Error: waiting for create/update of Application Gateway: See details below:" Details=[{"code":"0","message":"Operation returned an invalid status code 'Forbidden'"}]

[harrypotter033]

Terraform gives error not sure what does this mean. I have created keyvault and added manually certificate (.pem) in certificates. I am using terraform to import into gateway using

// To use manual uploaded cert
              certificate_name = "certificate-web"
              keyvault_key     = "certificates"

╷ │ Error: waiting for create/update of Application Gateway: (Name "agw-DEV12-blue-web-ag" / Resource Group "rg-DEV12-blue"): Code="ApplicationGatewayKeyVaultSecretException" Message="Problem occured while accessing and validating KeyVault Secrets associated with Application Gateway '/subscriptions/1sas23242-2312-4b7e-a59b/resourceGroups/rg-DEV2-blue/providers/Microsoft.Network/applicationGateways/agw-DEV2-blue-web-ag'. See details below:" Details=[{"code":"0","message":"Operation returned an invalid status code 'Forbidden'"}] │ │ with module.caf.module.application_gateways["agw-web"].azurerm_application_gateway.agw, │ on .terraform/modules/caf/modules/networking/application_gateway/application_gateway.tf line 29, in resource "azurerm_application_gateway" "agw": │ 29: resource "azurerm_application_gateway" "agw" {

[harrypotter033]

Fixed the issue giving secrets permission "get"
not sure why it needs secrets permission when cert is saved in certificates.

`
keyvault_access_policies = {
certificates = {
blue_env = {
managed_identity_key = "blue_mi"
certificate_permissions = ["Get", "List", "Update", "Create", "Import", "Delete", "Purge", "Recover", "Backup", "Restore", "managecontacts", "manageissuers"]
key_permissions = ["Get", "List", "Update", "Create", "Import", "Delete", "Purge", "Recover", "Backup", "Restore"]

    secret_permissions = ["Get"]
  }
}

}
`