All geek questions in one place

Gcloud.exceptions.Forbidden: 403 Missing or Insufficient Permissions

I am new to Google Cloud Platform. I installed an instance of the Google virtual machine. Before executing the command, I encountered an authentication problem on the local machine:

python manage.py makemigrations

Can you offer some tips / steps to address them?

Error tracing

  File "/constants.py", line 18, in <module> table_data = datastore_fetch(project_id, entity_kind) File "/datastore_helper.py", line 23, in datastore_fetch results = list(query.fetch()) File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/query.py", line 463, in __iter__ self.next_page() File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/query.py", line 434, in next_page transaction_id=transaction and transaction.id, File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 286, in run_query _datastore_pb2.RunQueryResponse) File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 124, in _rpc data=request_pb.SerializeToString()) File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 98, in _request raise make_exception(headers, error_status.message, use_json=False) gcloud.exceptions.Forbidden: 403 Missing or insufficient permissions.

Additional Information:

 gcloud auth list Credentialed Accounts: - user_account@gmail.com ACTIVE To set the active account, run: $ gcloud config set account `ACCOUNT` gcloud config list Your active configuration is: [default] [core] account = user_account@gmail.com disable_usage_reporting = True project = user_project

Input: (stand-alone Python function)

 from gcloud import datastore client = datastore.Client('user_project') print(vars(client.connection.credentials))

Output:

 {'scopes': set([]), 'revoke_uri': 'https://accounts.google.com/o/oauth2/revoke', 'access_token': None, 'token_uri': 'https://www.googleapis.com/oauth2/v4/token', 'token_info_uri': None, 'token_response': None, 'invalid': False, 'refresh_token': u'1/t-V_pZicXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'client_id': u'3XXXXXXXX9.apps.googleusercontent.com', 'id_token': None, 'client_secret': u'ZXXXXXXXXXXXXXXXXXXX2', 'token_expiry': None, 'store': None, 'user_agent': 'Python client library'}

VM Details

 Firewalls Allow HTTP traffic Allow HTTPS traffic Availability policies Preemptibility Off (recommended) Automatic restart On (recommended) On host maintenance Migrate VM instance (recommended) Custom metadata None SSH Keys Block project-wide SSH keys None Service account service-account@user _project.iam.gserviceaccount.com Cloud API access scopes This instance has full API access to all Google Cloud services.

Thanks,

+5
source share
2 answers

The default credential behavior for the app has changed in gcloud from version 128.

Should use

 gcloud auth application-default login

instead of this.

Please note that changing credentials using gcloud auth login or gcloud init or gcloud config set account MY_ACCOUNT does NOT affect the default credentials of the application, they are managed separately from the gcloud credentials.

+8
source

Just ran these two commands:

  1. gcloud beta auth application-default login 2. export GOOGLE_APPLICATION_CREDENTIALS='/<path_to_json>/client_secrets.json'

from the local machine, and it started to work.

+2
source

Source: https://habr.com/ru/post/1258026/

More articles:


All Articles