I had created a private cluster with private endpoint enabled using Google provider. But ended up with below error while creating secrets using Kubernetes provider.
kubernetes_secret.create-secret: secrets is forbidden: User "system:anonymous" cannot create secrets in the namespace "default"
Also, the state file doesn't contain master auth details like username, password, private key, etc.
Do you have RBAC enabled? If so by default your cluster should not allow full, unprivileged access any more. It seems like issue with clusterrolebinding. Here is a similar reported issue got resolved upon creating clusterrolebinding for Anonymous requests. You can try the solution advised there and should resolve your problem.