使用Google Cloud Dataproc创建群集时,请求没有足够的认证范围[403] [英] Request had insufficient authentication scopes [403] when creating a cluster with Google Cloud Dataproc
本文介绍了使用Google Cloud Dataproc创建群集时,请求没有足够的认证范围[403]的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
在Google云端平台中,DataProc API已启用。我使用的是我用来访问GCS和Big查询的相同密钥,以根据此示例创建新集群。
请求的认证范围不足>操作createOperation =
service.Projects.Regions.Clusters.Create(newCluster,project,dataprocGlobalRegion).Execute();
我的完整代码:
public static class DataProcClient
{
public static void Test()
{
string project = ConfigurationManager.AppSettings [Google.ProjectName]; ;
字符串dataprocGlobalRegion =global;
string zone =us-east1-b;
string machineType =n1-standard-4;
string clusterName =sample-cluster;
int numWorkers = 2;
字符串serviceAccountEmail = ConfigurationManager.AppSettings [Google.ServiceAccountEmail];
字符串certificateFile = ConfigurationManager.AppSettings [KeyDirectory] + ConfigurationManager.AppSettings [Google.CertificateFile];
X509Certificate2 certificate = new X509Certificate2(certificateFile,notasecret,X509KeyStorageFlags.Exportable);
ServiceAccountCredential凭证=新的ServiceAccountCredential(
新的ServiceAccountCredential.Initializer(serviceAccountEmail)
{
Scopes = new [] {StorageService.Scope.DevstorageFullControl}
} .FromCertificate(证书));
DataprocService service = new DataprocService(
)BaseClientService.Initializer()
{
HttpClientInitializer =凭证,
ApplicationName =Dataproc Sample,
});
//创建一个新的集群:
Cluster newCluster = new Cluster
{
ClusterName = clusterName,
Config = new ClusterConfig
{
GceClusterConfig = new GceClusterConfig
{
ZoneUri = String.Format(
https://www.googleapis.com/compute/v1/projects/{0}/zones/ {1},
project,zone),
},
MasterConfig = new InstanceGroupConfig
{
NumInstances = 1,
MachineTypeUri = String.Format (
https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}/machineTypes/{2},
project,zone,machineType),
},
WorkerConfig = new InstanceGroupConfig
{
NumInstances = numWorkers,
MachineTypeUri = String.Format(
https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}/machineTypes/{2},
project,zone,machineType),
} ,
},
};
操作createOperation =
service.Projects.Regions.Clusters.Create(newCluster,project,dataprocGlobalRegion).Execute();
//轮询操作:
while(!IsDone(createOperation))
{
Console.WriteLine(Polling operation {0},createOperation.Name);
createOperation =
service.Projects.Regions.Operations.Get(createOperation.Name).Execute();
Thread.Sleep(1000);
}
}
static bool IsDone(Operation op)
{
return op.Done ??假;
}
}
解决方案
创建您的ServiceAccountCredential,更改:
new [] {StorageService.Scope.DevstorageFullControl}b
$ b < .Scope.CloudPlatform}
In Google Cloud Platform the DataProc API is enabled. I am using the same key I use to access GCS and Big query to create a new cluster per this example. I get a Request had insufficient authentication scopes error on the following line.
Operation createOperation =
service.Projects.Regions.Clusters.Create(newCluster, project, dataprocGlobalRegion).Execute();
My complete code:
public static class DataProcClient
{
public static void Test()
{
string project = ConfigurationManager.AppSettings["Google.ProjectName"]; ;
string dataprocGlobalRegion = "global";
string zone = "us-east1-b";
string machineType = "n1-standard-4";
string clusterName = "sample-cluster";
int numWorkers = 2;
String serviceAccountEmail= ConfigurationManager.AppSettings["Google.ServiceAccountEmail"];
String certificateFile = ConfigurationManager.AppSettings["KeyDirectory"] + ConfigurationManager.AppSettings["Google.CertificateFile"];
X509Certificate2 certificate = new X509Certificate2(certificateFile, "notasecret", X509KeyStorageFlags.Exportable);
ServiceAccountCredential credential = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer(serviceAccountEmail)
{
Scopes = new[] { StorageService.Scope.DevstorageFullControl }
}.FromCertificate(certificate));
DataprocService service = new DataprocService(
new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Dataproc Sample",
});
// Create a new cluster:
Cluster newCluster = new Cluster
{
ClusterName = clusterName,
Config = new ClusterConfig
{
GceClusterConfig = new GceClusterConfig
{
ZoneUri = String.Format(
"https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}",
project, zone),
},
MasterConfig = new InstanceGroupConfig
{
NumInstances = 1,
MachineTypeUri = String.Format(
"https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}/machineTypes/{2}",
project, zone, machineType),
},
WorkerConfig = new InstanceGroupConfig
{
NumInstances = numWorkers,
MachineTypeUri = String.Format(
"https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}/machineTypes/{2}",
project, zone, machineType),
},
},
};
Operation createOperation =
service.Projects.Regions.Clusters.Create(newCluster, project, dataprocGlobalRegion).Execute();
// Poll the operation:
while (!IsDone(createOperation))
{
Console.WriteLine("Polling operation {0}", createOperation.Name);
createOperation =
service.Projects.Regions.Operations.Get(createOperation.Name).Execute();
Thread.Sleep(1000);
}
}
static bool IsDone(Operation op)
{
return op.Done ?? false;
}
}
解决方案
When creating your ServiceAccountCredential, change:
new[] { StorageService.Scope.DevstorageFullControl }
to:
new[] { DataprocService.Scope.CloudPlatform }
这篇关于使用Google Cloud Dataproc创建群集时,请求没有足够的认证范围[403]的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
