数据流设置控制器服务帐户 [英] Dataflow setting Controller Service Account
本文介绍了数据流设置控制器服务帐户的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我尝试为Dataflow设置控制器服务帐户.在我的数据流选项中,我有:
I try to set up controller service account for Dataflow. In my dataflow options I have:
options.setGcpCredential(GoogleCredentials.fromStream(new FileInputStream("key.json")).createScoped(someArrays));
options.setServiceAccount("xxx@yyy.iam.gserviceaccount.com");
但是我得到了:
WARNING: Request failed with code 403, performed 0 retries due to IOExceptions, performed 0 retries due to unsuccessful status codes, HTTP framework says request can be retried, (caller responsible for retrying): https://dataflow.googleapis.com/v1b3/projects/MYPROJECT/locations/MYLOCATION/jobs
Exception in thread "main" java.lang.RuntimeException: Failed to create a workflow job: (CODE): Current user cannot act as service account "xxx@yyy.iam.gserviceaccount.com. Causes: (CODE): Current user cannot act as service account "xxx@yyy.iam.gserviceaccount.com.
at org.apache.beam.runners.dataflow.DataflowRunner.run(DataflowRunner.java:791)
at org.apache.beam.runners.dataflow.DataflowRunner.run(DataflowRunner.java:173)
at org.apache.beam.sdk.Pipeline.run(Pipeline.java:311)
at org.apache.beam.sdk.Pipeline.run(Pipeline.java:297)
...
Caused by: com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "(CODE): Current user cannot act as service account xxx@yyy.iam.gserviceaccount.com. Causes: (CODE): Current user cannot act as service account xxx@yyy.iam.gserviceaccount.com.",
"reason" : "forbidden"
} ],
"message" : "(CODE): Current user cannot act as service account xxx@yyy.iam.gserviceaccount.com. Causes: (CODE): Current user cannot act as service account xxx@yyy.iam.gserviceaccount.com.",
"status" : "PERMISSION_DENIED"
}
我缺少某些角色或权限吗?
Am I missing some Roles or permissions?
推荐答案
也许有人会觉得有帮助:
Maybe someone is going to find it helpful:
-
对于控制器,它是:Dataflow Worker和Storage Object Admin(在 Google文档).
对于执行者,是:服务帐户用户.
For executor it was: Service Account User.
这篇关于数据流设置控制器服务帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
