p0 request
Below is a troubleshooting guide for p0 request, organized into seven categories. Each section uses a table to show common symptoms, their likely causes, and resolutions.
1. Authentication & Authorization Failures
Error: Permission denied: iam.roles.get on projects/my-project
P0’s service account lacks rights to fetch or provision that resource.
Grant the P0 service account the needed IAM role (e.g. roles/iam.roleViewer on GCP, or iam:GetRole on AWS). (Google Cloud)
2. Network & Connectivity Issues
connect ECONNREFUSED https://<tenant>/o/<org>/command/
Outbound HTTPS is blocked by firewall or proxy.
Allow HTTPS to your P0 API endpoint; if behind a corporate proxy, set HTTPS_PROXY / HTTP_PROXY.
getaddrinfo ENOTFOUND <tenant>
DNS resolution failure for your P0 tenant domain.
Verify DNS can resolve <tenant>; if needed, add an /etc/hosts entry or fix your network DNS settings.
Request timed out connecting to host
Extremely slow or unreliable network to the endpoint.
Increase the CLI’s HTTP timeout in ~/.p0/config.json under "timeout", or improve network connectivity.
3. Flag & Usage Errors
unknown option '--lenght'
Typo in the flag name.
Correct the spelling (--length) or run p0 request --help to see valid flags. (GitHub)
Missing required flag: --reason
Your org policy mandates a --reason, but you omitted it.
Always supply a justification: --reason "Debugging issue"
4. Subcommand & Provider Validation
Subcommand is required for aws. Run 'p0 request aws --help' for details.
You specified aws but didn’t include role, resource, etc.
Add the correct subcommand. e.g.:p0 request aws role MyReadOnlyRole --reason "Audit" (GitHub)
5. Pagination & Truncation Questions
“Showing the first N” though more exist
The CLI fetches an extra page to detect truncation; your --size only controls how many are displayed, not how many are fetched.
Increase --size (e.g. --size 200), or use --like <term> to filter results and avoid truncation. (GitHub)
isTruncated=true with no --like filter
The backend is signaling more results exist, but you haven’t narrowed the query.
Add a search term after your subcommand, e.g.:p0 ls aws resource logs --like auth
6. Debugging Tips
Enable debug logs
p0 request aws role MyRole --reason "test"
Inspect local config
cat ~/.p0/config.jsonVerify fields like appUrl, timeout, proxy settings.
Test API directly
curl -X POST https:///o//command/ \
-H "Authorization: Bearer $(p0 debug-token)" \
-d '{"argv":["request","aws","role","MyRole"],"scriptName":"p0"}'Validate Integration State
Use the native CLI/console to confirm resource existence:
aws iam list-roles
gcloud iam roles list --project my-project
Last updated