Looking for advice on why the report definition creation fails with 403.
Terraform plan succeeds, apply fails immediately.
The main issue here is likely a mismatch between the Terraform service account permissions and the specific scope required for Analytics Report Definitions. Standard admin roles often lack the granular permissions needed to create report definitions via API, especially when dealing with cross-divisional data. In legal discovery workflows, we see similar 403 errors when the IAM role lacks explicit write access to the analytics resource group.
Try checking the API key scopes associated with the Terraform provider. Ensure it includes analytics:report:definition:write. Also, verify the division_id matches the scope of the service account. If the account is global, it should work, but if it is division-scoped, the report definition might be trying to access data outside its bounds.
| Requirement | Value |
|---|---|
| API Scope | analytics:report:definition:write |
| Division Match | Exact match with service account |
Adjust the API key permissions in the Genesys Cloud admin console under Integrations. This usually resolves the immediate 403 error.