gcloud.exceptions.Forbidden:403权限丢失或不足

Question

gcloud.exceptions.Forbidden:403权限丢失或不足

Nav*_*een 6 python django google-cloud-storage google-cloud-datastore google-cloud-platform

我是Google云端平台的新手.我已经设置了Google VM实例.运行命令时,我在Local Machine上遇到身份验证问题:

python manage.py makemigrations

你能否提出一些建议/步骤来解决这个问题？

错误跟踪

  File "/constants.py", line 18, in <module>
    table_data = datastore_fetch(project_id, entity_kind)
  File "/datastore_helper.py", line 23, in datastore_fetch
    results = list(query.fetch())
  File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/query.py", line 463, in __iter__
    self.next_page()
  File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/query.py", line 434, in next_page
    transaction_id=transaction and transaction.id,
  File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 286, in run_query
    _datastore_pb2.RunQueryResponse)
  File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 124, in _rpc
    data=request_pb.SerializeToString())
  File "/venv/local/lib/python2.7/site-packages/gcloud/datastore/connection.py", line 98, in _request
    raise make_exception(headers, error_status.message, use_json=False)
gcloud.exceptions.Forbidden: 403 Missing or insufficient permissions.

Run Code Online (Sandbox Code Playgroud)

其他信息:

gcloud auth list
Credentialed Accounts:
 - user_account@gmail.com ACTIVE
To set the active account, run:
    $ gcloud config set account `ACCOUNT`

gcloud config list
Your active configuration is: [default]

[core]
account = user_account@gmail.com
disable_usage_reporting = True
project = user_project

Run Code Online (Sandbox Code Playgroud)

输入:(独立Python函数)

from gcloud import datastore
client = datastore.Client('user_project')

print(vars(client.connection.credentials))

Run Code Online (Sandbox Code Playgroud)

输出:

{'scopes': set([]), 'revoke_uri': 'https://accounts.google.com/o/oauth2/revoke', 'access_token': None, 'token_uri': 'https://www.googleapis.com/oauth2/v4/token', 'token_info_uri': None, 'token_response': None, 'invalid': False, 'refresh_token': u'1/t-V_pZicXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'client_id': u'3XXXXXXXX9.apps.googleusercontent.com', 'id_token': None, 'client_secret': u'ZXXXXXXXXXXXXXXXXXXX2', 'token_expiry': None, 'store': None, 'user_agent': 'Python client library'}

Run Code Online (Sandbox Code Playgroud)

VM细节

Firewalls
Allow HTTP traffic 
Allow HTTPS traffic

Availability policies
Preemptibility  Off (recommended)

Automatic restart   
On (recommended)

On host maintenance 
Migrate VM instance (recommended)

Custom metadata
None

SSH Keys
Block project-wide SSH keys
None

Service account
service-account@user_project.iam.gserviceaccount.com

Cloud API access scopes
This instance has full API access to all Google Cloud services.

Run Code Online (Sandbox Code Playgroud)

谢谢,

Answer 1

che*_*rba 9

对于应用程序的默认凭据的行为已经改变了在gcloud自128版本.

一个人应该使用

gcloud auth application-default login

Run Code Online (Sandbox Code Playgroud)

代替.

需要注意的是通过改变凭证gcloud auth login或gcloud init或gcloud config set account MY_ACCOUNT将不会影响应用程序的默认凭据,他们分开gcloud凭证管理.

Answer 2

Nav*_*een 3

刚刚运行这两个命令：

 1. gcloud beta auth application-default login
 2. export GOOGLE_APPLICATION_CREDENTIALS='/<path_to_json>/client_secrets.json'

Run Code Online (Sandbox Code Playgroud)

从本地机器开始工作。

很高兴它有效，但你不必设置它。如果您运行“gcloud auth application-default login”，然后取消设置“GOOGLE_APPLICATION_CREDENTIALS”，会发生什么？ (2认同)

归档时间：	9 年，1 月前
查看次数：	5906 次
最近记录：	9 年，1 月前