AccessDeniedException:尝试使用gsutil将文件从VM复制到Google Storage时为403 [英] AccessDeniedException: 403 when trying to copy file to Google Storage from VM using gsutil

问题描述

我正在尝试手动执行该过程所需的步骤，以使过程自动化，以了解其工作原理并确保我直接获得所有命令.但是，当我尝试使用以下命令进行操作时:

I’m trying to manually do the steps I need to automate the process to understand how it works and to make sure I get all the commands straight. But when I try to do it using the command:

gsutil cp file_name gs://bucket_name/

我收到以下错误:

AccessDeniedException: 403 Insufficient OAuth2 scope to perform this operation.

这本来是一件很简单的事情，但我做对了.我曾经在AWS中这样做，但在Google Cloud中却无法做到这一点.有人知道如何克服它吗?

It was supposed to be a very simple thing, but I can't get it right. I'm used to do it in AWS, but I'm not being able to do the same in Google Cloud. Anyone knows how to get over it?

推荐答案

您似乎要尝试使用此副本的帐户无权将对象写入bucket-name存储桶.

It looks like the account you're using to attempt this copy doesn't have permission to write an object to the bucket-name bucket.

如果在GCE VM上并使用其默认服务帐户执行此操作，请确保在创建VM时选择了正确的访问范围-默认范围包括对GCS的只读访问.您可以通过登录VM并使用curl来查询GCE元数据服务器来进行检查:

If you're doing this on a GCE VM and using its default service account, make sure that you selected the correct access scopes when creating the VM -- the default scopes include read-only access to GCS. You can check this by logging into the VM and using curl to query the GCE metadata server:

$ curl -H 'Metadata-Flavor: Google' "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/scopes"
[...]
https://www.googleapis.com/auth/devstorage.read_only
[...]

这篇关于AccessDeniedException:尝试使用gsutil将文件从VM复制到Google Storage时为403的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！