terraform init
terraform plan

Error Output

volcenginecc_iam_project.default: Preparing import... [id=default]
volcenginecc_iam_user.bot_terraform: Preparing import... [id=bot-terraform]
volcenginecc_iam_project.default: Refreshing state... [id=default]
volcenginecc_iam_user.bot_terraform: Refreshing state... [id=bot-terraform]

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: SDK Go Service Operation Unsuccessful
│
│ Calling Cloud Control API service GetResource operation returned: RegionNotSupport: service
│ [iam] not support region [cn-shanghai]
│       status code: 400, request id: 20260323160830DA2EF76E27138A9334D9
╵
╷
│ Error: SDK Go Service Operation Unsuccessful
│
│ Calling Cloud Control API service GetResource operation returned: RegionNotSupport: service
│ [iam] not support region [cn-shanghai]
│       status code: 400, request id: 2026032316083001814B54A8814394340F
╵

Expected Behavior

IAM resources should work regardless of the provider-configured region, since IAM is a global service.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions