Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/google-cloud-platform/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/svg/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Google cloud platform 添加ObjectAcesControl时,托管服务帐户没有足够的权限_Google Cloud Platform_Google Deployment Manager - Fatal编程技术网

Google cloud platform 添加ObjectAcesControl时,托管服务帐户没有足够的权限

Google cloud platform 添加ObjectAcesControl时,托管服务帐户没有足够的权限,google-cloud-platform,google-deployment-manager,Google Cloud Platform,Google Deployment Manager,正在尝试在部署管理器上添加对象控件访问权限: - type: storage.v1.objectAccessControl name: url-access properties: role: READER bucket: "bucket" object: "object" entity: "email" 我得到一个错误: ERROR: (gcloud.deployment-manager.deployments.update) Error in Ope

正在尝试在部署管理器上添加对象控件访问权限:

- type: storage.v1.objectAccessControl
  name: url-access
  properties:
    role: READER
    bucket: "bucket"
    object: "object"
    entity: "email"
我得到一个错误:

ERROR: (gcloud.deployment-manager.deployments.update) Error in Operation [operation-1574856490078-59852d9a9d256-4d665591-d57c3ea1]: errors:
- code: RESOURCE_ERROR
  location: /deployments/.../resources/user-access
  message: '{
    "ResourceType": "storage.v1.objectAccessControl",
    "ResourceErrorCode": "403",
    "ResourceErrorMessage": {
        "code": 403,
        "errors": [
            {
                "domain": "global",
                "message": "MANAGED_SA@cloudservices.gserviceaccount.com does not have storage.objects.get access to bucket/file.",
                "reason": "forbidden"
            }
        ],
        "message": "MANAGED_SA@cloudservices.gserviceaccount.com does not have storage.objects.get access to bucket/file.",
        "statusMessage": "Forbidden",
        "requestPath": "https://www.googleapis.com/storage/v1/b/bucket/o/file/acl",
        "httpMethod": "POST",
        "suggestion": "Consider granting permissions to MANAGED_SA@cloudservices.gserviceaccount.com"
    }
}'

奇怪的事实:MANAGED-SA默认对项目具有编辑器访问权限。即使设置所有者访问权限,我仍然收到此消息

只需为服务帐户“托管”添加角色即可_SA@cloudservices.gserviceaccount.com:“存储对象管理”。观众是不够的

是的,只是一种许可而已