我的应用程序很小:
import (
"context"
"fmt"
"log"
"google.golang.org/api/compute/v1"
)
func main() {
ctx := context.Background()
computeService, err := compute.NewService(ctx)
urlMapCall := computeService.UrlMaps.List("my-prj")
urlMaps, err := urlMapCall.Do()
if err != nil {
log.Println(err)
return
}
for _, mp := range urlMaps.Items {
fmt.Println(mp.Name)
}
}
我得到错误:
googleapi: Error 403: Required 'compute.urlMaps.list' permission for 'projects/my-prj', forbidden
我设置了环境变量
GOOGLE_APPLICATION_CREDENTIALS=$HOME/.gcp/my-prj-aef233we.json
。此JSON表示的服务帐户具有“项目编辑者”和“计算管理员”角色。当我执行
gcloud compute url-maps list
时,它可以正常工作。我究竟做错了什么?
最佳答案
从GCP中,我还要求启用servceAccountUser角色
roles/ compute.admin Full control of all Compute Engine resources.
If the user will be managing virtual machine instances that are configured to run as a service account, you must also grant the roles/iam.serviceAccountUser role.
关于go - 在Go应用程序中使用默认凭据时出现GCP权限问题,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59125378/