Fatal编程技术网
  • python/
  • Python 从云函数访问google云存储桶抛出500错误

Python 从云函数访问google云存储桶抛出500错误

python google-cloud-platform google-cloud-storage

Python 从云函数访问google云存储桶抛出500错误,python,google-cloud-platform,google-cloud-functions,google-cloud-storage,Python,Google Cloud Platform,Google Cloud Functions,Google Cloud Storage,我试图从CloudFunctions(python)实例访问google云存储桶,但它抛出了mystic 500错误 我也给了服务帐户编辑器角色。没有任何改变 我还检查了配额是否超出了限额。这些限制甚至都不接近 请,有人能帮我找到这个错误的原因吗 这是密码 从google.cloud导入存储 导入操作系统 导入base64 storage\u client=storage.client() def初始分析(事件、上下文): 打印(“事件”,事件) pubsub_message=base64

我试图从CloudFunctions(python)实例访问google云存储桶,但它抛出了mystic 500错误

  • 我也给了服务帐户编辑器角色。没有任何改变
  • 我还检查了配额是否超出了限额。这些限制甚至都不接近
请,有人能帮我找到这个错误的原因吗

这是密码


从google.cloud导入存储
导入操作系统
导入base64
storage\u client=storage.client()
def初始分析(事件、上下文):
打印(“事件”,事件)
pubsub_message=base64.b64解码(事件['data']).decode('utf-8')
打印(发布消息)
bucket\u name='我的bucket'
bucket=存储\客户端。获取\ bucket(bucket\名称)
blobs=bucket.list_blobs()
对于blob中的blob:
打印(blob.name)
错误:

    Traceback (most recent call last): File "/env/local/lib/python3.7/site-packages/google/auth/compute_engine/credentials.py", line 99, in refresh service_account=self._service_account_email) File "/env/local/lib/python3.7/site-packages/google/auth/compute_engine/_metadata.py", line 208, in get_service_account_token 'instance/service-accounts/{0}/token'.format(service_account)) File "/env/local/lib/python3.7/site-packages/google/auth/compute_engine/_metadata.py", line 140, in get url, response.status, response.data), response) google.auth.exceptions.TransportError: ("Failed to retrieve http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token from the Google Compute Enginemetadata service. Status: 500 Response:\nb'Could not fetch URI /computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token\\n'", <google.auth.transport.requests._Response object at 0x2b0ef9edf438>) The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/env/local/lib/python3.7/site-packages/google/cloud/functions/worker.py", line 383, in run_background_function _function_handler.invoke_user_function(event_object) File "/env/local/lib/python3.7/site-packages/google/cloud/functions/worker.py", line 217, in invoke_user_function return call_user_function(request_or_event) File "/env/local/lib/python3.7/site-packages/google/cloud/functions/worker.py", line 214, in call_user_function event_context.Context(**request_or_event.context)) File "/user_code/main.py", line 21, in init_analysis bucket = storage_client.get_bucket(bucket_name) File "/env/local/lib/python3.7/site-packages/google/cloud/storage/client.py", line 227, in get_bucket bucket.reload(client=self) File "/env/local/lib/python3.7/site-packages/google/cloud/storage/_helpers.py", line 130, in reload _target_object=self, File "/env/local/lib/python3.7/site-packages/google/cloud/_http.py", line 315, in api_request target_object=_target_object, File "/env/local/lib/python3.7/site-packages/google/cloud/_http.py", line 192, in _make_request return self._do_request(method, url, headers, data, target_object) File "/env/local/lib/python3.7/site-packages/google/cloud/_http.py", line 221, in _do_request return self.http.request(url=url, method=method, headers=headers, data=data) File "/env/local/lib/python3.7/site-packages/google/auth/transport/requests.py", line 205, in request self._auth_request, method, url, request_headers) File "/env/local/lib/python3.7/site-packages/google/auth/credentials.py", line 122, in before_request self.refresh(request) File "/env/local/lib/python3.7/site-packages/google/auth/compute_engine/credentials.py", line 102, in refresh six.raise_from(new_exc, caught_exc) File "<string>", line 3, in raise_from google.auth.exceptions.RefreshError: ("Failed to retrieve http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token from the Google Compute Enginemetadata service. Status: 500 Response:\nb'Could not fetch URI /computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token\\n'", <google.auth.transport.requests._Response object at 0x2b0ef9edf438>)
google.auth.exceptions.TransportError: ("Failed to retrieve http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token from the Google Compute Enginemetadata service. Status: 500 Response:\nb'Could not fetch URI /computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token\\n'"

