Terraform Provider version: atlassian/atlassian-operations 2.0.3
Affected resources:
- atlassian-operations_alert_policy
- atlassian-operations_notification_policy
Description:
When running terraform plan, the provider returns a 403 error when trying to read alert policies and notification policies:
Error: Client Error
Unable to read alert policy, status code: 403. Got response:
{“errors”:[{“title”:“You are not authorized to see team details.”}]}
Error: Client Error
Unable to read notification policy, status code: 403. Got response:
{“errors”:[{“title”:“You are not authorized to see team details.”}]}
What is suspicious: The error message says “not authorized to see team details” — but we are trying to read a policy, not a team. This suggests the provider is making an internal team API call as part of reading the policy,
and that call is failing.
Account permissions:
- The account used for the API token (email_address) has Team Admin role in JSM Operations
- The same account can see and access all policies in the browser UI without any issues
What works fine with the same account:
- atlassian-operations_team
- atlassian-operations_schedule
- atlassian-operations_escalation
- atlassian-operations_routing_rule
- atlassian-operations_api_integration
- atlassian-operations_integration_action
What fails:
- atlassian-operations_alert_policy
403 - atlassian-operations_notification_policy 403
All of the above use the same team_id. The fact that escalations and routing rules work while policies do not — despite identical team permissions — strongly suggests this is a provider-side issue where the policy read
implementation triggers an additional team API call that is not necessary (or uses a different endpoint) compared to other resources.
Expected behavior: A Team Admin account that can view policies in the UI should be able to read them via the API/provider.