Google云存储:调用者没有权限 [英] Google cloud storage: The caller does not have permission
本文介绍了Google云存储:调用者没有权限的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用服务帐户和API旋转密钥以访问GCS存储桶.我已经为我的服务帐户启用了所有角色,但是仍然出现如下错误.
I am trying to rotate key to access GCS bucket using service account and API. I have enabled all roles to my service accounts but still i am getting error as follows.
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "The caller does not have permission",
"reason" : "forbidden"
} ],
"message" : "The caller does not have permission",
"status" : "PERMISSION_DENIED"
}
这是我的代码:
public static void main(String[] args) {
HttpTransport transport;
try {
transport = GoogleNetHttpTransport.newTrustedTransport();
JsonFactory jsonFactory = new JacksonFactory();
Iam iam = new Iam(transport,jsonFactory,new HttpRequestInitializer() {
public void initialize(HttpRequest httpRequest) {
httpRequest.setConnectTimeout(0);
httpRequest.setReadTimeout(0);
}
});
CreateServiceAccountKeyRequest createServiceAccountKeyRequest = new CreateServiceAccountKeyRequest();
Create create = iam.projects().serviceAccounts().keys().create("projects/mysampleproject/serviceAccounts/myserviceaccount@newsampleproject-123465.iam.gserviceaccount.com", createServiceAccountKeyRequest);
create.setKey("AIzaSyC_YlBg_UXEFgdsspbGLvyb-THrTCbbZA");
ServiceAccountKey serviceAccountKey =create.execute();
System.out.println(serviceAccountKey.getPrivateKeyData());
} catch (GeneralSecurityException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
我从同一条发布.请有人能建议我哪里错了或如何以正确的方式实现它吗?
I tried from my same post. Please can anyone suggest me where i am wrong or how to achieve it in right way?
推荐答案
"mysampleproject"需要匹配"newsampleproject-123465.iam.gserviceaccount.com"中的"newsampleproject-123465"
"mysampleproject" needs to match "newsampleproject-123465" in "newsampleproject-123465.iam.gserviceaccount.com"
还值得尝试使用Google应用程序默认凭据
Also it's worth to try using Google Application Default Credentials
HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport();
JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
// Authenticate using Google Application Default Credentials.
GoogleCredential c= GoogleCredential.getApplicationDefault();
Iam iam = new Iam(httpTransport, jsonFactory, credential);
这篇关于Google云存储:调用者没有权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文