IBM Cloud Docs
Why do I get an infrastructure operation failed error when creating a VPC cluster?

Why do I get an infrastructure operation failed error when creating a VPC cluster?

When you try to create a VPC cluster, you see an error message similar to the following.

Unable to create cluster. The 'vpc-gen2' infrastructure operation failed with the message: the provided token is not authorized to view the specified subnet (ID:XXXX) in this account

The API key of the user or service ID that is trying to create the cluster does not have the required IAM permissions to view VPC subnets in your account.

A common scenario for this error is having your VPC subnets in different resource groups from the cluster. Make sure that the API key that was used to create the cluster has at least Viewer access to those subnets.

Complete the following steps to resolve the issue.

  1. Review the steps in the Preparing you account to create clusters documentation.

  2. Review the details of the API key that was used to create the cluster.

    ibmcloud oc api-key info
    

    Example output

    ibmcloud oc api-key info -c CLUSTER
    Getting information about the API key owner for cluster CLUSTER...
    OK
    Name                Email
    User 2   usertwo@us.ibm.com
    
  3. Add the Viewer access role for the VPC subnet mentioned in the error message or for all subnets in the VPC.

  4. Retry the cluster creation steps.

  5. If the issue persists, contact support. Open a support case. In the case details, be sure to include any relevant log files, error messages, or command outputs.