Traceback(最近一次调用):文件“/env/local/lib/python3.7/site-packages/google/auth/compute\u-engine/credentials.py”,第99行,在刷新服务账户=self.\u-service\u-account\u-email)文件“/env/local/lib/python3.7/site-packages/google/auth/compute\u-engine/\u-metadata.py”第208行,在get_service_account_token“instance/service accounts/{0}/token.format(service_account))文件“/env/local/lib/python3.7/site packages/google/auth/compute_engine/_metadata.py”中,第140行,在get url、response.status、response.data)、response)google.auth.exceptions.TransportError中:(“检索失败http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token来自Google Compute Enginemetadata服务。状态:500响应:\nb'无法获取URI/computeMetadata/v1/instance/service accounts/my-project@appspot.gserviceaccount.com/令牌\\n',)上述异常是以下异常的直接原因:回溯(最近一次调用):文件“/env/local/lib/python3.7/site packages/google/cloud/functions/worker.py”,第383行,在运行\后台\函数\函数\处理程序中。调用\用户\函数(事件\对象)文件”/env/local/lib/python3.7/site packages/google/cloud/functions/worker.py”,调用用户函数返回调用用户函数(请求或事件)文件“/env/local/lib/python3.7/site packages/google/cloud/functions/worker.py”,调用用户函数事件上下文(**请求或事件上下文))文件“/user\u code/main.py”第214行,第21行,在init_analysis bucket=storage_client.get_bucket(bucket_name)文件“/env/local/lib/python3.7/site packages/google/cloud/storage/client.py”中,第227行,在get_bucket bucket.reload(client=self)文件“/env/local/lib/python3.7/site packages/google/cloud/storage/_helpers.py”中,第130行,在reload_target=self文件中“/env/local/lib/python3.7/site packages/google/cloud/_http.py”,第315行,在api_请求目标对象=_目标对象,文件/env/local/lib/python3.7/site packages/google/cloud/_http.py中,_-do_请求(方法、url、头、数据、目标对象)文件/env/local/lib/python3.7/site-packages/google/cloud/_http.py,第192行,在make请求返回self.//http.py.\u中“,第221行,请求返回self.http.request(url=url,method=method,headers=headers,data=data)文件“/env/local/lib/python3.7/site packages/google/auth/transport/requests.py”,第205行,请求self.\u auth请求,方法,url,请求头)文件“/env/local/lib/python3.7/site packages/google/auth/credentials.py”,第122行,在refresh SIXT.raise from(新建exc,捕获exc)文件“/env/local/lib/python3.7/site packages/google/auth/compute\u engine/credentials.py”的第102行中,在refresh SIXT.raise from(新建exc,捕获exc)文件”的第3行中,在raise\u from google.auth.exceptions.refresh错误:(“检索失败http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token来自Google Compute Enginemetadata服务。状态:500响应:\nb'无法获取URI/computeMetadata/v1/instance/service accounts/my-project@appspot.gserviceaccount.com/令牌\\n',)
google.auth.exceptions.TransportError:(“检索失败http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/my-project@appspot.gserviceaccount.com/token来自Google Compute Enginemetadata服务。状态:500响应:\nb'无法获取URI/computeMetadata/v1/instance/service accounts/my-project@appspot.gserviceaccount.com/令牌\\n''
您收到的错误是因为您的云功能服务帐户不具有
cloudfunctions.serviceAgent
角色。如您在上看到的:

如果更改云功能服务帐户的权限,则从函数内部验证为运行时服务帐户可能会失败

然而,我发现有时候你不能添加这个角色,因为它没有显示为一个选项。我已经向谷歌云功能工程团队报告了这个问题,他们正在努力解决它

但是,您可以使用
gcloud
命令再次添加角色:

gcloud projects add-iam-policy-binding <project_name> --role=roles/cloudfunctions.serviceAgent --member=serviceAccount:service-<project_number>@gcf-admin-robot.iam.gserviceaccount.com

gcloud项目添加iam策略绑定--role=roles/cloudfunctions.serviceAgent--member=serviceCount:service--@gcf-admin-robot.iam.gserviceaccount.com
拥有您的云功能服务帐户(服务项目_NUMBER@gcf-管理员robot.iam.gserviceaccount.com)cloudfunctions.serviceAgent角色?正如您在“此服务帐户”上看到的,您需要此角色。@TasosV我以为编辑器角色涵盖了所有这些。不是吗?我刚刚尝试分配了所有与云函数相关的角色。它抛出了相同的错误:(