使用服务帐户的Google Cloud SQL导入权限 [英] Permissions For Google Cloud SQL Import Using Service Accounts
问题描述
我已按照 MySQL导出指南成功.
现在,我正尝试按照 MySQL导入来导入MySQL数据库指南.
我已经检查了正在使用的service_account_email的权限,并且已经允许 Admin SQL 和 Admin Storage 权限.
I've checked the permissions for the service_account_email I'm using, and I have allowed both Admin SQL and Admin Storage permissions.
我能够在本地使用以下命令成功激活我的服务帐户:
I was able to successfully activate my service account using this command locally:
gcloud auth activate-service-account <service_account_email> --key-file=<service_account_json_file>
运行命令后:
gcloud sql import sql <instance> <gstorage_file> --database=<db_name> --async
我得到了以下信息:
{
"error": {
"errors": Array[1][
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
我尝试过的其他事情
我还尝试使用SQL实例的service_account_email,该实例来自:
I also tried using the service_account_email of my SQL instance, which came from:
gcloud sql instances describe <instance_name>
但是,它似乎有相同的错误.
But, it seems to have the same error.
问题
基于我收到的REST API JSON错误,如何使用service_account_email登录",这样我就不会得到401 Error?
Based on the REST API JSON error I'm given, how do I "login" using the service_account_email so I wouldn't get the 401 Error?
推荐答案
问题与数据库实例服务帐户在创建的存储桶上写入的权限有关.解决此问题的步骤
Problem is about the permission of database instance service account to write on created bucket. Steps to solve this issue
1)转到您的Cloud SQL实例并复制实例的服务帐户(Cloud SQL-> {instance name}-> OVERVIEW-> Service account)
1) Go to your Cloud SQL Instance and copy service account of instance (Cloud SQL->{instance name}->OVERVIEW->Service account)
2)复制服务帐户后,转到要转储的位置的Cloud Storage Bucket并对该帐户设置所需的权限(存储-> {bucket name}-> permissions-> add成员).
2) After copy the service account, go the Cloud Storage Bucket where to want to dump and set desired permission to that account (Storage->{bucket name}->permissions->add member).
这篇关于使用服务帐户的Google Cloud SQL导入权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
