静态网站的Terraform Google存储桶，用于Google存储-403 [英] Terraform google bucket for static website for google storage - 403

问题描述

尝试为静态网站创建一个Google存储桶.

 提供商"google" {project ="myprojectname-123"凭据="$ {file(" storage-admin.json)}"区域="us-central1"区域="us-central1-c"}资源"google_storage_bucket"标准" {名称="mywebsite.com"storage_class =标准"location =美国"网站 {main_page_suffix ="index.html"not_found_page ="404.html"}} 

>地形应用

googleapi:错误403:您尝试创建的存储桶是域名由其他用户拥有.，禁止

找到了这个答案适用于AWS

问:可以从Terraform for Google Cloud创建以存储域为中心的存储/存储桶吗?

解决方案

(假设您已经已验证域 mywebsite.com ，并且您是该域的所有者)

我可以看到您正在使用服务的帐户凭据创建存储桶:

提供商"google" {

project ="myprojectname-123"

凭据="$ {file(" storage-admin.json)}"

region ="us-central1"

zone ="us-central1-c"

}

您必须将该服务帐户添加为域的所有者，因为用于创建这些资源的terraform API调用将使用其凭据来创建存储桶.

如果该帐户不在域的所有者列表中，您将收到403以及收到的消息.有关如何将服务帐户添加为所有者的文档./p>

同样，请确保将服务帐户添加为域所有者，而不是网站所有者.

Trying to create a google bucket for the static website.

provider "google" {
  project = "myprojectname-123"
  credentials = "${file("storage-admin.json")}"
  region  = "us-central1"
  zone    = "us-central1-c"
}

resource "google_storage_bucket" "STANDARD" {
  name     = "mywebsite.com"
  storage_class = "STANDARD"
  location = "US"

  website {
    main_page_suffix = "index.html"
    not_found_page   = "404.html"
  }
}

> terraform apply

googleapi: Error 403: The bucket you tried to create is a domain name owned by another user., forbidden

Found this answer for AWS

Q: Is it possible to create storage domain centric storage/bucket from Terraform for Google Cloud?

解决方案

(Assuming that you have already verified the domain mywebsite.com, and that you are an owner of the domain)

I can see that you are creating the bucket using a service's account credentials:

provider "google" {

project = "myprojectname-123"

credentials = "${file("storage-admin.json")}"

region = "us-central1"

zone = "us-central1-c"

}

You will have to add that service account as an owner of the domain, since the terraform API Call to create those resources will use its credentials to create the bucket.

If the account is not on the owner list of the domain, you will receive the 403, with the message that you are getting. Documentation on how to add the service account as an owner.

As well, make sure that you add the service account as a domain owner, not a site owner.

这篇关于静态网站的Terraform Google存储桶，用于Google存储-403的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！