gcloud.exceptions.Forbidden:403 权限缺失或不足 [英] gcloud.exceptions.Forbidden: 403 Missing or insufficient permissions
问题描述
我是 Google Cloud Platform 的新手.我已经设置了一个 Google VM 实例.运行命令时,我在本地计算机上遇到了身份验证问题:
I am a new to Google Cloud Platform. I have setup a Google VM Instance. I am facing an authentication issue on Local Machine while running the command:
python manage.py makemigrations
您能否提出一些解决问题的提示/步骤?
Can you please suggest some tips/steps to resolve the same ?
错误追踪
File "/constants.py", line 18, in <module>
table_data = datastore_fetch(project_id, entity_kind)
File "/datastore_helper.py", line 23, in datastore_fetch
results = list(query.fetch())
File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/query.py", line 463, in __iter__
self.next_page()
File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/query.py", line 434, in next_page
transaction_id=transaction and transaction.id,
File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 286, in run_query
_datastore_pb2.RunQueryResponse)
File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 124, in _rpc
data=request_pb.SerializeToString())
File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 98, in _request
raise make_exception(headers, error_status.message, use_json=False)
gcloud.exceptions.Forbidden: 403 Missing or insufficient permissions.
其他信息:
gcloud auth list
Credentialed Accounts:
- user_account@gmail.com ACTIVE
To set the active account, run:
$ gcloud config set account `ACCOUNT`
gcloud config list
Your active configuration is: [default]
[core]
account = user_account@gmail.com
disable_usage_reporting = True
project = user_project
输入:(独立 Python 函数)
Input: (Standalone Python Function)
from gcloud import datastore
client = datastore.Client('user_project')
print(vars(client.connection.credentials))
输出:
{'scopes': set([]), 'revoke_uri': 'https://accounts.google.com/o/oauth2/revoke', 'access_token': None, 'token_uri': 'https://www.googleapis.com/oauth2/v4/token', 'token_info_uri': None, 'token_response': None, 'invalid': False, 'refresh_token': u'1/t-V_pZicXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'client_id': u'3XXXXXXXX9.apps.googleusercontent.com', 'id_token': None, 'client_secret': u'ZXXXXXXXXXXXXXXXXXXX2', 'token_expiry': None, 'store': None, 'user_agent': 'Python client library'}
虚拟机详细信息
Firewalls
Allow HTTP traffic
Allow HTTPS traffic
Availability policies
Preemptibility Off (recommended)
Automatic restart
On (recommended)
On host maintenance
Migrate VM instance (recommended)
Custom metadata
None
SSH Keys
Block project-wide SSH keys
None
Service account
service-account@user_project.iam.gserviceaccount.com
Cloud API access scopes
This instance has full API access to all Google Cloud services.
谢谢,
推荐答案
应用程序默认凭据的行为已更改 gcloud 自 128 版起.
The behavior for application default credentials has changed in gcloud since version 128.
应该使用
gcloud auth application-default login
相反.
请注意,通过 gcloud auth login 或 gcloud init 或 gcloud config set account MY_ACCOUNT 更改凭据不会影响应用程序默认凭据,他们管理与 gcloud 凭据分开.
Note that changing credentials via gcloud auth login or gcloud init or gcloud config set account MY_ACCOUNT will NOT affect application default credentials, they managed separately from gcloud credentials.
这篇关于gcloud.exceptions.Forbidden:403 权限缺失或不足的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
