缺少对“billingAccounts/XXXXXXXXXXXXXXXXXXXXXXXX"的权限:billing.resourceAssociations.create Terraform (GCP) [英] missing permission on "billingAccounts/XXXXXXXXXXXXXXXXXXXXXXXX": billing.resourceAssociations.create Terraform (GCP)

问题描述

我尝试使用 Terraform 在 GCP 上自动创建共享 VPC.我已启用对我的服务帐户的所有访问权限(组织管理员、XpnAdmin、存储管理员、计算管理员、计费管理员)

I tried to automate the Shared VPC creation on GCP by using Terraform. I have enabled all the access to my service account (Org Admin, XpnAdmin, Storage Admin, Compute admin, Billing Admin)

但是当我执行 terraform apply 时，它会抛出以下错误:

But when i executed terraform apply it's throwing me following error:

缺少对billingAccounts/CXXXXXXXXXXXXXXXXXX"的权限:billing.resourceAssociations.create

missing permission on "billingAccounts/CXXXXXXXXXXXXXXXXXX": billing.resourceAssociations.create

我指的是 Google 提供商 此演示的 Github 代码.

I'm referring the Google provider Github code for this demo.

推荐答案

您很可能拥有计费管理员，但您还需要创建计费分配或计费项目经理"的能力.

It's quite likely you have the billing admin, but you also need the ability to create billing assignments, or "Billing Project Manager".

https://cloud.google.com/billing/v1/how-tos/访问控制

billing.resourceAssociations.create AND resourcemanager.projects.createBillingAssignment 在 Cloud Billing 帐号上.

billing.resourceAssociations.create AND resourcemanager.projects.createBillingAssignment on the Cloud Billing account.

有一些方便的代码可以引导服务帐户 - Google Project Factory - 你可能想看看那个.一旦创建了 SA，您就不应该有权限问题

There's some handy code to bootstrap a service account - Google Project Factory - You might want to have a look at that. Once that SA is created you shouldn't have permissions issues

这篇关于缺少对“billingAccounts/XXXXXXXXXXXXXXXXXXXXXXXX"的权限:billing.resourceAssociations.create Terraform (GCP)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！